From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1LV2v9-0004PT-Mn
	for qemu-devel@nongnu.org; Thu, 05 Feb 2009 07:01:27 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1LV2v8-0004P0-NF
	for qemu-devel@nongnu.org; Thu, 05 Feb 2009 07:01:27 -0500
Received: from [199.232.76.173] (port=33899 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1LV2v8-0004Or-D6
	for qemu-devel@nongnu.org; Thu, 05 Feb 2009 07:01:26 -0500
Received: from mx1.redhat.com ([66.187.233.31]:34008)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <berrange@redhat.com>) id 1LV2v7-0003Qv-Sj
	for qemu-devel@nongnu.org; Thu, 05 Feb 2009 07:01:26 -0500
Date: Thu, 5 Feb 2009 12:01:18 +0000
From: "Daniel P. Berrange" <berrange@redhat.com>
Subject: Re: [Qemu-devel] [PATCH 1/6] Terminate emulation on memory allocation
	failure
Message-ID: <20090205120115.GJ2759@redhat.com>
References: <1233832126-9046-1-git-send-email-avi@redhat.com>
	<1233832126-9046-2-git-send-email-avi@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1233832126-9046-2-git-send-email-avi@redhat.com>
Reply-To: "Daniel P. Berrange" <berrange@redhat.com>, qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

On Thu, Feb 05, 2009 at 01:08:41PM +0200, Avi Kivity wrote:
> Memory allocation failures are a very rare condition on virtual-memory
> hosts.  They are also very difficult to handle correctly (especially in a
> hardware emulation context).  Because of this, it is better to gracefully
> terminate emulation rather than executing untested or even unwritten recovery
> code paths.
> 
> This patch changes the qemu memory allocation routines to terminate emulation
> if an allocation failure is encountered.
> 
> Signed-off-by: Avi Kivity <avi@redhat.com>
> ---
>  qemu-malloc.c |   16 ++++++++++------
>  1 files changed, 10 insertions(+), 6 deletions(-)
> 
> diff --git a/qemu-malloc.c b/qemu-malloc.c
> index dc74efe..1d00f26 100644
> --- a/qemu-malloc.c
> +++ b/qemu-malloc.c
> @@ -22,6 +22,14 @@
>   * THE SOFTWARE.
>   */
>  #include "qemu-common.h"
> +#include <stdlib.h>
> +
> +static void *oom_check(void *ptr)
> +{
> +    if (ptr == NULL)
> +        exit(13);
> +    return ptr;
> +}

Will all our atexit handlers cope with OOM too? In particular
we don't want them calling qemu_malloc again, or this becomes
re-entrant. If we want to go down this route, then abort() is
probably safer.

Daniel
-- 
|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|