From: quanstro@quanstro.net
To: 9fans@cse.psu.edu
Subject: Re: [9fans] quantity vs. quality
Date: Sun, 11 Jun 2006 17:59:07 -0500 [thread overview]
Message-ID: <82179a5a7f6a9cb2a24871f94e8c9cbd@quanstro.net> (raw)
In-Reply-To: <73b6022509d05ce122618716e1a3f617@proxima.alt.za>
On Sun Jun 11 07:24:25 CDT 2006, lucio@proxima.alt.za wrote:
> > never? what if malloc's datastructures are corrupt?
>
> As long as the stack isn't corrupt, it _can_ still return to the
> caller. The argument is really whether the caller can be trusted to
> take the correct (non)recovery action.
i don't think this is about "trusting" somebody do do the right thing
for recovery.
if malloc's datastructures are corrupt, then you can assume that memory
is corrupt. somebody's fandangoed on core. since you don't have any
valid data, what can you accomplish except call sysfatal. (which might not
work.)
the most incidious bit about trying to recover when you're really and
truly hosed is that you just make debugging harder.
btw. glibc will abort if you corrupt the heap or double-free.
> But you can't take away
> Lucho's options because another 99 callers are too lazy. Your view,
> if I read you correctly, is that Lucho also can't be trusted, because
> he won't test his recovery code, but that is not an acceptable
> assumption.
i think you're reading me wrong. it's not about trust. it's about how
software really gets written. i'm as guilty as the next guy in writing
fancy recovery code that i never try out.
i've been bitten in production at least twice by botched recovery.
>
> Yes, we do need a middle ground and redefining _sysfatal() is one
> option, but encouraging good programming practice, by example as well
> as by instruction, would be preferable to unpredictable behaviour
> under error conditions.
yes.
> To me, the greatest loss in this age of complexity, is the determinism
> of early day computing. Anything that increases determinism at the
> application level is to be encouraged, not discouraged.
this is exactly why i think that sysfatal can be good if you really can't continue
or continuing is very likely to mask an error.
if you fail to get 20 bytes from malloc, for instance, it's likely you have an
huge leak in your program that needs to be fixed.
- erik
next prev parent reply other threads:[~2006-06-11 22:59 UTC|newest]
Thread overview: 229+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-06-07 17:58 [9fans] gcc on plan9 Corey
2006-06-07 18:24 ` Roman Shaposhnick
2006-06-07 18:50 ` Ronald G Minnich
2006-06-07 18:55 ` William Josephson
2006-06-07 20:12 ` Ronald G Minnich
2006-06-07 20:20 ` Roman Shaposhnick
2006-06-07 20:42 ` Ronald G Minnich
2006-06-07 20:44 ` William Josephson
2006-06-07 21:00 ` Ronald G Minnich
2006-06-07 19:05 ` Roman Shaposhnick
2006-06-07 20:13 ` Ronald G Minnich
2006-06-07 20:48 ` Roman Shaposhnick
2006-06-07 21:04 ` Ronald G Minnich
2006-06-08 6:42 ` Roman Shaposhnik
2006-06-08 7:00 ` Iruatã Souza (muzgo)
2006-06-07 19:48 ` Corey
2006-06-07 20:16 ` Ronald G Minnich
2006-06-07 20:26 ` Roman Shaposhnick
2006-06-07 20:43 ` Ronald G Minnich
2006-06-08 5:49 ` lucio
2006-06-07 18:57 ` Francisco J Ballesteros
2006-06-07 19:55 ` Corey
2006-06-07 20:46 ` rog
2006-06-07 21:07 ` Corey
2006-06-07 21:16 ` Christoph Lohmann
2006-06-07 21:25 ` Rodolfo (kix)
2006-06-07 21:50 ` Corey
2006-06-07 21:54 ` David Leimbach
2006-06-07 21:56 ` Ronald G Minnich
