“The Fault Tolerant Heap is a subsystem of Windows 7 responsible for monitoring application crashes and autonomously applying mitigations to prevent future crashes on a per application basis. For the vast majority of users, FTH will function with no need for intervention or change on their part. Principal Development Lead and rock star developer Silviu Calinoiu is the mastermind behind FTH. Here, we go deep into how FTH works and why it’s designed the way it is.”
I don’t mean to sound like an ass, but doesn’t a feature like this encourage laziness in developers?
If I’m a developer of a Windows application, and I can rely on FTH to remedy whatever flaws I’ve made in my software, why would I ever bother fixing them?
I could just tell my users that the first few crashes they experience are expected… and they shouldn’t see them any longer.
Unfortunately that is one of the risks when one adds new features to catch errors; some developers will view it as a way to help improve their customer experience whilst they work judiciously on checking their code whilst others will abuse the feature. The same thing happens with any new feature – I guess the only way Microsoft could fix the problem is by stress testing all drivers submitted to the WHQL, and those which ‘hit’ the ‘Fault Tolerant Heap’ too much are declined WHQL certification.
Yes, but its probably not for new applications. Its probably for legacy ones. Compatibility with existing applications is so important to Microsoft, that they have gone as far as reproducing bugs in previous versions that allowed buggy software to work on on newer versions of windows.
The most famous( although now dated) example of which is the Office 95 attempt to free a null pointer on startup.
If they can write it so they can sorta handle these things in a more graceful, less hacky way the quality of the OS will go up as well.
Interestingly, freeing a NULL pointer is a perfectly legal no-op (i.e. it’s bad form to write a null check before delete).
Is it this one:
http://research.microsoft.com/en-us/projects/RobustHeap/
(no, I didn’t watch the video, life is too short to waste on msdn presentations ;-).
If that’s the case, it’s a good thing because it reduces “random” behavior (possibly less crashes, and the crashes will have higher quality call stacks).
Of course this is a technology that can be adapted to non-windows platforms quite easily, just by changing the malloc implementation.
Edited 2009-08-26 23:19 UTC
I love the title of this article. Does it mean Windows used to be a fault intolerant heap (of?)?
Seriously though, as long as devs don’t get lazy and take the “meh, the OS will catch that anyway” attitude its a good thing – could reduce crashes from some of those harder to find bugs…
Back in the Windows 95 era, eons ago, a product existed which would actually make Windows usable… it was called “First Aid.”
It was the last ditched effort of a few techs to make a system “stable.”
Because of that program serious bugs often went undiagnosed, mostly barely compatible memory ( such as in I.B.M. machines ). Programs would crash left and right, but First Aid could almost always fix it right up, so you would limp along just accepting crashes as part of the normal routine – thinking that was just normal.
I see this hand-holding by Microsoft causing many of the same problems. Not a bad idea, by any means, but unstable applications should be punished by the system, and stable programs rewarded.
There will also need to be an attempt to log memory area fault frequency, cross-app exception frequency, and much more so that hardware failures can be seen for what they are. This, of course, is something of a wet dream…
–The loon, two days awake now.. or something… hmm…
I did not find any information in this article, neither what it does nor how it works.
Did I miss something?
Or am I supposed to install another media playback plugin for the purpose of listening to some guy talk slower than I could read?
Play this music as you read the dialog: http://www.youtube.com/watch?v=5YGO4uAdLyQ
“Hello I’m a Mac.”
“And I’m a PC, now more efficient than ever.”
“Cool, me too! I can organize my brains so much better now with Grand Central Dispatch. So how do you gain efficiency?”
“If I make an error, I fix it straight away.”
“Excellent, PC! Do you have a name for that?”
“Erm… yes…”
*pause*
“So… are you going to tell me?”
“Fault Tolerant…” (muffled utterings)
“Sorry I didn’t catch that last part?”
(PC stares at the ground) “Heap.”
(Mac stares straight at the camera with a bewildered look on his face)
Edited 2009-08-27 11:13 UTC
yes, because a name like “Glorious Fixer of Woes” gets the point across *that* much better ;P
Would you prefer “Hyper-X-Safety.Net”?
I prefer less marketing fluff myself.
I can now understand why some Apple people would buy iShit.
I find this idea to be abhorrent. This is guaranteed to encourage lazy programmers to leave behind bugs. Expect to see major Windows apps with these bugs in them.
The only way I see this feature being useful is if it pops up an annoying dialog box saying blah blah process corrupted its heap, would you like Windows to fix it for you? etc… That would encourage users to complain to developers, and these bugs would get fixed, while at the same time end users wouldn’t end up losing their precious work because the error is now not fatal.
P.S.: Why, oh why, is this on the 2nd page? This is hard core OS news!
They clearly state in the video that FTH will not be activated until the application misbehaves/crashes so I do not see it really helping “lazy” developers IMHO.
This looks like yet another way to reward lazy developers and bad software.
I’m a big fan of features that help protect the system from misbehaving applications (process/memory isolation), but I think there is only way to deal with them, and that’s a forced kill.
Most windows software is already crap, if Windows now does stuff behind the scenes to help applications that tend to crash, they will not be fixed for sure.