[asterisk-dev] policy change for correct handling of fatal program conditions

Paul Hewlett paul at gccs.co.za
Tue Jan 23 01:12:34 MST 2007


On Tuesday 23 January 2007 00:10, SF Markus Elfring wrote:
> Hello,
>
> The bug report "add checks for calloc calls"
> (http://bugs.digium.com/view.php?id=8295) results in a opportunity to
> think again about the used approaches for error handling. Your current
> policy seems to be wrong.

Hi all

   Has anyone considered the fact that malloc() never actually fails i.e. 
memory starvation does not cause malloc() to return error. It always returns 
true - when you actually access the memory one will get a SIGBUS (I think) 
and the program will die.

  This behaviour (called overcommit) is to make the UNIX fork/exec model 
efficient. For this reason one should use calloc() because at least then the 
failure will occur close to the allocation call in the code.

  You can turn this behaviour off by using sysctl but only systemwide which 
may make your whole system inefficient.

  There have been many discussions about this quirk of malloc. The man page 
even describes it as a bug ...

Paul
-- 
Paul Hewlett  Technical Director 
Global Call Center Solutions Ltd, 2nd Floor, Milnerton Mall
Cnr Loxton & Koeberg Roads, 7435 Milnerton
paul at gccs.co.za  www.gccs.co.za
Tel: +27 86 111 3433 Fax: +27 86 111 3520 Cel: +27 76 072 7906
Gizmo: 1 747 659 6171



More information about the asterisk-dev mailing list