Mathias Bauer wrote:
Stephan Bergmann wrote:
One abstraction level higher, throwing an exception upon detecting say a
broken invariant is in general useful only if you very carefully
designed your program so that you can catch the exception somewhere
where you can go from the broken state of your program to a good state
(and where you can inform the client that some operation failed, if the
good state is not a state expected by the client).
While this might be theoretically correct my practical experience of at
least 8 years of successful crash recovery says that it works for the
vast majority of crashes and I won't accept that we drop it in any
situation just because there is no theoretical proof that it works all
the time.
You confuse me here. With "crash recovery" I assume you mean the
activities triggered from within the signal handler. My paragraph that
you quote is about whether to throw an exception or to abort upon
detecting some illegal state. I do not see the connection.
Re your comments about crash recovery: I never claimed that there are
no cases where what we do from within the signal handler happens to work
as expected (I used the word "reliably" in what you did not quote), and
I never requested to "drop it."
[One thing that *did* make me nervous though was that I had the
impression that once we try to save an open document from within the
signal handler, the original version of that document (i.e., the last
version manually saved by the user) is overwritten. As I learned in an
offline conversation with Mathias in the meantime, this is not the case
(both versions are available after OOo restart), it is just the OOo user
interface that confused me there.]
I would see it the other way around: only if you have a case where you
know for sure that crash recovery is of no avail you can abort
immediately (but then you will also lose the crash report).
??? abort() -> raise(SIGABRT) -> signal handler
Ciao,
Mathias
-Stephan
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
