On Thu, Oct 30, 2025 at 02:45:07PM +0000, Peter Maydell wrote: > docs/devel/style.rst has some notes on malloc choices, including this: > > # Care should be taken to avoid introducing places where the guest could > # trigger an exit by causing a large allocation. For small allocations, > # of the order of 4k, a failure to allocate is likely indicative of an > # overloaded host and allowing ``g_malloc`` to ``exit`` is a reasonable > # approach. However for larger allocations where we could realistically > # fall-back to a smaller one if need be we should use functions like > # ``g_try_new`` and check the result. For example this is valid approach > # for a time/space trade-off like ``tlb_mmu_resize_locked`` in the > # SoftMMU TLB code. Hi Peter,
Thanks for clearing it up. > > Since we're trying to allocate 32MB at once and this is during > the guest run rather than at startup, this is probably a reasonable > place to use g_try_malloc(). > > There are other places in this code that use LOG_GUEST_ERROR > for things that aren't exactly guest errors, so my suggestion > is that we take this patch as-is to fix the logic error. > We can consider whether we want to try to improve the error > reporting of this group of functions as a separate patch. Sure. ~Shivang.
