From: Georg Bauhaus <rm.tsoh+bauhaus@maps.futureapps.de>
Subject: Re: ada compiler?
Date: Wed, 14 Nov 2007 17:03:58 +0100
Date: 2007-11-14T17:02:53+01:00 [thread overview]
Message-ID: <1195056238.1007.317.camel@kartoffel> (raw)
In-Reply-To: <1195052954.315227.220840@o3g2000hsb.googlegroups.com>
On Wed, 2007-11-14 at 07:09 -0800, Ludovic Brenta wrote:
> But if the stack is exhausted or nearly so (perhaps because the last
> in a long series of recursive calls raises Storage_Error), chances are
> high that the exception handler itself will overflow the stack (e.g.
> passing your string "Hey! You!" to a procedure might itself cause a
> stack overflow). This, in my view, greatly reduces the benefit of the
> exception. Also, what if raising the exception requires some stack
> space? Maybe I should have said that explicitly.
No, these are matters of course, and they are mentioned in the RM.
However, I prefer being given a chance to run some emergency code,
even knowing that I cannot in general rely on anything
in the presence of Storage_Error (or exceptions with -O, for that
matter). Perhaps I should mention that the programs that I have
in mind are more mundane than hard real-time control programs.
Thus I can afford more optimistic attempts at recovery,
using exception handling rather than invoking, well, something
outside the program.
I think it is better to try something in case of a detected
error than
- have service personnel (if any) say F,
- pick up the next phone (if any) or micro (if functional),
- call the other end (if someone is there and has a phone/ear~s),
- ...
I could also try to have the operating system (if any; well, we
have Debian in this case) react to the SEGV (if possible)
and trigger something else (if possible; load might be high
already, though, persistance is futile ...) But, ... I can do that,
too, if the program exits "more normally" as a consequence of
an exception.
Right now I don't remember exactly what happens to files
still open when a Linux Ada executable is brought
to a halt by a segmentation violation. Is it better to exit
"more normally"?
And what is more, the program shown is only trying
to allocate a larger chunk of memory. What should stop
programmers from at least trying to allocate larger objects in
a (more or less) controlled fashion?
A related example:
declare
Long_String: String_Access;
begin
Long_String := new String'(Lots);
exception
when Storage_Error =>
-- trouble ahead? But anyway, we may be
-- able to try something else, again.
-- Maybe decrease Lots.
...
end;
I also remember (vaguely) that in those days (Turbo Pascal?) we were
asked to do something similar, make sure that handlers (of interrupts?)
would not need more storage than was allocated before the program
would start. As the previous program has shown, there is no guarantee
that a simple exception handler must fail in the presence of
Storage_Error. There are programs where optimism is a necessary
attitude.
next prev parent reply other threads:[~2007-11-14 16:03 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-11-09 22:25 ada compiler? Bill Cunningham
2007-11-09 22:39 ` anon
2007-11-09 22:59 ` Bill Cunningham
2007-11-09 23:28 ` anon
2007-11-09 23:50 ` Jeffrey R. Carter
2007-11-10 0:32 ` anon
2007-11-10 4:15 ` Jeffrey Creem
2007-11-10 5:08 ` tmoran
2007-11-10 6:12 ` anon
2007-11-10 8:35 ` tmoran
2007-11-10 20:20 ` anon
2007-11-10 22:15 ` Jeffrey Creem
2007-11-11 1:01 ` anon
2007-11-11 1:14 ` (see below)
2007-11-11 2:21 ` Georg Bauhaus
2007-11-11 4:08 ` Jeffrey R. Carter
2007-11-13 13:24 ` Ludovic Brenta
2007-11-14 7:00 ` Jacob Sparre Andersen
2007-11-14 9:15 ` Georg Bauhaus
2007-11-14 10:26 ` Ludovic Brenta
2007-11-14 12:25 ` Georg Bauhaus
2007-11-14 15:09 ` Ludovic Brenta
2007-11-14 16:03 ` Georg Bauhaus [this message]
2007-11-14 16:36 ` Ludovic Brenta
2007-11-14 17:39 ` Georg Bauhaus
2007-11-14 20:40 ` Ludovic Brenta
2007-11-15 9:59 ` Georg Bauhaus
2007-11-14 17:52 ` Georg Bauhaus
2007-11-16 1:07 ` Samuel Tardieu
2007-11-16 1:58 ` tmoran
2007-11-16 9:41 ` Stack checking in GNAT (was: ada compiler?) Ludovic Brenta
2007-11-16 10:56 ` Stack checking in GNAT Samuel Tardieu
2007-11-16 13:04 ` Ludovic Brenta
2007-11-17 7:24 ` anon
2007-11-29 0:32 ` Robert A Duff
2007-11-17 1:37 ` ada compiler? Randy Brukardt
2007-11-17 1:18 ` Randy Brukardt
2007-11-29 0:41 ` Robert A Duff
2007-11-14 21:31 ` Niklas Holsti
2007-11-17 1:50 ` Randy Brukardt
2007-11-14 18:33 ` anon
2007-11-12 5:13 ` anon
2007-11-11 14:15 ` Jeffrey Creem
2007-11-13 7:11 ` Martin Krischik
2007-11-13 8:47 ` anon
2007-11-13 9:34 ` to gnat make or not to gnat make (Was: ada compiler?) Martin Krischik
2007-11-13 22:46 ` anon
2007-11-13 23:14 ` to gnat make or not to gnat make Simon Wright
2007-11-14 9:21 ` to gnat make or not to gnat make (Was: ada compiler?) Georg Bauhaus
2007-11-13 22:41 ` ada compiler? Simon Wright
2007-11-17 2:07 ` Randy Brukardt
2007-11-17 7:51 ` anon
2007-11-17 9:00 ` Pascal Obry
2007-11-17 12:24 ` Ludovic Brenta
2007-11-19 21:35 ` Randy Brukardt
2007-11-10 15:03 ` (see below)
2007-11-12 16:38 ` Adam Beneschan
2007-11-13 3:16 ` John W. Kennedy
2007-11-13 16:46 ` Adam Beneschan
2007-11-10 3:07 ` Georg Bauhaus
2007-11-13 0:20 ` adaworks
2007-11-13 22:27 ` Simon Wright
2007-11-14 17:32 ` Britt Snodgrass
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox