On Mon, Dec 20, 2010 at 11:54:49PM +0100, Krzysztof Halasa wrote: > Fix error handling with malloc, memalign etc. Memalign() can't fail now. > > The idea is to panic() when there is no memory available for normal > operation. Exception: code which can consume arbitrary amount of RAM > (example: files allocated in ramfs) must report error instead of > panic(). > > This patch also fixes code which didn't check for NULL from malloc() > etc. > > Usage: malloc() returns NULL when out of RAM. > xmalloc(), memalign() always return non-NULL or panic(). > > Signed-off-by: Krzysztof HaÅasa <khc@xxxxxxxxx> > > diff --git a/arch/sandbox/os/common.c b/arch/sandbox/os/common.c > index 287be0d..8409ca8 100644 > --- a/arch/sandbox/os/common.c > +++ b/arch/sandbox/os/common.c > @@ -223,10 +223,7 @@ static int add_image(char *str, char *name) > struct stat s; > char *opt; > int fd, ret; > - struct hf_platform_data *hf = malloc(sizeof(struct hf_platform_data)); > - > - if (!hf) > - return -1; > + struct hf_platform_data *hf = xmalloc(sizeof(struct hf_platform_data)); > > file = strtok(str, ","); > while ((opt = strtok(NULL, ","))) { > @@ -285,11 +282,7 @@ int main(int argc, char *argv[]) > char str[6]; > int fdno = 0, envno = 0; > > - ram = malloc(malloc_size); > - if (!ram) { > - printf("unable to get malloc space\n"); > - exit(1); > - } > + ram = xmalloc(malloc_size); > mem_malloc_init(ram, ram + malloc_size); > > while (1) { Don't change these. This is the file which connects barebox to the host on sandbox. This is not the barebox malloc but the glibc malloc which is called here. > --- a/common/dlmalloc.c > +++ b/common/dlmalloc.c > @@ -1,9 +1,9 @@ > - > +#include <common.h> > #include <config.h> > #include <malloc.h> > #include <string.h> > #include <mem_malloc.h> > - > +#include <xfuncs.h> > #include <stdio.h> > #include <module.h> > > @@ -1696,12 +1696,12 @@ void *memalign(size_t alignment, size_t bytes) > long remainder_size; /* its size */ > > if ((long) bytes < 0) > - return NULL; > + panic("memalign: requested %i bytes\n", bytes); > > /* If need less alignment than we give anyway, just relay to malloc */ > > if (alignment <= MALLOC_ALIGNMENT) > - return malloc(bytes); > + return xmalloc(bytes); > > /* Otherwise, ensure that it is at least a minimum chunk size */ > > @@ -1711,10 +1711,7 @@ void *memalign(size_t alignment, size_t bytes) > /* Call malloc with worst case padding to hit alignment. */ > > nb = request2size(bytes); > - m = (char*)(malloc (nb + alignment + MINSIZE)); > - > - if (!m) > - return NULL; /* propagate failure */ > + m = (char*)(xmalloc(nb + alignment + MINSIZE)); > > p = mem2chunk(m); > I think we shouldn't touch memalign but introduce a xmemalign function instead. The x in the name stresses that the return value doesn't have to be checked. Also it gives the user a chance explicitely call memalign if he wishes to. Sascha -- Pengutronix e.K. | | Industrial Linux Solutions | http://www.pengutronix.de/ | Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | _______________________________________________ barebox mailing list barebox@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/barebox