mail archive of the barebox mailing list
 help / color / mirror / Atom feed
From: Sascha Hauer <s.hauer@pengutronix.de>
To: Krzysztof Halasa <khc@pm.waw.pl>
Cc: barebox@lists.infradead.org
Subject: Re: [PATCH 5] Fix error handling with malloc, memalign etc. Memalign() can't fail now.
Date: Tue, 21 Dec 2010 09:58:53 +0100	[thread overview]
Message-ID: <20101221085853.GW6017@pengutronix.de> (raw)
In-Reply-To: <m3vd2ocax2.fsf@intrepid.localdomain>

On Mon, Dec 20, 2010 at 11:54:49PM +0100, Krzysztof Halasa wrote:
> Fix error handling with malloc, memalign etc. Memalign() can't fail now.
> 
> The idea is to panic() when there is no memory available for normal
> operation. Exception: code which can consume arbitrary amount of RAM
> (example: files allocated in ramfs) must report error instead of
> panic().
> 
> This patch also fixes code which didn't check for NULL from malloc()
> etc.
> 
> Usage: malloc() returns NULL when out of RAM.
> xmalloc(), memalign() always return non-NULL or panic().
> 
> Signed-off-by: Krzysztof Hałasa <khc@pm.waw.pl>
> 
> diff --git a/arch/sandbox/os/common.c b/arch/sandbox/os/common.c
> index 287be0d..8409ca8 100644
> --- a/arch/sandbox/os/common.c
> +++ b/arch/sandbox/os/common.c
> @@ -223,10 +223,7 @@ static int add_image(char *str, char *name)
>  	struct stat s;
>  	char *opt;
>  	int fd, ret;
> -	struct hf_platform_data *hf = malloc(sizeof(struct hf_platform_data));
> -
> -	if (!hf)
> -		return -1;
> +	struct hf_platform_data *hf = xmalloc(sizeof(struct hf_platform_data));
>  
>  	file = strtok(str, ",");
>  	while ((opt = strtok(NULL, ","))) {
> @@ -285,11 +282,7 @@ int main(int argc, char *argv[])
>  	char str[6];
>  	int fdno = 0, envno = 0;
>  
> -	ram = malloc(malloc_size);
> -	if (!ram) {
> -		printf("unable to get malloc space\n");
> -		exit(1);
> -	}
> +	ram = xmalloc(malloc_size);
>  	mem_malloc_init(ram, ram + malloc_size);
>  
>  	while (1) {

Don't change these. This is the file which connects barebox to the host
on sandbox. This is not the barebox malloc but the glibc malloc which is
called here.

> --- a/common/dlmalloc.c
> +++ b/common/dlmalloc.c
> @@ -1,9 +1,9 @@
> -
> +#include <common.h>
>  #include <config.h>
>  #include <malloc.h>
>  #include <string.h>
>  #include <mem_malloc.h>
> -
> +#include <xfuncs.h>
>  #include <stdio.h>
>  #include <module.h>
>  
> @@ -1696,12 +1696,12 @@ void *memalign(size_t alignment, size_t bytes)
>  	long remainder_size;	/* its size */
>  
>  	if ((long) bytes < 0)
> -		return NULL;
> +		panic("memalign: requested %i bytes\n", bytes);
>  
>  	/* If need less alignment than we give anyway, just relay to malloc */
>  
>  	if (alignment <= MALLOC_ALIGNMENT)
> -		return malloc(bytes);
> +		return xmalloc(bytes);
>  
>  	/* Otherwise, ensure that it is at least a minimum chunk size */
>  
> @@ -1711,10 +1711,7 @@ void *memalign(size_t alignment, size_t bytes)
>  	/* Call malloc with worst case padding to hit alignment. */
>  
>  	nb = request2size(bytes);
> -	m = (char*)(malloc (nb + alignment + MINSIZE));
> -
> -	if (!m)
> -		return NULL;	/* propagate failure */
> +	m = (char*)(xmalloc(nb + alignment + MINSIZE));
>  
>  	p = mem2chunk(m);
>  

I think we shouldn't touch memalign but introduce a xmemalign function
instead. The x in the name stresses that the return value doesn't have
to be checked. Also it gives the user a chance explicitely call memalign
if he wishes to.

