Proposal (was: Why are exceptions such as SIGSEGV not logged)

From: Jakob Oestergaard
Date: Tue Aug 19 2003 - 03:34:55 EST

Next message: Russell King: "Re: weird pcmcia problem"
Previous message: Bas Bloemsaat: "Re: [2.4 PATCH] bugfix: ARP respond on all devices"
In reply to: Denis Vlasenko: "Re: Dumb question: Why are exceptions such as SIGSEGV not logged"
Next in thread: Valdis . Kletnieks: "Re: Dumb question: Why are exceptions such as SIGSEGV not logged"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Aug 19, 2003 at 09:54:17AM +0300, Denis Vlasenko wrote:
> On 19 August 2003 01:39, David Schwartz wrote:
...[snip]...
> > This is a perfectly sensible thing for a program to do with well-defined
> > semantics. If a program wants to create a child every minute like this and
> > kill it, that's perfectly fine. We should be able to do that in the default
> > configuration without a sysadmin complaining that we're DoSing his syslogs.
>
> I disagree. _exit(2) is the most sensible way to terminate.
>
> Logginh kernel-induced SEGVs and ILLs are definitely a help when you hunt
> daemons mysteriously crashing. This outweighs DoS hazard.

Ok guys - we will never come to an agreement on what would be the
sensible thing to do.

For good reasons, too: the purposes and uses of the systems out there,
and the minds of the people administering them, will be as different as
anything.

This reminds me of the "core naming wars", the "vm overcommit wars", and
other "big" (in the minds of people) issues that were solved to
everyones satisfaction with an entry in /proc.

May I suggest:
/proc/sys/kernel/log_signals

Semantics: Numbers can be written to log_signals - these are signal
numbers that will cause a log entry to be written, when the given signal
is delivered. The file can be read, in which case it will list the
signal numbers that cause log entries to be written.

Examples:

]$ cat /proc/sys/kernel/log_signals
4
7
]$ echo +15 > /proc/sys/kernel/log_signals
]$ cat /proc/sys/kernel/log_signals
4
7
15
]$ echo -4 > /proc/sys/kernel/log_signals
]$ cat /proc/sys/kernel/log_signals
7
15
]$

Possible extension:

]$ echo '*' > /proc/sys/kernel/log_signals
]$ cat /proc/sys/kernel/log_signals
... lists all signals ...
]$ echo '-*' > /proc/sys/kernel/log_signals
]$ cat /proc/sys/kernel/log_signals
]$

In my oppinion it does not make sense to distinguish between signals
sent from process to process, and from kernel to process. Some garbage
collectors, for example, depend on the kernel sending the SIGSEGV and do
their own handling of that - while for many other processes that
situation indicates a problem. Better to handle that kind of thing in
user space log auditing tools.

An implementation of the above is left as an exercise for the reader :)

Comments?

--
................................................................
: jakob@xxxxxxxxxxxxx : And I see the elder races, :
:.........................: putrid forms of man :
: Jakob Østergaard : See him rise and claim the earth, :
: OZ9ABN : his downfall is at hand. :
:.........................:............{Konkhra}...............:
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Russell King: "Re: weird pcmcia problem"
Previous message: Bas Bloemsaat: "Re: [2.4 PATCH] bugfix: ARP respond on all devices"
In reply to: Denis Vlasenko: "Re: Dumb question: Why are exceptions such as SIGSEGV not logged"
Next in thread: Valdis . Kletnieks: "Re: Dumb question: Why are exceptions such as SIGSEGV not logged"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]