Denys Vlasenko vda.linux at googlemail.com
Tue Feb 12 13:34:38 UTC 2008

On Tuesday 12 February 2008 13:17, Bernd Schmidt wrote:
> The __uc_malloc patch was a bit sloppy about the libc_hidden_proto
> conventions in uClibc; as a result, more relocations than necessary are
> generated for libc.so.  The patch below fixes that.
> Before I apply this, I wanted to start a discussion about whether
> __uc_malloc is a good idea at all.  Space savings are all well and good,
> but these come at a cost in reliability.

There is no cost in reliability.

Face it: if you have no free memory - you have no free memory.
Just allocating a big static object (like des.c was doing)
cannot magically guarantee that you will have this memory.
It just shifts failure to some other place - program might fail to load,
or hit malloc failure earlier in other plase, because des.c ate 70k.

Anyone who codes in C a lot usually gets a habitual "feeling"
that this is safe:

char buf[10000];

this is safe too:

void f() {
    char buf[10000];

and this is not:

void g() {
    char *buf = malloc(10000);  /* might fail */

but think about it again: first two cases cannot be 100.00% safe too -
otherwise it would mean that your system can "produce" arbitrary amounts
of free memory! This is not true! _All_ these things require memory,
they just fail differently!

First one: failure to load on NOMMU, death via swap storm on MMU
Second: stack overflow
Third: depends on how program author coded NULL check.

> A number of libc functions can 
> now call exit, even though this is not documented and not expected by
> any programs that call them.

This is not exactly true. They can exit *if* program author did not
install alternative handler for __uc_malloc failure.

Clever handler can e.g. exit gracefully, or free some kind of "emergency pool",
show message box "Low on memory" and let user close GUI app cleanly.

> Personally, I think all the __uc_malloc patches should be reverted.

Hope my explanation of __uc_malloc chaged your mind.

Also, the patch below *definitely* is an improvement, right?

--- /trunk/uClibc/libc/misc/ttyent/getttyent.c	2007/07/30 16:55:05	19346
+++ trunk/uClibc/libc/misc/ttyent/getttyent.c	2007/07/30 17:02:06	19347
@@ -34,6 +34,7 @@
 #include <ctype.h>
 #include <string.h>
 #include <stdlib.h>
+#include <malloc.h>
 #include <pthread.h>
@@ -132,9 +133,7 @@
 	return (NULL);
     if (!line) {
-            line = malloc(BUFSIZ);
-		if (!line)
-		    abort();
+            line = __uc_malloc(BUFSIZ);


More information about the uClibc mailing list