David Leimbach wrote:
On 6/9/06, Ronald G Minnich <[email protected]> wrote:
Latchesar Ionkov wrote:
> Another example is using emalloc in libraries. I agree that it is much
> simpler to just give up when there is not enough memory (which is also
> not very likely case), but is that how the code is supposed to be
> written if you are not doing research?
yes, that is a problem with a lot of code. "Just bail on first error" --
we've had to stop using emalloc here because that is very unrealistic
for production support.
ron
Well I wonder what people typically do when they can't malloc anymore
memory but need more... A reasonable thing to do is to die I'd think.
example.
xcpu server is running a couple hundred processes for testing. It is
asked to do one more. It can't allocate something.
Just dying at that point is really a bad idea, and we did find that some
of the libraries we were using would in fact do that, without coming
back to xcpu server main code with an error. That's not good behaviour
for xcpu server. It should gracefully return 'no more room' and keep
managing things; in some few cases, the library did not give us that
option.
There are lots of cases like this, many of them in the kernel even;
would we want the kernel to just toss chunks at these times?
I agree -- sometimes, death is the only option. But not always.
ron
