From mboxrd@z Thu Jan 1 00:00:00 1970 Mime-Version: 1.0 (Apple Message framework v750) In-Reply-To: <53d606a453b7463f930e6f906d9168bd@quanstro.net> References: <53d606a453b7463f930e6f906d9168bd@quanstro.net> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Paul Lalonde Subject: Re: [9fans] quantity vs. quality Date: Fri, 9 Jun 2006 17:41:13 -0700 To: Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu> Topicbox-Message-UUID: 66cbe3a6-ead1-11e9-9d60-3106f5b1d025 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 9-Jun-06, at 5:23 PM, quanstro@quanstro.net wrote: > > sure you can. sysfatal calls _sysfatal to do the deed. redefine > that to call your > fancy cleanup routine and you're golden. But it's one step worse than this. Sometimes your fancy cleanup routine can't dig itself out of your current callstack; it's better to find a way to "succeed" and handle the failure higher up, thus maintaining integrity. When I have critical (well, as critical as it gets when doing entertainment software) resources whose allocation failure will cause grief, I try to pre-allocate before doing something irreversible. The the rest of the work is working out what you're going to use to propagate that exception condition up the stack, at the same time as your routine "succeeds". A longump or function call doesn't let you clean up/repair your state well enough precisely because calling it threw away an important part of your state. This is what all those people on about C++ exceptions are mumbling about, although their implementation means catching every such case in what seems like every codepath - ugly fast. Paul -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) iD8DBQFEihUqpJeHo/Fbu1wRAh0KAJwPCzxloDdoK8R61nHASUBvYahb/wCgtetN 9AaBLhds/5qTrx4hAdoicc4= =BXDh -----END PGP SIGNATURE-----