From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: * X-Spam-Status: No, score=1.1 required=5.0 tests=BAYES_20,INVALID_DATE, MSGID_SHORT autolearn=no autolearn_force=no version=3.4.4 Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/18/84; site peora.UUCP Path: utzoo!linus!decvax!bellcore!petrus!sabre!zeta!epsilon!gamma!ulysses!mhuxr!mhuxt!houxm!vax135!petsd!peora!jer From: jer@peora.UUCP (J. Eric Roskos) Newsgroups: net.arch,net.lang.ada Subject: Re: What I miss... (really C, Ada, religion) Message-ID: <1701@peora.UUCP> Date: Mon, 7-Oct-85 17:04:24 EDT Article-I.D.: peora.1701 Posted: Mon Oct 7 17:04:24 1985 Date-Received: Thu, 10-Oct-85 06:50:32 EDT References: <796@kuling.UUCP> <2580002@csd2.UUCP> <191@graffiti.UUCP> <568@unisoft.UUCP> <1777@orca.UUCP> <272@graffiti.UUCP> Organization: Perkin-Elmer SDC, Orlando, Fl. Xref: linus net.arch:1677 net.lang.ada:378 List-Id: > I'd like to re-ask my question. What do you do in a finished product in a > high-risk environment when an unanticipated bug (anticipated errors will > have been dealt with in both languages if the programmer is worth his pay) > occurs? Then, I'd like to re-answer it. The idea here is that you want to try to design your product in such a way that if errors occur, you will recover from them. Here there's sort of a problem with the term "unanticipated errors". For example, suppose you have some flight-control system for a missile, and an "unanticipated error" occurs, so the missile goes off course. Well, you would like, then, to have some other system monitoring the trajectory of the missile, that says, "the missile is off course... I'll just disarm the warhead, here", or maybe starts up a redundant guidance system, or something like that. The problem is that if you do this right, there shouldn't BE any unantic- ipated errors; an unanticipated error would be something like if the laws of physics quit working. How well you design your system determines how well you accomplish this; but the various forms of exception handling, etc. that we have been discussing are supposed to make this easier by allowing your program both to discover certain types of errors, and to remain in control when these errors occur (rather than producing some error message and halting, as some people have suggested). As you said, in "both languages" (I don't remember what the other one was) such a problem can be handled; the newer approaches (exception handlers and the like) just try to make this easier, to make it less likely that the programmer will do it wrong. -- Shyy-Anzr: J. Eric Roskos UUCP: Ofc: ..!{decvax,ucbvax,ihnp4}!vax135!petsd!peora!jer Home: ..!{decvax,ucbvax,ihnp4}!vax135!petsd!peora!jerpc!jer US Mail: MS 795; Perkin-Elmer SDC; 2486 Sand Lake Road, Orlando, FL 32809-7642