From owner-freebsd-stable@FreeBSD.ORG Thu Jul 24 10:27:50 2003 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 11B3337B401 for ; Thu, 24 Jul 2003 10:27:50 -0700 (PDT) Received: from smtpproxy1.mitre.org (smtpproxy1.mitre.org [192.160.51.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id 16E3143F3F for ; Thu, 24 Jul 2003 10:27:49 -0700 (PDT) (envelope-from jandrese@mitre.org) Received: from avsrv1.mitre.org (avsrv1.mitre.org [129.83.20.58]) by smtpproxy1.mitre.org (8.12.9/8.12.8) with ESMTP id h6OHRlEx015836 for ; Thu, 24 Jul 2003 13:27:47 -0400 (EDT) Received: from MAILHUB2 (mailhub2.mitre.org [129.83.221.18]) by smtpsrv1.mitre.org (8.12.9/8.12.8) with ESMTP id h6OHRho1016367 for ; Thu, 24 Jul 2003 13:27:45 -0400 (EDT) Received: from mm112324-2k.mitre.org (128.29.3.33) by mailhub2.mitre.org with SMTP id 3292114; Thu, 24 Jul 2003 13:27:39 -0400 Message-ID: <3F20170A.8080408@mitre.org> Date: Thu, 24 Jul 2003 13:27:38 -0400 From: Jason Andresen User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030612 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-stable@freebsd.org References: <20030723173427.GA72876@vmunix.com> <20030723173427.GA72876@vmunix.com> <5.2.0.9.0.20030723234250.052821e8@192.168.0.12> <20030724070936.GA16762@rot13.obsecurity.org> <3F1FF81F.5050701@mac.com> <20030724164522.GA39964@pit.databus.com> In-Reply-To: <20030724164522.GA39964@pit.databus.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: malloc does not return null when out of memory X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Jul 2003 17:27:50 -0000 Barney Wolff wrote: > On Thu, Jul 24, 2003 at 11:15:43AM -0400, Chuck Swiger wrote: > >>+/* write a single byte per page to disable overcommit behavior */ >>+static int malloc_overcommit; > > > Won't this merely die in malloc, not return 0? > I don't think that's the behavior the original poster was looking for. > The wanted behavior would be fairly expensive to achieve, especially > on an smp machine. The upshot seem to be that it is impossible to write a program that handles out-of-memory errors gracefully with this scheme. Even if you check all of your return values and configure exit paths for failed mallocs, your program is still going to crash and die in a random location without warning when memory fills up. -- \ |_ _|__ __|_ \ __| Jason Andresen jandrese@mitre.org |\/ | | | / _| Network and Distributed Systems Engineer _| _|___| _| _|_\___| Office: 703-883-7755