On Sat, Jan 4, 2014 at 5:51 PM, john skaller <skal...@users.sourceforge.net> wrote: > > On 05/01/2014, at 12:25 PM, James Dennett wrote: > >>> Also don't forget C does NOT allow malloc() to return demand >>> paged memory. Malloc has to return actual memory. >> >> On Mac/Linux/Windows, malloc won't return committed memory. You can >> malloc much more memory than your system has. (You can turn off >> overcommit at the OS level on Linux, but if you want actual memory >> when you call malloc then you'll need to touch each page of it.) >> >> I wonder why you think C doesn't allow that. All bets are off if you >> exceed "resource limits" anyway. > > > Because the issue came up during the certification of a C compiler > on HP/UX I think and the ISO committee was approached for a clarification. > Which was as I reported. > > If malloc returns a non-NULL pointer, a subsequent memory fault > is not permitted. If such a fault occurs the compiler is not conforming. > In other words, if you run out of memory, malloc() has to return NULL > and the program can check. > > So out of heap memory error is not allowed in C. Stack overflow is, > of course. > > Naturally, the OS can delay allocation of physical memory pages > until they're needed, but overcommitment is not allowed.
Allowed or not, it's normal. (If you just want a fun language lawyering debate, I'm fine with that. Let's not confuse it with practicality though.) > If you think about it, this is the ONLY possible way given the > set of functions available in C. There's no function to allocate > address space and populate it later. If there were, the populating > function could return an error code. Without such a function, > any error code has to be returned by malloc. If the error is > delayed any C program doing a heap allocation at ANY time > could be allowed to fail at ANY time. There are no words in > the C standard allowing memory to evaporate unless it is > written to. Back in reality, though, implementations for desktop/server platforms generally don't do that; they do overcommit (though on Linux at least you can turn that off). Programs can and do fail because of this, with actual C implementations. Declaring that all such implementations are non-conforming seems rather a waste of time, given that the behavior they have is what almost all users want. Most desktop/server software is written for a world in which the process can be terminated by the OS at any time. C++ explicitly says that a conforming implementation is only required to execute code "within its resource limits". The implementation can define resource limits as it wishes, and they can change over time. ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk _______________________________________________ Felix-language mailing list Felix-language@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/felix-language
