From owner-freebsd-stable@FreeBSD.ORG Thu Jul 24 09:43:39 2003 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0779237B401 for ; Thu, 24 Jul 2003 09:43:39 -0700 (PDT) Received: from smtp2.adl2.internode.on.net (smtp2.adl2.internode.on.net [203.16.214.182]) by mx1.FreeBSD.org (Postfix) with ESMTP id A797343FDF for ; Thu, 24 Jul 2003 09:43:37 -0700 (PDT) (envelope-from malcolm.kay@internode.on.net) Received: from smtp2.adl2.internode.on.net (localhost [127.0.0.1]) h6OGhYO4093509 for ; Fri, 25 Jul 2003 02:13:35 +0930 (CST) Received: (from mailnull@localhost)h6OGhYGN093505 for ; Fri, 25 Jul 2003 02:13:34 +0930 (CST) X-Authentication-Warning: smtp2.adl2.internode.on.net: mailnull set sender to using -f Received: from beta.home (ppp1874.sa.padsl.internode.on.net [150.101.26.81]) h6OGhWO4093489; Fri, 25 Jul 2003 02:13:34 +0930 Content-Type: text/plain; charset="iso-8859-1" From: Malcolm Kay Organization: At home To: freebsd-stable@freebsd.org, Gabor , Doug White Date: Fri, 25 Jul 2003 02:13:31 +0930 User-Agent: KMail/1.4.3 References: <20030723173427.GA72876@vmunix.com> <20030723140329.C92624@carver.gumbysoft.com> <20030724134104.GA83799@vmunix.com> In-Reply-To: <20030724134104.GA83799@vmunix.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-Id: <200307250213.31956.malcolm.kay@internode.on.net> X-Proc-As: freebsd-stable X-Scanned-By: MIMEDefang 2.33 (www . roaringpenguin . com / mimedefang) cc: freebsd-stable@freebsd.org Subject: Re: malloc does not return null when out of memory X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Jul 2003 16:43:39 -0000 On Thu, 24 Jul 2003 23:11, Gabor wrote: > On Wed, Jul 23, 2003 at 02:09:00PM -0700, Doug White wrote: > # On Wed, 23 Jul 2003, Gabor wrote: > # > # > We have a little soekris box running freebsd that uses racoon for k= ey > # > management. It's used for setting up an ipsec tunnel. I noticed t= hat > # > one of these devices lost the tunnel this morning. I looked in the > # > log and saw this > # > > # > Jul 23 01:37:57 m0n0wall /kernel: pid 80 (racoon), uid 0, was kille= d: > out of swap space # > # [...] > # > # > Here is the tail end of the output. It dies when trying to poke at > # > the memory using memset. If I just malloc without the memset, it > # > never even dies. > # > # That's normal. If you malloc() memory and never touch it then it is n= ever > # actually allocated. > > It's not normal. If malloc cannot allocate memory it should return a > null pointer. How would my application know there is no more memory? > Dying is not a very good behavior. The C standard and even the man > page says that malloc will return null when there is no more memory to > be had by the process. While this might be a desirable state of affairs I can't find any stateme= nt=20 in the (draft) standard or the man page that malloc returns null when the= re is=20 no more memory (whatever that might mean) . The (draft) standard says it=20 either returns a pointer to allocated memory or null, without any reason=20 given for the different behaviours. The man page merely says null if the=20 call fails without reference to why. Malcolm Kay