[SystemSafety] When malloc() Never Returns NULL

Derek M Jones derek at knosof.co.uk
Thu May 11 20:57:19 CEST 2023 

David,

> How is it relevant to System Safety (topic of this list)? This paper is interesting but as far as I know, safety critical programs are not executed on generic OS mentioned by this paper but real-time OS or bare metal. Moreover, such programs 

The divide-by zero error on the USS Yorktown springs to mind
https://medium.com/dataseries/when-smart-ships-divide-by-zer0-uss-yorktown-4e53837f75b2

> would never do dynamic memory allocation or only at program startup. In my view, the recommendations of this paper (in particular using x family functions that assume allocation always succeed or terminate the application) are not valid in safety critical context: the handling of memory allocation failure should be considered and handled properly.

I continue to be surprised by the complexity of hardware/software
being used in safety related applications.

Every now and again something considered as not safety critical fails,
and an unnoticed dependency suddenly appears.

I know of (not used in safety critical, as far as I know) programs that
handle malloc returning NULL by sensibly closing things down.  The
idea that malloc failing might result in the cleanup never occurring,
because the process is killed by the OS, is something relatively new.

> 
> Best regards,
> David Mentré
> 
>> Le 11 mai 2023 à 12:58, Derek M Jones <derek at knosof.co.uk> a écrit :
>>
>> All,
>>
>> Coding guidelines have been telling developers to
>> check the return value of malloc forever.
>>
>> It certainly used to make a difference, but it looks
>> as if out-of-memory is becoming a thing of the past,
>> at least on the desktop.
>>
>> "When malloc() Never Returns NULL -- Reliability as an Illusion"
>> https://arxiv.org/abs/2208.08484
>>
>> -- 
>> Derek M. Jones           Evidence-based software engineering
>> blog:https://shape-of-code.com
>> _______________________________________________
>> The System Safety Mailing List
>> systemsafety at TechFak.Uni-Bielefeld.DE
>> Manage your subscription: https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
> Manage your subscription: https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety

-- 
Derek M. Jones           Evidence-based software engineering
blog:https://shape-of-code.com

More information about the systemsafety mailing list