Program logic bugs vs input/environmental errors

Walter Bright via Digitalmars-d digitalmars-d at puremagic.com
Sun Oct 5 20:09:23 PDT 2014


On 10/5/2014 4:28 PM, Sean Kelly wrote:
> On Sunday, 5 October 2014 at 23:01:48 UTC, Walter Bright wrote:
>>
>> Definitely unwinding may or may not happen from Error throws, "nothrow"
>> functions may throw Errors, and optimizers need not account for Errors being
>> thrown.
>
> This is the real concern.  If an Error is thrown out of a nothrow function that
> contains a synchronized block, for example, the mutex might still be locked.  So
> the only viable option is to terminate, even for something theoretically
> recoverable like a divide by zero or an OOME.

Divide by zero is not recoverable since you don't know why it occurred. It could 
be the result of overflowing a buffer with 0s. Until a human debugs it and 
figures out why it happened, it not recoverable.

Because it could be the result of corruption like buffer overflows, the less 
code that is executed between the detection of the bug and terminating the 
program, the safer the program is. Continuing execution may mess up user data, 
may execute injected malware, etc.



More information about the Digitalmars-d mailing list