On Sun, Nov 17, 2002 at 12:12:44PM +1100, Herbert Xu wrote: > On Sat, Nov 16, 2002 at 08:02:43PM -0500, H. S. Teoh wrote: > > > > I guess the question is, at what point do we say, this is enough for > > practical purposes, we'll stop here? Or is it "OK" to let tail consume > > resources until it eats up everything and dies? > > That's why we have resource limits. The only bug here is that glibc > mallocs in fprintf which means that we can't print out a useful error > message when the memory is all used up. [snip]
Why does it have to use fprintf? It's hard to imagine fprintf() not requiring to malloc any buffers, since it *is* supposed to handle output to files, and it has to parse & expand format strings, etc.. Perhaps the real issue is that fatal error messages should not be output through fprintf, but a special, last-resort output facility that doesn't require extra memory. T -- There are four kinds of lies: lies, damn lies, and statistics.
