This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: glibc segfault on "special" long double values is _ok_!?
On Fri, 8 Jun 2007, Jeremy Linton wrote:
> Really? Have you ever written something that must not crash? This
> thread is about printf crashing on invalid inputs that could be checked. I'm
> not suggesting you ignore the failure, there are other options. I don't care
> if you display "hey stupid programmer, the input is invalid" but crashing the
> program is unacceptable for most people that actually care about their work.
I gather for those people an xprintf() (and others as necessary) that
wraps around printf() and traps the necessary signals is the solution.
You could also use a similar approach to validate each of the function's
arguments one by one beforehand so that the offending ones are actually
caught and passed to the diagnostic facility that you have in your
software for detailed examination.
Also for software that must not crash there are generally two approaches
that can be used -- either you trap all the "dangerous" signals that may
result from bugs for the life of your piece of software and implement some
sort of recovery facility or you run your program from `init' and let it
be restarted, which generally has a better chance to give you a clean
state. Which of these two is the right one for you (or at least better;
you can actually combine them too) depends on your exact needs.
That is not enough though, of course, but I will not get into details of
what can be done to recover from kernel bugs and hardware failures here.
Maciej