On 02/13/2012 08:04 AM, Markus Armbruster wrote:
Stefan Weil<s...@weilnetz.de> writes:
Am 10.02.2012 16:13, schrieb Zhi Yong Wu:
On Fri, Feb 10, 2012 at 10:41 PM, Daniel P. Berrange
<berra...@redhat.com> wrote:
On Fri, Feb 10, 2012 at 10:34:13PM +0800, Zhi Yong Wu wrote:
From: Zhi Yong Wu<wu...@linux.vnet.ibm.com>
Signed-off-by: Zhi Yong Wu<wu...@linux.vnet.ibm.com>
---
oslib-posix.c | 4 ++--
oslib-win32.c | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/oslib-posix.c b/oslib-posix.c
index b6a3c7f..f978d56 100644
--- a/oslib-posix.c
+++ b/oslib-posix.c
@@ -80,7 +80,7 @@ void *qemu_oom_check(void *ptr)
{
if (ptr == NULL) {
fprintf(stderr, "Failed to allocate memory: %s\n",
strerror(errno));
- abort();
+ exit(EXIT_FAILURE);
exit() will call any atexit()/on_exit() handlers, as well as trying
to flush I/O streams. Any of these actions may require further
memory allocations, which will likely fail, or worse cause this
code to re-enter itself if an atexit() handler calls qemu_malloc
Nice, very reasonable.
The only option other than abort(), is to use _Exit() which
doesn't try to run cleanup handlers.
I will try to send out v2
Could you please explain why calling exit, _Exit or _exit is more
reasonable than calling abort?
abort can create core dumps or start a debugger which is
useful for me and maybe other developers, too.
I consider abort() on OOM somewhat eccentric. abort() is for
programming errors. Resource shortage is an environmental error that is
sometimes (but not always) caused by a programming error.
I'd rather inconvenience programmers (by making it a little bit harder
to debug programming errors that cause OOM) than confuse users with
inappropriate scary "crashes".
OOM is a going to 99% of the time be a bug in QEMU.
For the rare exceptions (like a bad -m argument), we should handle those as
special cases.
Regards,
Anthony Liguori
