Date: Fri, 25 Jul 2003 02:13:31 +0930 From: Malcolm Kay <malcolm.kay@internode.on.net> To: freebsd-stable@freebsd.org, Gabor <gabor@vmunix.com>, Doug White <dwhite@gumbysoft.com> Cc: freebsd-stable@freebsd.org Subject: Re: malloc does not return null when out of memory Message-ID: <200307250213.31956.malcolm.kay@internode.on.net> In-Reply-To: <20030724134104.GA83799@vmunix.com> References: <20030723173427.GA72876@vmunix.com> <20030723140329.C92624@carver.gumbysoft.com> <20030724134104.GA83799@vmunix.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 24 Jul 2003 23:11, Gabor wrote: > On Wed, Jul 23, 2003 at 02:09:00PM -0700, Doug White wrote: > # On Wed, 23 Jul 2003, Gabor wrote: > # > # > We have a little soekris box running freebsd that uses racoon for k= ey > # > management. It's used for setting up an ipsec tunnel. I noticed t= hat > # > one of these devices lost the tunnel this morning. I looked in the > # > log and saw this > # > > # > Jul 23 01:37:57 m0n0wall /kernel: pid 80 (racoon), uid 0, was kille= d: > out of swap space # > # [...] > # > # > Here is the tail end of the output. It dies when trying to poke at > # > the memory using memset. If I just malloc without the memset, it > # > never even dies. > # > # That's normal. If you malloc() memory and never touch it then it is n= ever > # actually allocated. > > It's not normal. If malloc cannot allocate memory it should return a > null pointer. How would my application know there is no more memory? > Dying is not a very good behavior. The C standard and even the man > page says that malloc will return null when there is no more memory to > be had by the process. While this might be a desirable state of affairs I can't find any stateme= nt=20 in the (draft) standard or the man page that malloc returns null when the= re is=20 no more memory (whatever that might mean) . The (draft) standard says it=20 either returns a pointer to allocated memory or null, without any reason=20 given for the different behaviours. The man page merely says null if the=20 call fails without reference to why. Malcolm Kay
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200307250213.31956.malcolm.kay>