On Wed, 2016-05-04 at 21:41 +0100, Arnt Gulbrandsen wrote: > Malloc() is very simple: You ask for memory and get it. The negative > side > of that simplicity is that if you're out of memory (and that happens > occasionally if a server is run close to capacity) then processes die > and/or become unresponsive. Such is the tyranny of the Poisson > distribution.
Not a problem at all. An API is a contract, violate it at your peril. The malloc() call's contract is you request memory with the understanding that "no" is a legal answer. If you fail to account for that possibility (tactics like preallocation) you either made a mistake or worse, failed to understand the nature of the deal. On the other hand, a tactic of simply allowing the process that hits the memory limit to die, thus freeing up some memory, might be the winning move. If you can't accept that, program in a language which deals with those sort of low level details for you and accept the solution it chooses when a request for memory fails. C isn't for everyone and isn't the best answer to every problem. After all, wrapping malloc in a simple test for NULL and exit beats just assuming any malloc will succeed.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
