From owner-cvs-all  Mon Jan 29 18:26:25 2001
Delivered-To: cvs-all@freebsd.org
Received: from relay.butya.kz (butya-gw.butya.kz [212.154.129.94])
	by hub.freebsd.org (Postfix) with ESMTP
	id 67D4D37B400; Mon, 29 Jan 2001 18:26:04 -0800 (PST)
Received: by relay.butya.kz (Postfix, from userid 1000)
	id 00AAE286FB; Tue, 30 Jan 2001 08:25:53 +0600 (ALMT)
Received: from localhost (localhost [127.0.0.1])
	by relay.butya.kz (Postfix) with ESMTP
	id E7B5728679; Tue, 30 Jan 2001 08:25:53 +0600 (ALMT)
Date: Tue, 30 Jan 2001 08:25:53 +0600 (ALMT)
From: Boris Popov <bp@freebsd.org>
X-Sender: bp@lion.butya.kz
To: Bosko Milekic <bmilekic@technokratis.com>
Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/sys/kern kern_malloc.c src/sys/sys malloc.h
In-Reply-To: <00ff01c08a2a$f4d98710$1f90c918@jehovah>
Message-ID: <Pine.BSF.4.21.0101300813090.46219-100000@lion.butya.kz>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Mon, 29 Jan 2001, Bosko Milekic wrote:

> >   Add M_PANIC flag to the list of available flags passed to
> malloc().
> >   With this flag set malloc() will panic if memory allocation
> failed.
> >   This usable only in critical places where failed allocation is
> fatal.
> 
> Why is this change necessary? Rather, how is this change correct? I'd
> rather not introduce this sort of thing into the actual interface,
> unless it's realistically necessary, as I can see how this may
> encourage some people writing drivers (or an equivalent) to decide
> that they ought to panic the machine if they can't allocate. I'd
> rather see this dealt with, where absolutely necessary, by calling
> malloc() with M_NOWAIT and checking the return value and then calling
> panic explicitly if it is NULL.

	As commit message states, this flag should be used only as a last
resort and only in really critical places where it is impossible to
continue if memory allocation failed. In my case it saved a lots of 'if
(blah == NULL) panic()' in the specific subsystem (in the terms of saved
bytes in the code segment, not extra lines in the source file). This is
completely safe in this case because kernel will be completely broken if
one of malloc()s failed.

--
Boris Popov
http://www.butya.kz/~bp/



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message