Comment by lionkor

Comment by lionkor 2 days ago

7 replies

View on Hacker News

Very odd that an article trying to teach memory management would miss this, this should be common knowledge to anyone who used realloc, just like checking the return of any allocation call.

bluetomcat 2 days ago

They treat an OOM situation as exceptional and immediately call abort() in case any allocation function returns NULL. The specification of these functions allows you to handle OOM situations gracefully.

Reply View 2 replies
  • josephg 2 days ago

    > The specification of these functions allows you to handle OOM situations gracefully.

    In theory, sure. But vanishingly little software actually deals with OOM gracefully. What do you do? Almost any interaction with the user may result in more memory allocations in turn - which presumably may also fail. It’s hard to even test OOM on modern systems because of OS disk page caching.

    Honestly, panicking on OOM is a totally reasonable default for most modern application software. In languages like rust, this behaviour is baked in.

    Reply View 1 reply
    • tptacek 2 days ago

      I agree. The fact that Rust and Go will panic by default in this situation is pretty close to dispositive on what the right thing to do in (most) C code is.

      Reply View 0 replies
PhilipRoman 2 days ago

>checking the return of any allocation call

I would say this is pointless on many modern systems unless you also disable overcommit, since otherwise any memory access can result in a crash, which is impossible to check for explicitly.

Reply View 3 replies
  • lionkor a day ago

    Most code correctness is pointless until it isn't, yes

    Reply View 0 replies
  • kevin_thibedeau 2 days ago

    abort() isn't an option on all modern systems.

    Reply View 1 reply
    • josephg 2 days ago

      It’s an option on most systems.

      Maybe not in embedded work - but in that case you might want to preallocate memory anyway.

      Reply View 0 replies