ctrl+c and destructors
Walter Bright
newshound2 at digitalmars.com
Thu Oct 3 15:38:17 PDT 2013
On 10/3/2013 2:15 PM, nazriel wrote:
> Music player (as example) do not kill people if they fail.
> Aborting whole music player just because Visualisation plugin had access
> violation is pointless.
How does the music player know the fault is in the plugin and it could be safely
continued?
It doesn't. It cannot. With a shared address space, it could be anywhere.
> You can't put every use case into the same bag...
I doubt the users would be pleased if continuing running the program resulted in
further corruption of the system, including the user's data. Yes, and I've used
music players that did that. It sux having to rebuild the music database from
backups every time. It doesn't make me think kindly of the player's developers.
A properly designed system with user-supplied plugins that needed to recover
from plugin failure would put those plugins in a separate process space, so when
they crash they cannot affect the rest of the system. Any other scheme is just a
bad design, although it may be convenient from a developer cost standpoint to
write it that way.
And lastly, such badly designed plugin systems are rich vectors for people to
insert malware into your system. See ActiveX for an example.
More information about the Digitalmars-d
mailing list