Replying to multiple messages in one.
>> Well, wasting memory at run-time is inherent in the design of busybox.
>
> Only on machines which cannot share text segment.
Sorry, but this whole discussion exists only because the data/bss is
bigger than it needs to be for any single applet.
Denys Vlasenko wrote:
> On Monday 09 June 2008 12:55, Bernd Schmidt wrote:
>>> IOW: crypt() which uses static buffers is as likely
>>> to die/lock up on OOMing machine as malloc() based one.
>> Incorrect on some systems, notably nommu which is quite a likely setup
>> for uClibc. Also, an order-5 malloc on nommu is much more likely to
>> fail than taking an order-0 page fault on mmu. A 70k allocation _will_
>> fail occasionally, even on systems that have plenty of memory free.
>
> In this situation, execv'ing of an application with additional 70k
> of static buffers will fail even more readily, right? Because
> you do not require two smaller contiguous areas
> (N kb for app and 70k for buffer) but one contiguous area of N+70 kb.
Sigh. Yes, and that's the desired behaviour. From the execve manpage:
ERRORS
[...many...]
ENOMEM Insufficient kernel memory was available.
From the crypt manpage:
ERRORS
ENOSYS The crypt() function was not implemented, probably
because of U.S.A. export restricā
tions.
It's really not a hard concept, this whole documented behaviour thing.
>> and infinitely better
>> > than crashing in the middle of a program and leaving things in an
>> > inconsistent state. Even when you get OOM, there are different modes of
>> > failure,
>
> On the microscopic level, yes, they are different.
>
> In a bigger picture, no. The machine is unusable one way or another.
But what are the consequences of failure? Okay, so I agree that a
production machine should be big enough not to go OOM. Reality is more
difficult, maybe there's a memory leak somewhere, in any case OOM does
happen occasionally. The question then becomes: where and how do we
fail, and what are the consequences. Do we fail at a point where the
possibility of a memory allocation failure (or other hard error) is
documented and can be dealt with, or do we fail in a random place? In
one of these cases it's possible to engineer a certain measure of
robustness, in the other case it's impossible. The machine may be
unusable in both cases, but in one case the damage can be contained more
effectively.
There are computers which run software that is more complex than
busybox, where it's not just a question of the user experience of
printing "out of memory" on a shell prompt.
With that, I'll give up on convincing you; unless someone else objects
soon I'll take Bernhard's and Daniel's messages as consensus to start
fixing things.
Bernd
--
This footer brought to you by insane German lawmakers.
Analog Devices GmbH Wilhelm-Wagenfeld-Str. 6 80807 Muenchen
Sitz der Gesellschaft Muenchen, Registergericht Muenchen HRB 40368
Geschaeftsfuehrer Thomas Wessel, William A. Martin, Margaret Seif
_______________________________________________
uClibc mailing list
uClibc@uclibc.org
http://busybox.net/cgi-bin/mailman/listinfo/uclibc
