[Libvir] RFC: safer memory allocation APIs with compile time checking
Richard W.M. Jones
rjones at redhat.com
Mon Apr 28 12:38:12 UTC 2008
On Mon, Apr 28, 2008 at 03:39:41AM -0400, Daniel Veillard wrote:
> Calling abort() in a library is a major NO-NO and one of the reasons
> I avoided glib in most of the code I developped. You just can't exit()/abort()
> from a library.
That depends ... If you can override the abort() function with an
error handler, then I'd say it is OK.
Remember that only about 1 in 10 memory allocations in a program use
malloc. The other 9 use the stack, and effectively call 'abort()' if
they fail with no opportunity to override.
(For me, of course, all this just points to the desperate need to use
proper programming languages for writing critical software .. In 2008
we shouldn't even be having a discussion about memory management, in
the same way we don't discuss laying out the blocks on the hard disk
any more)
Rich.
--
Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones
virt-top is 'top' for virtual machines. Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://et.redhat.com/~rjones/virt-top
More information about the libvir-list
mailing list