Alan Cox <alan@lxorguk.ukuu.org.uk> writes:
> o There is an implicit unchecked memory allocation in normal C - stack
> pages. So a stack page OOM will kill you anyway (forget calling a
> function to report it, you have nothing to report it on)
Although everything else you said was right, you can do some damage
control in the above situation.
Basically...
#ifdef HAVE_SIGALTSTACK
do
{
struct sigaltstack alt_stack;
static char buffer[SIGSTKSZ];
alt_stack.ss_size = SIGSTKSZ;
alt_stack.ss_sp = buffer;
alt_stack.ss_flags = 0;
if (sigaltstack(&alt_stack, NULL) == -1)
{ /* this should be impossible */
/* **** log error **** */
break;
}
sa.sa_flags |= SA_ONSTACK;
} while (FALSE);
#endif
sa.sa_handler = internal_signal_crash;
if (sigaction(SIGSEGV, &sa, NULL) == -1)
/* **** log error **** */ ;
...etc. for SIGBUS etc.
Again as alan said your _system_ still needs to recover from someone
pulling the power (just fitting a UPS doesn't count as they fail too),
but you should still do stuff like the above and check error codes on
read()/close()/malloc()[1].
All in my opinion.
[1] Some people may think the above is in priority order, you can
think that if you wish but I'll still do all of them.
-- James Antill -- james@and.org "If we can't keep this sort of thing out of the kernel, we might as well pack it up and go run Solaris." -- Larry McVoy.- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Mar 31 2000 - 21:00:14 EST