Hi All,
Sorry for the poor timing in bringing this up, but this just came up when discussing the review of some sunxi patches.
Ian asked me to add error handling for mmc_create failing, which, if used properly, only ever fails if calloc fails.
This made me thinking that we should switch u-boot to the glib memory alloc failure handling model, which is put a die() / abort() inside the low level malloc routines when they fail.
The reasoning is that if malloc fails, you're typically looking at a fatal error anyways, and this will allow removing error handling from a lot of higher level users, reducing code, and removing a lot of code paths which are in essence unused and as such also very much untested.
I guess there may be some special cases where we don't want the malloc_or_die behavior I'm advocating for, for those we could introduce a malloc_unchecked function.
Detlev any chance you could squeeze this into the schedule somewhere?
Regards,
Hans