Checking xmalloc's return status in c-pragma.c
David Starner
dvdeug@x8b4e53cd.dhcp.okstate.edu
Sun Oct 31 23:33:00 GMT 1999
On Wed, Oct 27, 1999 at 03:01:10PM +0100, Nick Clifton wrote:
> Hi David,
>
> : 1999-10-26 David Starner <dstarner98@aasaa.ofe.org>
> :
> : * c-pragma.c (push_alignment): Don't check the return value
> : of xmalloc.
>
> : push_alignment in c-pragma.c checks xmalloc's return status to
> : see if there was enough memory to allocate something. Unfortunetly,
> : if I'm not mistaken, xmalloc doesn't return if there wasn't enough
> : memory.
>
> Whilst this is true, I do not really see the benefit in deleting this
> code.
Okay. Wasn't a big thing.
> The check is not going to take a lot of resources to compute,
> and it is a good example of paranoid programming. Just because
> xmalloc() currently will not return NULL, this does not mean that in
> the future it may be re-implemented so that it can return NULL,
But part of the post-condition on xmalloc is that it aborts if out
of memory. Changing that would break thousands of lines of code.
> or
> maybe a bug might be introduced that causes it to return NULL.
>
> The check does not harm, does not slow down the compiler and might
> catch future bugs. I would say leave the check in.
But it wouldn't find the bug - it would just plaster over the bug.
Instead of getting a segmentation fault, as push_alignment tried to
reference a NULL, it would get a warning (which should be an ICE), and
most likely a segmentation fault as some other part of the compiler ran
over the bug.
> Cheers
> Nicki
--
David Starner - dstarner98@aasaa.ofe.org
More information about the Gcc-patches
mailing list