From: 0xCDCDCDCD@gmx.at   
      
   On 13.05.2012 06:42, Wil Evers wrote:   
   > Martin B. wrote:   
   >   
   >> Should my "assertions" (quotes deliberate) dump core? Certainly!   
   >> They *should*. Whether they *actually* do, or I throw a logical   
   >> error instead, is based upon customer expectations and what the app   
   >> does.   
   >>   
   >> To give you a real real world example: A code base I worked upon   
   >> (Windows) wouldn't even deliberatley dump core on access violations   
   >> (NULLptr access etc.). It used the Windows sepcific mechanism to   
   >> turn those into exceptions, caught them by `catch(...)` and tried a   
   >> controlled shutdown of the system. This worked 90% of the time, 9,9%   
   >> of the time the process crashed anyway and 0,1% of the time really   
   >> weird things happened. Had they dumped core always, this would have   
   >> meant that a major part of the 90% incidents would have meant   
   >> damaged hardware equipment and significant additional cost to the   
   >> customers.   
   >>   
   >> Was this system not designed well enough? Maybe. But it *worked*   
   >> well enough to be economically viable.   
   >   
   > In my opinion, there is nothing inherently wrong with initiating a   
   > "controlled shutdown" when a program discovers a logic error.  Such a   
   > controlled shutdown should try to (...)   
   > As long as the user is cleary informed about the   
   > program's failure, and it does not attempt to muddle on, (...)   
   >   
   > Whether or not an exception should be used to transfer control to the   
   > point where the "controlled shutdown" is initiated, is another matter.   
   > Throwing an exception triggers stack unwinding, which could easily   
   > make things worse than they already were when the logic error was   
   > first detected.  A direct call to the controlled shutdown routine   
   > probably has a higher chance of succeeding in trying to limit the   
   > damage.   
   >   
      
   Agreed. We've switched to direct shutdown for lots of code. Some old   
   code where nothing ever was changed still uses the `catch(...)` approach   
   and it's really annoying analyzing the process dumps of exceptions where   
   the stack was unwound. (Windows: A proc dump is written with the exc   
   record of the thrown exception - but the stack of the origin is already   
   unwound.) Makes for some surreal post mortem debugging experiences in   
   WinDbg. :-)   
      
   cheers,   
   Martin   
      
   --   
   Good C++ code is better than good C code, but   
   bad C++ can be much, much worse than bad C code.   
      
      
         [ See http://www.gotw.ca/resources/clcm.htm for info about ]   
         [ comp.lang.c++.moderated.    First time posters: Do this! ]   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)