2006-06-07 22:06 ` Lluís Batlle i Rossell
2006-06-07 22:16 ` David Leimbach
2006-06-07 22:31 ` Francisco J Ballesteros
2006-06-07 22:33 ` Ronald G Minnich
2006-06-08 9:44 ` Victor Nazarov
2006-06-09 21:13 ` Roman Shaposhnick
2006-06-08 1:28 ` quanstro
2006-06-09 13:12 ` Lluís Batlle
2006-06-09 13:21 ` quanstro
2006-06-09 13:47 ` Lluís Batlle
2006-06-07 23:04 ` geoff
2006-06-07 23:10 ` Steve Simon
2006-06-08 0:22 ` Bakul Shah
2006-06-08 0:27 ` geoff
2006-06-08 3:31 ` Ronald G Minnich
2006-06-08 15:04 ` David Leimbach
2006-06-08 15:20 ` Ronald G Minnich
2006-06-07 23:15 ` andrey mirtchovski
2006-06-08 0:17 ` geoff
2006-06-09 21:15 ` Roman Shaposhnick
2006-06-09 21:26 ` andrey mirtchovski
2006-06-09 21:27 ` andrey mirtchovski
2006-06-09 21:34 ` Roman Shaposhnick
2006-06-09 21:38 ` andrey mirtchovski
2006-06-09 21:44 ` andrey mirtchovski
2006-06-10 6:57 ` "Nils O. Selåsdal"
2006-06-08 1:58 ` Latchesar Ionkov
2006-06-08 0:53 ` geoff
2006-06-08 1:07 ` Latchesar Ionkov
2006-06-08 1:15 ` quanstro
2006-06-08 15:02 ` David Leimbach
2006-06-09 4:04 ` quanstro
2006-06-08 1:22 ` geoff
2006-06-08 1:25 ` Latchesar Ionkov
2006-06-09 21:21 ` Roman Shaposhnick
2006-06-09 21:27 ` Roman Shaposhnick
2006-06-08 14:59 ` David Leimbach
2006-06-09 4:05 ` quanstro
2006-06-08 1:39 ` [9fans] quantity vs. quality Lyndon Nerenberg
2006-06-08 3:05 ` Dan Cross
2006-06-08 3:44 ` Joel Salomon
2006-06-08 7:03 ` Roman Shaposhnik
2006-06-09 22:03 ` Roman Shaposhnick
2006-06-09 22:44 ` David Leimbach
2006-06-09 22:46 ` quanstro
2006-06-09 22:51 ` Latchesar Ionkov
2006-06-09 22:55 ` quanstro
2006-06-09 23:19 ` Latchesar Ionkov
2006-06-09 23:29 ` quanstro
2006-06-10 1:57 ` Latchesar Ionkov
2006-06-09 23:51 ` quanstro
2006-06-10 0:10 ` Roman Shaposhnick
2006-06-10 2:31 ` Latchesar Ionkov
2006-06-10 0:45 ` Roman Shaposhnick
2006-06-10 3:01 ` Latchesar Ionkov
2006-06-10 0:52 ` quanstro
2006-06-10 1:04 ` Roman Shaposhnick
2006-06-10 23:13 ` Ronald G Minnich
2006-06-11 0:44 ` quanstro
2006-06-11 5:08 ` lucio
2006-06-11 10:09 ` quanstro
2006-06-11 12:00 ` lucio
2006-06-11 22:59 ` quanstro [this message]
2006-06-11 23:26 ` geoff
2006-06-12 3:45 ` Paul Lalonde
2006-06-12 20:16 ` Ronald G Minnich
2006-06-12 20:23 ` Roman Shaposhnick
2006-06-12 20:56 ` Ronald G Minnich
2006-06-12 21:09 ` Victor Nazarov
2006-06-13 0:05 ` Roman Shaposhnik
2006-06-12 21:15 ` Francisco J Ballesteros
2006-06-13 12:08 ` rog
2006-06-13 16:34 ` Skip Tavakkolian
2006-06-13 21:35 ` "Nils O. Selåsdal"
2006-06-14 22:09 ` Roman Shaposhnick
2006-06-15 15:46 ` Victor Nazarov
2006-06-11 5:42 ` Russ Cox
2006-06-11 10:08 ` quanstro
2006-06-12 1:03 ` Roman Shaposhnik
2006-06-10 23:05 ` Ronald G Minnich
2006-06-11 0:00 ` quanstro
2006-06-10 0:24 ` andrey mirtchovski
2006-06-10 0:36 ` quanstro
2006-06-10 2:27 ` Latchesar Ionkov
2006-06-10 0:23 ` quanstro
2006-06-10 0:41 ` Paul Lalonde
2006-06-10 0:59 ` quanstro
2006-06-10 1:15 ` Paul Lalonde
2006-06-10 5:19 ` Bruce Ellis
2006-06-10 2:51 ` Latchesar Ionkov
2006-06-10 0:45 ` quanstro
2006-06-10 3:10 ` Latchesar Ionkov
2006-06-10 0:53 ` quanstro
2006-06-10 23:06 ` Ronald G Minnich
2006-06-10 23:15 ` geoff
2006-06-11 2:58 ` jmk
2006-06-10 23:04 ` Ronald G Minnich
2006-06-11 0:05 ` quanstro
2006-06-10 23:03 ` Ronald G Minnich
2006-06-09 23:25 ` Ronald G Minnich
2006-06-09 23:38 ` David Leimbach
2006-06-09 23:45 ` andrey mirtchovski
2006-06-09 23:46 ` Paul Lalonde
2006-06-10 23:03 ` Ronald G Minnich
