tepples wrote:
How does one implement fatal_error() without destroying the document (such as a tile sheet, a map, a music sequence, etc.) that the user is working on?
Well, I was thinking more of a batch-style tool, the simplest case. The idea is to see how to handle fclose() failure in the simplest case, then scale up once that's understood. With a batch tool, the user wants to either know that it completed successfully, or know that something failed and possibly produced a corrupt output file, so he knows not to proceed. This is basically my fundamental basic correct program behavior model. Do not hide error conditions from the user. Don't silently do nothing if there's an error, unless the operation really was one that had no failure state.
For a GUI-based program, you should use an atomic replace. At least on Apple's platforms, there is a call that atomically swaps two files' contents. So when saving a document, you create a temporary file, save to it, then swap its contents with the old file.