Dear Reinhard Meyer,
In message 4CB6A3D3.1020506@emk-elektronik.de you wrote:
dev = (struct eth_device *)malloc(sizeof *dev);
memset(dev, 0, sizeof(*dev));sprintf (dev->name, "RTL8139#%d", card_number);
Apparently its quite common NOT to check malloc()'s possible NULL return value... At least most NET drivers don't seem to...
Maybe another RFC to avoid duplicating code:
malloc_cleared_panic() to allocate and clear memory for a really required structure and put a proper panic message if that fails. Assuming that continuing u-boot once a driver cannot even be initialized is futile, that would save even more code in each driver.
Don't invent the wheel. If you really want to take that route, then copy existing solutions from other projects. Some of them use xmalloc() for this purpose; see for example BusyBox: http://git.busybox.net/busybox/tree/libbb/xfuncs_printf.c lines 44...51
But note that panicing is NOT always the best thing to do. This shouldbe reserved for really unrecoverable cases only.
Even if you cannot allocate a struct that is essential for your network driver, then all that is not working is this network driver, so this is NOT a reason to panic U-Boot. If someone cuts the network cable or pulls the plug the end effect is the same, and you don;t want U-Boot to panic because of htat, or do you?
Error handling is important, and needs to be done in a sensible way.
Best regards,
Wolfgang Denk