How should a software product handle an access violation

views:

answers:

How should a software product handle an access violation

We have a software product in c++, that due to documented problems with the compiler generates faulty code (Yes I know it is horrible in itself). This among other bugs causes Access Violations to be thrown.

Our response to that is to catch the error and continue running.

My question is, is this a responsible approach? Is it responsible to let an application live when it has failed so disasterously? Would it be more responsible to alert the user and die?

Edit:
One of the arguments of letting the exception unhandled is that Access Violation shows that the program was prevented from doing harm, and probably haven't done any either. I am not sure if I buy that. Are there any views on this?

+3 A:

I'm with Ignacio: It's imperative to get a fix for that compiler ASAP, or if such a fix is not forthcoming, to jump ship. Naturally there may be barriers to doing so, and I'm guessing you're looking for a short-term solution en route to achieving that goal. :-)

If the faulty code problem is not very narrowly constrained to a known, largely harmless situation, then I'd tend to think continuing to produce and ship the product with the faulty code could be considered irresponsible, regardless of how you handle the violation.

If it's a very narrowly constrained, known situation, how you handle it depends on the situation. You seem to know what the fault is, so you're in the position to know whether you can carry on in the face of that fault or not. I would tend to lean toward report and exit, but again, it totally depends on what the fault actually is.

T.J. Crowder 2010-04-30 09:28:15

It is linked to the throwing of exceptions mainly, when we try to fail controlled, the compiler bug fails disasterously destructing objects that are not on the stack. One argument for letting it be unhandled is that an Access Violation only means that the software was prevented from doing harm, and it prob. has not done any either.

daramarak 2010-04-30 09:47:47

One more thing T.J. Your solution is do not ship, but that is not really answer to my question. Even if we thought we had removed the bugs, would it be responsible to leave such exceptions be?

daramarak 2010-04-30 10:05:09

@daramarak: Re your last question: It would give me the heebie-jeebies, but I'm not the one facing the situation on the ground and the various conflicting priorities (and trust me, I know what a juggle it can be). Good luck with it.

T.J. Crowder 2010-04-30 12:14:00

Thank you. It gives me the creeps too. As I see it, killing the application gives the impression of instability, but not killing it might make the system instable. Well, in the end it is not my decision, I only advise. But of course i´ll do the fire extinguishing later.

daramarak 2010-04-30 12:52:16

+2 A:

Really it goes without saying, but it's irresponsible to act like the program did something it didn't (when it should have set some value somewhere which actually was a dangling pointer), or didn't do something it shouldn't have (when it randomizes some variable somewhere unfortunate enough to be the destination of a dangling pointer).

Damage minimization/mitigation strategies might be to checksum files (but not in a trivial way; actually verify that untouched data within the file is unmodified) and auto-save often.

Do you think the customer is aware of the problem?

Potatoswatter 2010-04-30 09:28:54

+1 ("Mitigation strategies," perhaps.)

T.J. Crowder 2010-04-30 09:29:41

ansaurus

tags:

views:

answers:

How should a software product handle an access violation

related questions