Re: [libsmi] memory leak; program terminates
There are good reasons for the parser to terminate in case of severe errors. If it would continue, you would end up with dangling pointers and consequences you would not like! ;-)
Sure - it's sensible for the parser to terminate - perhaps setting a flag so that any further attempt to use the library routines would fail.
But it's a stage more drastic to issue an "exit" - so that the whole application will terminate immediately. It's then got no chance to tidy up and save any internal state, pop up a dialog box to report the error back to the user, offer to work with numeric OIDs instead, or however else the programmer wishes to handle this.
So: First fix the first module before running your application with the next one.
That's (unnecessarily) restricting the application IMO. What if the application was a batch-mode SMI validator - whose whole *purpose* was to report back errors in the module - perhaps running as a network service? Is it really sensible for it to exit completely when it comes across a corrupt MIB?
A library is perfectly entitled to signal a serious error, and refuse to proceed. But it shouldn't take it upon itself to terminate the whole application.
Dave
-- !! This message is brought to you via the `libsmi' mailing list. !! Please do not reply to this message to unsubscribe. To subscribe or !! unsubscribe, send a mail message to libsmi-request@ibr.cs.tu-bs.de. !! See http://www.ibr.cs.tu-bs.de/projects/libsmi/ for more information.
Dave Shield writes:
Dave> Sure - it's sensible for the parser to terminate - perhaps Dave> setting a flag so that any further attempt to use the library Dave> routines would fail.
Dave> But it's a stage more drastic to issue an "exit" - so that the Dave> whole application will terminate immediately. It's then got no Dave> chance to tidy up and save any internal state, pop up a dialog Dave> box to report the error back to the user, offer to work with Dave> numeric OIDs instead, or however else the programmer wishes to Dave> handle this.
Yes. There should be a public fatal error handler with a default implementation which calls exit(). There is already a comment in error.c which says that such a feature would be nice to have...
/js -- !! This message is brought to you via the `libsmi' mailing list. !! Please do not reply to this message to unsubscribe. To subscribe or !! unsubscribe, send a mail message to libsmi-request@ibr.cs.tu-bs.de. !! See http://www.ibr.cs.tu-bs.de/projects/libsmi/ for more information.
Yes. There should be a public fatal error handler with a default implementation which calls exit(). There is already a comment in error.c which says that such a feature would be nice to have...
I've implemented this, except that in my version the exit() is still there. The reason for this is that if the user's fatal handler returns, libsmi would likely core dump pretty soon afterwards, since it would continue trying to use the data structures that are likely corrupt in some way -- there really needs to be setjmp()/longjmp() exception handling going on here to allow the fatal handler to cause the libsmi library function that the user called to terminate. There would also have to be a libsmi global flag that a fatal error had occurred, that only gets cleared on smiExit() (or something) that causes all other library functions to return with an error, to prevent the possibly-bad data structures from being used. (And hope that smiExit() is robust to possibly-bad data structures...)
Bill -- !! This message is brought to you via the `libsmi' mailing list. !! Please do not reply to this message to unsubscribe. To subscribe or !! unsubscribe, send a mail message to libsmi-request@ibr.cs.tu-bs.de. !! See http://www.ibr.cs.tu-bs.de/projects/libsmi/ for more information.
participants (3)
-
Bill Fenner -
Dave Shield -
Juergen Schoenwaelder