Re: Some example code for a new crash handler

From: Ben FrantzDale <bfrantzdale hmc edu>
To: Hongl Lai <hongli telekabel nl>
Cc: gnome-list gnome org
Subject: Re: Some example code for a new crash handler
Date: 12 Jan 2002 13:12:17 -0500

On Sat, 2002-01-12 at 03:49, Hongl Lai wrote:
> On Sat, 2002-01-12 at 00:59, Havoc Pennington wrote:
> > 
> > Charles Iliya Krempeaux <tnt linux ca> writes: 
> > > Well, how about, instead of saving things over the original files,
> > > you save it as another file name.
> > 
> > You don't understand the problem - the problem is that once you get
> > the SEGV signal, any piece of memory in the program could contain
> > total junk. _Any_ piece. That means there is no way to do anything
> > sane. Say you save your spreadsheet - one of the values in the
> > 100,000-row sheet could be slightly incorrect, for example.
> > 
> > Havoc
> 
> 
> But then there's also a chance that a non-critical part of the memory
> gets corrupt.
> And what do you think is worse? Losing all 300 entries you were working
> at because of a crash, or a file with 200 good entries and 100 bad
> entries?
> 
> If the saved file if totally corrupt, then so be it.
> That is no worse than a crash, where you lose everything.
> But there's a chance that the file won't get corrupt, or only partially
> corrupt.
> We should give users the chance to save what can be saved, don't you
> think?
> 
> I'm not trying to say that programs doesn't have to be bugfree.
> I'm not against autosave.
> But I think it's best if we do everything we can to save:
> fix bugs, implement autosave, AND surpress sigsegv for while to give the
> user some time.

In theory, what you are proposing would be cool. Loosing data is never a
good thing. However, if you had auto-save happen every minute, you would
never loose more than a minute's worth of data.

What I worry about your solution is not the case where half of a file is
corrupted, but where one or two bits is incorrect. As someone already
mentioned, one corrupted cell in a large spreadsheet might never be
noticed. One thing that I would hope we can rely on from our software is
correctness. My understanding is that your patch could remove that
guarentee. (At least to those who don't understand that the emercency
backup file is not to be relied upon.)

What I wonder is this: Could things be written to do an emergency save
in the case where a component of a program dies but where the component
storing the data did not?

--Ben

Attachment: pgp3LYscwMHkf.pgp
Description: PGP signature

Follow-Ups:
- Re: Some example code for a new crash handler
  - From: Hongl Lai

References:
- Some example code for a new crash handler
  - From: Hongl Lai
- Re: Some example code for a new crash handler
  - From: Havoc Pennington
- Re: Some example code for a new crash handler
  - From: Hongl Lai
- Re: Some example code for a new crash handler
  - From: Havoc Pennington
- Re: Some example code for a new crash handler
  - From: Charles Iliya Krempeaux
- Re: Some example code for a new crash handler
  - From: Havoc Pennington
- Re: Some example code for a new crash handler
  - From: Hongl Lai

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]