Menu
▾
▴
Re: [coLinux-devel] colinux/os/winnt/user/poll.c
|
From: Dan A. <da...@gm...> - 2004-02-07 08:22:31
|
On Sat, Feb 07, 2004 at 09:02:38AM +0200, Nir Perry wrote: > Hi y'all, > > Just a small comment - not really coLinux related, but it is a general > fault-tolerance issue: > > When using function calls that can fail (assuming co_os_malloc(), like > malloc(), can run out of memory), > one should always handle the failures. > Of course, just returning an error here would not be enough - the higher > levels must handle it too. > > Before you shoot me, yes - I know such code appears in SO MANY places, > and in so many projects, but that doesn't mean we want more... > > Some people tend to say - "So what? if malloc() fails, I don't care, > because nothing can work after it. Just buy more memory". But > fault-tolerance is important to software. Especially to OS kernels. Yes, I agree. The general solution is to allow the program (or module / branch of execution) to exit *cleanly* in an out-of-memory situations, keeping the problem as local as possible. -- Dan Aloni da...@gm... |