2006-06-10 23:02 ` Ronald G Minnich
2006-06-11 0:12 ` quanstro
2006-06-11 2:20 ` Ronald G Minnich
2006-06-11 22:31 ` David Leimbach
2006-06-10 0:28 ` Roman Shaposhnick
2006-06-09 21:29 ` Roman Shaposhnick
2006-06-09 21:34 ` andrey mirtchovski
2006-06-08 1:49 ` [9fans] gcc on plan9 Ignacio Torres Masdeu
2006-06-08 14:10 ` David Leimbach
2006-06-09 4:09 ` quanstro
2006-06-09 5:25 ` David Leimbach
2006-06-07 22:39 ` Corey
2006-06-07 22:49 ` Paul Lalonde
2006-06-07 23:17 ` Corey
2006-06-07 23:37 ` Paul Lalonde
2006-06-08 0:50 ` quanstro
2006-06-08 1:16 ` John Barham
2006-06-08 14:51 ` David Leimbach
2006-06-09 4:49 ` ems
2006-06-09 12:07 ` quanstro
2006-06-09 19:17 ` Roman Shaposhnick
2006-06-09 21:27 ` Bakul Shah
2006-06-09 21:33 ` Francisco J Ballesteros
2006-06-09 21:39 ` quanstro
2006-06-09 21:56 ` Francisco J Ballesteros
2006-06-09 22:01 ` quanstro
2006-06-09 22:17 ` Francisco J Ballesteros
2006-06-09 22:35 ` quanstro
2006-06-09 22:22 ` Bakul Shah
2006-06-09 22:30 ` quanstro
2006-06-09 23:22 ` Bakul Shah
2006-06-10 13:51 ` Francisco J Ballesteros
2006-06-10 23:21 ` Ronald G Minnich
2006-06-11 0:07 ` LiteStar numnums
2006-06-10 0:00 ` Harri Haataja
2006-06-10 0:03 ` Bruce Ellis
2006-06-10 1:00 ` Roman Shaposhnick
2006-06-10 4:37 ` Iruatã Souza (muzgo)
2006-06-12 0:35 ` Roman Shaposhnik
2006-06-09 21:43 ` quanstro
2006-06-10 12:43 ` rog
2006-06-07 22:56 ` Christoph Lohmann
2006-06-07 23:08 ` Dan Cross
2006-06-07 23:32 ` Federico G. Benavento
2006-06-07 23:48 ` Dan Cross
2006-06-08 0:32 ` Corey
2006-06-08 1:04 ` jmk
2006-06-08 3:35 ` Ronald G Minnich
2006-06-08 3:51 ` Ronald G Minnich
2006-06-08 4:07 ` Roman Shaposhnik
2006-06-08 5:19 ` Ronald G Minnich
2006-06-08 6:07 ` Federico G. Benavento
2006-06-08 17:45 ` Micah Stetson
2006-06-08 18:54 ` Ronald G Minnich
2006-06-08 18:55 ` Iruatã Souza (muzgo)
2006-06-08 18:56 ` andrey mirtchovski
2006-06-08 19:01 ` Iruatã Souza (muzgo)
2006-06-09 19:56 ` Roman Shaposhnick
2006-06-09 22:19 ` quanstro
2006-06-09 23:19 ` Ronald G Minnich
2006-06-08 4:11 ` Paul Lalonde
2006-06-08 5:25 ` ems
2006-06-08 5:43 ` Simon Williams
2006-06-08 6:09 ` Bruce Ellis
2006-07-16 15:17 ` ASCII Glenda (was Re: [9fans] gcc on plan9) csant
2006-07-16 22:17 ` e.c.sharpe
2006-07-16 22:37 ` Jack Johnson
2006-07-17 8:35 ` Rodolfo (kix)
2006-06-08 1:06 ` [9fans] gcc on plan9 geoff
2006-06-08 1:21 ` quanstro
2006-06-08 10:15 ` Victor Nazarov
2006-06-08 9:40 ` Lluís Batlle
2006-06-08 15:55 ` Corey
2006-06-08 22:48 ` Fred Wade
2006-06-08 23:08 ` Roman Shaposhnick
2006-06-08 23:51 ` Corey
2006-06-07 20:46 ` Latchesar Ionkov
2006-06-07 19:07 ` Roman Shaposhnick
2006-06-07 19:17 ` Latchesar Ionkov
2006-06-07 19:26 ` Roman Shaposhnick
2006-06-07 19:35 ` Brantley Coile
2006-06-07 20:15 ` Ronald G Minnich
2006-06-07 20:32 ` Roman Shaposhnick
2006-06-07 19:47 ` Latchesar Ionkov
2006-06-07 20:00 ` Corey
2006-06-07 20:13 ` Roman Shaposhnick
2006-06-07 20:40 ` Ronald G Minnich
2006-06-08 6:49 ` Roman Shaposhnik
2006-06-07 21:21 ` Christoph Lohmann
2006-06-07 21:49 ` Ronald G Minnich
2006-06-07 22:50 ` Dan Cross
2006-06-08 7:30 [9fans] quantity vs. quality cej
2006-06-08 9:32 ` Lluís Batlle
2006-06-08 15:29 ` David Leimbach
2006-06-08 15:43 ` jmk
2006-06-09 6:01 cej
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=82179a5a7f6a9cb2a24871f94e8c9cbd@quanstro.net \
--to=quanstro@quanstro.net \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).