Hi Simon, On 10 January 2018 at 17:47, Simon McVittie <s...@collabora.com> wrote: > On Wed, 10 Jan 2018 at 11:03:03 -0600, Derek Foreman wrote: >> I suspect 100% of the software I work on on a daily basis will explode in >> completely unpredictable and undiagnosable ways in response to a malloc() >> failure anyway > > Does anyone test these code paths in Wayland? If so, how? (Genuine > questions, I'm interested in the answers.)
It might as well have been rhetorical though, since the answer is: no, not at all. Especially not with overcommit. > I ask because the original authors of libdbus wrote it thinking that > they had handled OOM conditions, at significant complexity cost, > then later added infrastructure to simulate malloc() failures during > automated testing and discovered that a significant fraction of them > were mishandled (Havoc estimates "at least 5%" in [1]). Next month that > test infrastructure will be 15 years old, and I'm *still* semi-regularly > finding bugs in pre-existing code where malloc() failures are mishandled. I would agree with this. I've got a lot of trouble imagining the exact scenario where malloc fails for our new zombie object during destruction and then succeeds for the wl_closure allocation when we next demarshal a message. I'd be inclined to keep this patch as-is. Cheers, Daniel _______________________________________________ wayland-devel mailing list wayland-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/wayland-devel
