This thread on Hacker News terrifies me
Patrick Schluter
Patrick.Schluter at bbox.fr
Sun Sep 2 07:59:49 UTC 2018
On Sunday, 2 September 2018 at 04:21:44 UTC, Jonathan M Davis
wrote:
> On Saturday, September 1, 2018 9:18:17 PM MDT Nick Sabalausky
> (Abscissa) via Digitalmars-d wrote:
>
> So honestly, I don't find it at all surprising when an
> application can't handle not being able to write to disk.
> Ideally, it _would_ handle it (even if it's simply by shutting
> down, because it can't handle not having enough disk space),
> but for most applications, it really is thought of like running
> out of memory. So, isn't tested for, and no attempt is made to
> make it sane.
One reason why programs using stdio do fail with disk space
errors is that they don't know that fclose() can be the function
reporting it, not the fwrite()/fputs()/fprintf(). I can not count
the number of times I saw things like that:
FILE *fd = fopen(...,"w");
if(fwrite(buffer, length, 1)<1) {
fine error handling
fclose(fd);
on disk fullness the fwrite might have accepted the data, but
only the fclose() really flushed the data to disk, only detecting
the lack of space at that moment.
> Honestly, for some of this stuff, I think that the only way
> that it's ever going to work sanely is if extreme failure
> conditions result in Errors or Exceptions being thrown, and the
> program being killed. Most code simply isn't ever going to be
> written to handle such situations, and a for a _lot_ of
> programs, they really can't continue without those resources -
> which is presumably, why the way D's GC works is to throw an
> OutOfMemoryError when it can't allocate anything. Anything
> C-based (and plenty of C++-based programs too) is going to have
> serious problems though thanks to the fact that C/C++ programs
> often use APIs where you have to check a return code, and if
> it's a function that never fails under normal conditions, most
> programs aren't going to check it. Even diligent programmers
> are bound to miss some of them.
Indeed, since some of those error checks also differ from OS to
OS, some cases might detect things in one setting but not in
others. See my example above, on DOS or if setvbuf() was set to
NULL it would not possibly happen as the fwrite() would always
flush() the data to disk and the error condition would be catched
nearly 99.9999% of times.
More information about the Digitalmars-d
mailing list