From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <5d87bedd7aeea17a3cacb7aa494661f4@quanstro.net> Date: Fri, 9 Jun 2006 19:59:49 -0500 From: quanstro@quanstro.net To: 9fans@cse.psu.edu Subject: Re: [9fans] quantity vs. quality In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Topicbox-Message-UUID: 670922ca-ead1-11e9-9d60-3106f5b1d025 sure. if you have a known place where a known sane input will cause allocation failure (like an image that's too big), then by all means, handle that case. everything you say is valid. however, i have yet to see a small allocation fail without the system being pretty broken. and my conclusion is that preemtive strikes against failures that should not happen on a sane system may cause more harm than good. your bit about exceptions is is right on. sometimes just droping core makes problem resolution much easier. - erik On Fri Jun 9 19:44:19 CDT 2006, plalonde@telus.net wrote: > On 9-Jun-06, at 5:23 PM, quanstro@quanstro.net wrote: > > > > sure you can. sysfatal calls _sysfatal to do the deed. redefine > > that to call your > > fancy cleanup routine and you're golden. > > But it's one step worse than this. Sometimes your fancy cleanup > routine can't dig itself out of your current callstack; it's better > to find a way to "succeed" and handle the failure higher up, thus > maintaining integrity. When I have critical (well, as critical as it > gets when doing entertainment software) resources whose allocation > failure will cause grief, I try to pre-allocate before doing > something irreversible. The the rest of the work is working out what > you're going to use to propagate that exception condition up the > stack, at the same time as your routine "succeeds". > A longump or function call doesn't let you clean up/repair your > state well enough precisely because calling it threw away an > important part of your state. This is what all those people on about > C++ exceptions are mumbling about, although their implementation > means catching every such case in what seems like every codepath - > ugly fast. > > Paul