Making alloca more safe
BCS
none at anon.com
Thu Nov 19 14:15:07 PST 2009
Hello Walter,
> Tomas Lindquist Olsen wrote:
>
>> You spent quite a bit of effort explaining that segfaults never cause
>> memory corruption, so it seems fairly reasonable to assume that some
>> parts of the application state could still be valid and useful not to
>> throw away.
>>
> When a seg fault occurs, it is because your program is in a state that
> you, the programmer, never anticipated. Therefore, you cannot know
> what state your data is in. Therefore, your data is unreliable. While
> it may not be in a bad state from memory corruption, it could very
> well be in a bad state from your program's logic being wrong.
>
> Do you want to bet your life on assuming your program and its data is
> still valid?
No, at that point I wouldn't count on the program doing any thing correctly.
But that is a long way from trying to get it to do something useful on the
way down, like try and save off what data it can and generate a crash log
with whatever it can salvage. If either of these fail, I'm, at worst, in
exactly the same position I was in before I attempted them and, at best,
they work.
And before you say it, if the system is truly critical, I'd have the crash
handler in ROM, a hardware lock out to stop the system from mucking with
any thing external and a watchdog timer to reset it if the crash handler
hangs.
More information about the Digitalmars-d
mailing list