[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1243877766.8547.38.camel@psmith-ubeta.netezza.com>
Date: Mon, 01 Jun 2009 13:36:06 -0400
From: Paul Smith <paul@...-scientist.net>
To: Oleg Nesterov <oleg@...hat.com>
Cc: Alan Cox <alan@...rguk.ukuu.org.uk>, linux-kernel@...r.kernel.org,
stable@...nel.org, Andrew Morton <akpm@...ux-foundation.org>,
Andi Kleen <andi@...stfloor.org>,
Roland McGrath <roland@...hat.com>
Subject: Re: [PATCH] coredump: Retry writes where appropriate
On Mon, 2009-06-01 at 18:12 +0200, Oleg Nesterov wrote:
> I agree, we should make the coredumping interruptible.
>
> But I don't know which signal should intterrupt. At least SIGKILL should,
> I think. As for other unhandled sig_fatal() signals, I am nor sure.
> I can make a patch, but first I need to know what this patch should do.
> Again, please look at:
>
> killable/interruptible coredumps
> http://marc.info/?l=linux-kernel&m=121665710711931
Ideally interrupting a core dump is something that should only ever be
done because you wanted to actually interrupt the core, and would never
happen as a side effect of some other behavior that may have been
intended for the process before it dumped core.
In my setup, which is more like an embedded system where I can reboot
the device easily, I'd rather have the core dump hang if I happen to try
to write it to an unavailable resource than to lose cores if someone
sends an errant signal to the process (assuming these are the only two
choices). I realize that opinions about this differ based on the
purpose of the system (desktops and many types of servers probably would
rather have their pages back and don't care so much about cores).
My preference would be that no signal would ever cancel a core and there
would be some completely out-of-band method for this (something like
setting a flag via /proc/<pid> or similar) to be used if it was
necessary. However, I can't justify that complexity. So, SIGKILL seems
like a reasonable compromise.
On the other hand, IMO all other signals, including SIGINT and SIGQUIT,
should be ignored during core dumping. Allowing SIGKILL gives a method
for getting rid of core dumps in the relatively rare situation where
people want/need to do so, and I don't see any real benefit to adding
more signals to the list of things you can't do if you want robust
cores. Isn't one enough?
My $0.02.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists