httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Greg Marr <gr...@alum.wpi.edu>
Subject Re: cvs commit: apache-2.0/src/lib/apr/lib apr_execve.c apr_pools.c apr_tables.c
Date Wed, 24 Nov 1999 12:32:01 GMT
At 03:03 AM 11/24/99 , you wrote:
>On Tue, 23 Nov 1999, Ryan Bloom wrote:
> > libraries shouldn't be killing off processes because there is a 
> problem,
> > they should alert the program that there is a problem.  If we 
> aren't
> > checking the return code, we should be.  That will be fixed in 
> the next
> > few patches.
>
>That's a cop-out. We are talking Apache here.

No, we are talking APR here.  APR is not Apache.

>All throughout Apache, we allocate memory with the presumption that 
>if the function returns, then we *have* allocated that memory.
>
>You simply CANNOT change those semantics right now.

Hey, if he wants to change the semantics, which involves adding 
return value checks to all the calls, then I say go ahead.  If you 
REALLY need to have a function you can call from within Apache that 
aborts if memory isn't available, then add a wrapper function *in 
Apache* that calls APR and aborts if memory isn't available.

>Within APR (or Apache itself for that matter), you can then just 
>call something like
>ap_abort_with_msg("whatever"). It will ensure the message is written 
>to the platform-specific place and abort().
>
>This is APR... we can use platform-specific mechanisms to log these
>messages.

If APR does have this function, it should NEVER call it from within 
APR.  Better yet, have ap_log_message and then have Apache call 
ap_log_message() and abort() or exit().

>Really: we can't just abort() without telling the user what 
>happened. I've been bitten by that several times in the past and it 
>was a pain in the ass. And hell... I'm a programmer with debug tools 
>available! I hate to think what would happen to Joe Sysadmin.

APR is a library, it can't abort at all.  Apache, on the other can, 
can abort.  Then again, should a single failed malloc be enough to 
bring down the entire system without cleaning anything up?

--
Greg Marr
gregm@alum.wpi.edu
"We thought you were dead."
"I was, but I'm better now." - Sheridan, "The Summoning"


Mime
View raw message