Re: glibc segfault on "special" long double values is _ok_!?

["Maciej W. Rozycki" <macro at linux-mips dot org>]

On Fri, 8 Jun 2007, Jeremy Linton wrote:

> 	Really? Have you ever written something that must not crash? This
> thread is about printf crashing on invalid inputs that could be checked. I'm
> not suggesting you ignore the failure, there are other options. I don't care
> if you display "hey stupid programmer, the input is invalid" but crashing the
> program is unacceptable for most people that actually care about their work.

 I gather for those people an xprintf() (and others as necessary) that 
wraps around printf() and traps the necessary signals is the solution.  
You could also use a similar approach to validate each of the function's 
arguments one by one beforehand so that the offending ones are actually 
caught and passed to the diagnostic facility that you have in your 
software for detailed examination.

 Also for software that must not crash there are generally two approaches 
that can be used -- either you trap all the "dangerous" signals that may 
result from bugs for the life of your piece of software and implement some 
sort of recovery facility or you run your program from `init' and let it 
be restarted, which generally has a better chance to give you a clean 
state.  Which of these two is the right one for you (or at least better; 
you can actually combine them too) depends on your exact needs.

 That is not enough though, of course, but I will not get into details of 
what can be done to recover from kernel bugs and hardware failures here.

  Maciej