Sloppy error checking in MS code

sandrews at andrewscompanies.com sandrews at andrewscompanies.com
Mon Dec 18 02:44:53 CET 2006


So what if the system runs out of resources?  It'll crash.  Oh my god,
run around in circles, the sky is falling!  What kind of crappy admin
lets his boxes run out of resources?

I hate fanboys that can't see the forest through the trees. 

Steve

-----Original Message-----
From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Richard
Lynch
Sent: Saturday, December 16, 2006 4:49 PM
To: MailScanner discussion
Subject: Re: Sloppy error checking in MS code

Mike Jakubik wrote:
> Julian Field wrote:
>> Ken,
>> Thanks for backing me up. Yes, I don't check the return value of 
>> every single call I make, but show me a programmer who does? (No 
>> doubt someone will at this point). The most common point that is made

>> is "what if the system runs out of space" at this point, and all 
>> sorts of things will be failing at this time, there isn't any need to

>> create more errors at this point, they just create noise. Yes, I 
>> quite happily admit I don't check the result from everything I do.
>> But if you want a practical piece of software that runs at a 
>> reasonable speed.
>>   
>
> How much of a performance impact does a check for the return value of 
> a system call produce? I believe what distinguishes good software from

> bad is how the software handles errors. What you are saying seems to 
> contradict, as Matt Kettler stated that identical functions have error

> checking in the sendmail code, but not in postfix. No, i don't check 
> to see if there is a floor when i wake up, but the chances of an I/O 
> function failing because someone tampered with the directory/changed 
> permissions/disk run out of space/some other OS/HW problem are MUCH 
> greater than my floor disappearing. While i have not experienced any 
> problems myself (AFAIK), it would at least shut up the postfix 
> users/MS haters.
>
I doubt anything would quiet them. 

Axiom: If one is looking for fault one will find it. 
Corollary: You will find whatever you are looking for.

It's not necessary to check every possible failure just the important
ones or the ones you want to handle.  The question becomes "Does MS
check enough of them?".  I don't know the code so I can't say.  I can,
however, say this.

1) MS protects over 1 billion messages a day (from the web page).
2) We use it to process approx 2 million messages a day.
3) We have had little to no problems with MS.

For us the answer to the question is, yes, MS checks enough of them,

~rich

-- 






More information about the MailScanner mailing list