There a few choices for what to do in the oom handler: 1.3 fprintf's to
stderr, then does exit(1), which doesn't seem particularly wise since
fprintf can itself malloc; could do similarly, could just exit(1) or
even just exit(APEXIT_CHILDSICK); but then nothing gets logged. With
abort() at least something is logged, and you can get core dumps with a
suitably configured environment/server, for further diagnosis. Any
opinions?
Index: server/main.c
===================================================================
--- server/main.c (revision 405449)
+++ server/main.c (working copy)
@@ -261,6 +261,13 @@
exit(process_exit_value);
}
+/* APR callback invoked if allocation fails. */
+static int abort_on_oom(int retcode)
+{
+ abort();
+ return retcode; /* unreachable, hopefully. */
+}
+
static process_rec *create_process(int argc, const char * const *argv)
{
process_rec *process;
@@ -279,6 +286,7 @@
exit(1);
}
+ apr_pool_abort_set(abort_on_oom, cntx);
apr_pool_tag(cntx, "process");
ap_open_stderr_log(cntx);
@@ -449,6 +457,10 @@
pconf = process->pconf;
ap_server_argv0 = process->short_name;
+ /* Set up the OOM callback in the global pool, so all pools should
+ * by default inherit it. */
+ apr_pool_abort_set(abort_on_oom, apr_pool_parent_get(process->pool));
+
#if APR_CHARSET_EBCDIC
if (ap_init_ebcdic(pglobal) != APR_SUCCESS) {
destroy_and_exit_process(process, 1);
