Skip to content

sys/cpp_new_delete: handle allocation failures#22418

Draft
maribu wants to merge 1 commit into
RIOT-OS:masterfrom
maribu:sys/cpp_new_delete/error-handling
Draft

sys/cpp_new_delete: handle allocation failures#22418
maribu wants to merge 1 commit into
RIOT-OS:masterfrom
maribu:sys/cpp_new_delete/error-handling

Conversation

@maribu

@maribu maribu commented Jun 24, 2026

Copy link
Copy Markdown
Member

Contribution description

If exceptions are supported, throw an std::bad_alloc on allocation failure.

If not, panic on allocation failure.

Testing procedure

Allocations should now fail as expected. E.g. the test in tests/sys/cpp11_thread can both easily trigger allocation failures and has a very interesting failure mode.

With this fix, the failure mode should be more boring.

Issues/PRs references

Found in #22417

Declaration of AI-Tools / LLMs usage:

AI-Tools / LLMs that were used are:

  • none

If exceptions are supported, throw an `std::bad_alloc` on allocation
failure.

If not, panic on allocation failure.
@github-actions github-actions Bot added the Area: sys Area: System label Jun 24, 2026
@maribu maribu added the CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR label Jun 24, 2026
@riot-ci

riot-ci commented Jun 24, 2026

Copy link
Copy Markdown

Murdock results

FAILED

19abdf9 sys/cpp_new_delete: handle allocation failures

Build failures (3)
Application Target Toolchain Runtime (s) Worker
tests/core/rmutex_cpp atmega256rfr2-xpro gnu 1.43 mobi1
tests/pkg/etl atmega256rfr2-xpro gnu 0.85 mobi6
tests/sys/cpp_ctors atmega256rfr2-xpro gnu 0.39 mobi6

Artifacts

@crasbe

crasbe commented Jun 25, 2026

Copy link
Copy Markdown
Contributor

Tested with the Nucleo-G031K8 with the timer PR applied.

It still crashes because after this I can't flash it before resetting/power cycling the microcontroller.

cbuec@W11nMate:~/RIOTstuff/riot-vanillaice/RIOT$ BOARD=nucleo-g031k8 make -C tests/sys/cpp11_thread/ flash test -j
make: Entering directory '/home/cbuec/RIOTstuff/riot-vanillaice/RIOT/tests/sys/cpp11_thread'
Building application "tests_cpp11_thread" for "nucleo-g031k8" with CPU "stm32".
...
Done flashing
r
/home/cbuec/RIOTstuff/riot-vanillaice/RIOT/dist/tools/pyterm/pyterm -p "/dev/ttyACM0" -b "115200" -ln "/tmp/pyterm-cbuec" -rn "2026-06-25_10.18.17-tests_cpp11_thread-nucleo-g031k8" --no-reconnect --noprefix --no-repeat-command-on-empty-line
Connect to serial port /dev/ttyACM0
Welcome to pyterm!
Type '/exit' to exit.
READY
s
START
main(): This is RIOT! (Version: 2026.07-devel-391-gd242c6-sys/cpp_new_delete/error-handling)

************ C++ thread test ***********
Creating one thread and passing an argument ...
#! exit 1: powering off
Timeout in expect script at "child.expect_exact("Done")" (tests/sys/cpp11_thread/tests/01-run.py:17)

make: *** [/home/cbuec/RIOTstuff/riot-vanillaice/RIOT/makefiles/tests/tests.inc.mk:32: test] Error 1
make: Leaving directory '/home/cbuec/RIOTstuff/riot-vanillaice/RIOT/tests/sys/cpp11_thread'

@crasbe crasbe added CI: no fast fail don't abort PR build after first error Type: enhancement The issue suggests enhanceable parts / The PR enhances parts of the codebase / documentation labels Jun 25, 2026
@maribu

maribu commented Jun 25, 2026

Copy link
Copy Markdown
Member Author

I wonder if the hang is due to an uncaught exception (I see no code that would catch the bad alloc exception in either the thread implementation nor in the test app), or if that is the panic handler.

It is good that there now is a defined crash, rather than the code keeping to run on corrupted memory. But the complete absense of any helpful indication of what went wrong in the log is a major footgun that I need to address first.

@maribu maribu marked this pull request as draft June 25, 2026 09:10
@crasbe

crasbe commented Jun 25, 2026

Copy link
Copy Markdown
Contributor

Setting the THREAD_STACKSIZE_MAIN to 512 makes it run successfully.

Enabling DEVELHELP does not give additional information unfortunately.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Area: sys Area: System CI: no fast fail don't abort PR build after first error CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR Type: enhancement The issue suggests enhanceable parts / The PR enhances parts of the codebase / documentation

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants