On 5/31/2017 7:39 PM, Jonathan M Davis via Digitalmars-d wrote:
The reality of the matter though is that no matter what we do, a completely robust program must be able to deal with the fact that it could be killed at any time (e.g. due to a power outage) - not that it needs to function perfectly when it gets killed, but for stuff like database consistency, you can't rely on the program dying gracefully to avoid data corruption.
Everything about a network is unreliable, so any reliable system must have baked into it the ability to cleanly redo any transaction that failed partway through it. Trying to have the software ignore serious bugs in order to complete a transaction is a doomed approach.
