[ccan] help with gracefully dealing with alloc failure in a recursive function

Rusty Russell rusty at rustcorp.com.au
Thu Oct 13 10:35:15 EST 2011


On Mon, 10 Oct 2011 02:26:51 -0400, Joey Adams <joeyadams3.14159 at gmail.com> wrote:
> I used to prefer letting the MMU handle out-of-memory conditions.
> Most of the CCAN modules I've contributed work that way.  "Let it
> crash" is definitely a legitimate philosophy (notably espoused by
> Erlang).  However, many users will want to handle fatal errors in an
> application-specific manner.

Many users will *want* to, very few will.  They'll actually crash when
it happens.  I consider this well-established.

On the other hand, the subset of code which does handle it is important.

That's why I think it's a nice gesture to hand the error up, but it
shouldn't be a priority in API design.  Make it simple for the 99%.

Cheers,
Rusty.


More information about the ccan mailing list