ctrl+c and destructors

H. S. Teoh hsteoh at quickfur.ath.cx
Thu Oct 3 17:08:56 PDT 2013


On Thu, Oct 03, 2013 at 07:49:16PM -0400, Jonathan M Davis wrote:
> On Friday, October 04, 2013 01:18:31 deadalnix wrote:
> > On Thursday, 3 October 2013 at 22:38:18 UTC, Walter Bright wrote:
> > > On 10/3/2013 2:15 PM, nazriel wrote:
> > >> Music player (as example) do not kill people if they fail.
> > >> Aborting whole music player just because Visualisation plugin
> > >> had access violation is pointless.
> > > 
> > > How does the music player know the fault is in the plugin and
> > > it could be safely continued?
> > 
> > Because a music player can ALWAYS safely continue. Worst case
> > scenario, if behave erratically and is killed by user.
> > 
> > A car firmware kill people if they behave erratically. The right
> > choice is to kill it if anything look wrong.
> > 
> > A media player won't kill anyone.
> 
> Just because it won't kill anyone doesn't mean that it's okay for it
> to continue after it's in a bad state. It could do other nasty things
> to the system (including corrupt the files that it's operating on).
> Once a program's in an invalid state, all bets are off. I fully concur
> with Walter that it's better to kill the program at that point and
> restart it whether lives are on the line or not. And if that means
> that the user sees crashes, oh well.  They'll complain and the
> developer will have to fix them, which is exactly what they need to
> do, because they wouldn't be getting stuff like segfaults or Errors if
> their code wasn't broken.
[...]

Reminds me of a GUI app I tried years ago, that suffered from some kind
of memory corruption bug. Every now and then it would segfault due to
hitting the corruption... one time, it *didn't* segfault, but continued
merrily on and corrupted all of my data -- worth many hours of work --
all without showing any signs of problems, and then out of habit I saved
the file I was working on, and it barged ahead and wrote garbage all
over my last good copy of the data. :-(

Now, I don't think it had segfault recovery, but even without, it was
already bad enough. I don't think I ever want to find out what that
program would've done if it came *with* segfault recovery... (think
about all those times it crashed *before* the bad data got saved into
the file.)


T

-- 
Never ascribe to malice that which is adequately explained by incompetence. -- Napoleon Bonaparte


More information about the Digitalmars-d mailing list