Sascha

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

  reply	other threads:[~2010-12-21  8:58 UTC|newest]

Thread overview: 41+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-12-20 22:30 my IXP4xx-related and other patches Krzysztof Halasa
2010-12-20 22:40 ` [PATCH 1] Delete unused file common/dlmalloc.src Krzysztof Halasa
2010-12-21  9:34   ` Sascha Hauer
2010-12-20 22:42 ` [PATCH 2] Remove unused eth_get_name() prototype Krzysztof Halasa
2010-12-20 22:44 ` [PATCH 3] Flash CFI: removed unused 'size' variable Krzysztof Halasa
2010-12-20 22:45 ` [PATCH 4] Fix help text for "loadb" and "loady" commands Krzysztof Halasa
2010-12-20 22:54 ` [PATCH 5] Fix error handling with malloc, memalign etc. Memalign() can't fail now Krzysztof Halasa
2010-12-21  8:58   ` Sascha Hauer [this message]
2010-12-22  0:58   ` Jean-Christophe PLAGNIOL-VILLARD
2010-12-22 19:00     ` Krzysztof Halasa
2010-12-23 11:25       ` Krzysztof Halasa
2010-12-23 10:36     ` Sascha Hauer
2010-12-20 22:58 ` [PATCH 6] ARM: support big/little endian switching in "bootz" Krzysztof Halasa
2010-12-21  7:41   ` Sascha Hauer
2010-12-22  1:00   ` Jean-Christophe PLAGNIOL-VILLARD
2010-12-22 18:55     ` Krzysztof Halasa
2010-12-23 10:47       ` Sascha Hauer
2010-12-20 23:01 ` [PATCH 7] Fix top-level Makefile to work with GNU make 3.82 Krzysztof Halasa
2010-12-20 23:02 ` [PATCH 8] Cosmetic fixes, including format attributes for printf() and friends Krzysztof Halasa
2010-12-20 23:04 ` [PATCH 9] ARM: support big-endian processors Krzysztof Halasa
2010-12-20 23:06 ` [PATCH 10] ARM: Add support for IXP4xx CPU and for Goramo Multilink router platform Krzysztof Halasa
2010-12-21  7:42   ` Belisko Marek
2010-12-21  9:25     ` Sascha Hauer
2010-12-21  9:30     ` Juergen Beisert
2010-12-21  8:35   ` Sascha Hauer
2010-12-22  0:48     ` Krzysztof Halasa
2010-12-22  0:57   ` Jean-Christophe PLAGNIOL-VILLARD
2010-12-22 12:46     ` Sascha Hauer
2010-12-22 19:36       ` Krzysztof Halasa
2010-12-23  3:26         ` Jean-Christophe PLAGNIOL-VILLARD
2010-12-23 11:42           ` Krzysztof Halasa
2010-12-22 19:13     ` Krzysztof Halasa
2010-12-20 23:08 ` [PATCH 11] Silence few warnings Krzysztof Halasa
2010-12-20 23:10 ` [PATCH 12] Fix NOR CFI flash driver to work on big endian systems Krzysztof Halasa
2010-12-22  1:01   ` Jean-Christophe PLAGNIOL-VILLARD
2010-12-22 12:48     ` Sascha Hauer
2010-12-20 23:14 ` [PATCH 13] Fix usage of __LITTLE_ENDIAN macro Krzysztof Halasa
2010-12-21  9:17 ` my IXP4xx-related and other patches Sascha Hauer
2010-12-22  0:51 ` [PATCH 5a] Fix error handling with malloc, memalign etc. Introduce xmemalign() Krzysztof Halasa
2010-12-22  0:53 ` [PATCH 6a] ARM: support big/little endian switching in "bootz" Krzysztof Halasa
2010-12-22  0:55 ` [PATCH 10a] ARM: Add support for IXP4xx CPU and for Goramo Multilink router platform Krzysztof Halasa

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20101221085853.GW6017@pengutronix.de \
    --to=s.hauer@pengutronix.de \
    --cc=barebox@lists.infradead.org \
    --cc=khc@pm.waw.pl \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox