[U-Boot] New discussion proposal for u-boot summit: "switch malloc to succeed or die model, as glib does"
Hans de Goede
hdegoede at redhat.com
Sun Oct 12 10:42:28 CEST 2014
Hi All,
Sorry for the poor timing in bringing this up, but this just
came up when discussing the review of some sunxi patches.
Ian asked me to add error handling for mmc_create failing,
which, if used properly, only ever fails if calloc fails.
This made me thinking that we should switch u-boot to the
glib memory alloc failure handling model, which is put a
die() / abort() inside the low level malloc routines when
they fail.
The reasoning is that if malloc fails, you're typically looking
at a fatal error anyways, and this will allow removing error
handling from a lot of higher level users, reducing code, and
removing a lot of code paths which are in essence unused and
as such also very much untested.
I guess there may be some special cases where we don't want
the malloc_or_die behavior I'm advocating for, for those
we could introduce a malloc_unchecked function.
Detlev any chance you could squeeze this into the schedule
somewhere?
Regards,
Hans
More information about the U-Boot
mailing list