Bad array indexing is considered deadly
Vladimir Panteleev via Digitalmars-d
digitalmars-d at puremagic.com
Thu Jun 1 02:53:26 PDT 2017
On Wednesday, 31 May 2017 at 13:04:52 UTC, Steven Schveighoffer
wrote:
> I have discovered an annoyance in using vibe.d instead of
> another web framework. Simple errors in indexing crash the
> entire application.
Since I wrote/run a bunch of websites/network services written in
D, here's my experience/advice:
First, this is not something specific to array indexing, but an
entire class of logic errors which are sometimes recoverable.
Other examples are associative array indexing, division by zero,
and out-of-memory errors resulting from underflows. All of these
are due to bugs in the program, but could hypothetically be
handled without compromising the integrity of the process.
My advice:
1. Let the program crash. Make sure it's restarted afterwards,
either via a looping script, or a watchdog.
2. Make sure you are notified of the error. I don't mean just
recorded in a log file somewhere, but set it up so you receive an
email any time it happens, with the stack trace. I run all my D
network services from a cronjob, which automatically sends output
by email. If you have the stack trace, most of these bugs take
only a few minutes to fix - at the very least, turning the error
into an exception is a trivial modification if you don't have
time for a full root cause analysis at that moment.
3. Design your program so that it can be terminated at any point
without resulting in data corruption. I don't know if Vibe.d can
satisfy this constraint, but e.g. the ae.net.http.server workflow
is to build/send the entire response atomically, meaning that the
Content-Length will always be populated. Wrap your database
updates in transactions. Use the "write to temporary file then
rename over the original file" pattern when updating files. Etc.
More information about the Digitalmars-d
mailing list