Re: Have vibe.d continue to operate on out-of-bounds error?

Posted Wed, 31 May 2017 08:44:55 -0400 in reply to Jacob Carlborg

On 5/31/17 5:01 AM, Jacob Carlborg wrote:

On Tue, 30 May 2017 12:08:43 -0400, Steven Schveighoffer wrote:

Ugh, good point.

So this means I basically have to manually turn range errors into
exceptions (i.e. convert builtin arrays to something that throws on
indexing), or somehow auto-restart the server on crashing. Annoying...

You should have something auto-restarting the server anyway :)

I added it as a service to my systemd startup. I'm very new to systemd,
so I'm not sure how to get it to restart automatically.

I'll drum up a discussion on the main forums about this. It doesn't seem
like something that is easy to solve, and seems like a harsh penalty to
pay for a simple invalid index.

Oh, errors vs exceptions again. That will be a, fun discussion :)

The aspect of this is that you may have an off-by-one error that is
about to corrupt memory, but doesn't actually because you have bounds
checking. Does this mean we must crash the entire application? D gives
us no choice. We must treat the simple 'index is bad' error as 'the
entire memory could be corrupt'.

Thinking some more about it, we can't really make them exceptions,
because then nothrow code becomes nearly impossible to write, or as
painful as writing Java code. Likely the only good solution is to make
custom array types. That comes with its own problems.

Bottom line is, if I compare vibe.d to other frameworks, none of them
actually crash the web server for an out-of-bounds error. I find the
situation very awkward. Restarting the whole server seems like a huge
penalty.

-Steve