[U-Boot] Bombs away! Was: [PATCH 02/10] net: rtl8139: Add initialized eth_device structure

Wolfgang Denk wd at denx.de
Thu Oct 14 10:29:51 CEST 2010


Dear Reinhard Meyer,

In message <4CB6A3D3.1020506 at emk-elektronik.de> you wrote:
>
> >   		dev = (struct eth_device *)malloc(sizeof *dev);
> > +		memset(dev, 0, sizeof(*dev));
> >
> >   		sprintf (dev->name, "RTL8139#%d", card_number);
> 
> Apparently its quite common NOT to check malloc()'s possible
> NULL return value... At least most NET drivers don't seem to...
> 
> Maybe another RFC to avoid duplicating code:
> 
> malloc_cleared_panic() to allocate and clear memory for a
> really required structure and put a proper panic message if that
> fails. Assuming that continuing u-boot once a driver cannot even
> be initialized is futile, that would save even more code in each
> driver.

Don't invent the wheel. If you really want to take that route, then
copy existing solutions from other projects. Some of them use
xmalloc() for this purpose; see for example BusyBox:
http://git.busybox.net/busybox/tree/libbb/xfuncs_printf.c
lines 44...51

But note that panicing is NOT always the best thing to do. This
shouldbe reserved for really unrecoverable cases only.

Even if you cannot allocate a struct that is essential for your
network driver, then all that is not working is this network driver,
so this is NOT a reason to panic U-Boot. If someone cuts the network
cable or pulls the plug the end effect is the same, and you don;t want
U-Boot to panic because of htat, or do you?

Error handling is important, and needs to be done in a sensible way.

Best regards,

Wolfgang Denk

-- 
DENX Software Engineering GmbH,     MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
In the beginning, there was nothing, which exploded.
                                - Terry Pratchett, _Lords and Ladies_


More information about the U-Boot mailing list