From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00,
	REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4
X-Google-Thread: 103376,61e9062c1f23b9d5
X-Google-Attributes: gid103376,public,usenet
X-Google-Language: ENGLISH,ASCII-7-bit
Path: 
 g2news1.google.com!news3.google.com!proxad.net!feeder1-2.proxad.net!news.mixmin.net!news2.arglkargh.de!noris.net!newsfeed.arcor.de!newsspool1.arcor-online.net!news.arcor.de.POSTED!not-for-mail
From: "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de>
Subject: Re: contracted exceptions
Newsgroups: comp.lang.ada
User-Agent: 40tude_Dialog/2.0.15.1
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Reply-To: mailbox@dmitry-kazakov.de
Organization: cbb software GmbH
References: <1181165630.012508.55290@i38g2000prf.googlegroups.com>
 <19fxsxv1god43$.1pqq8vgfu2itn$.dlg@40tude.net>
 <ud507n1rt.fsf_-_@STRIPCAPStelus.net> <wccwsyfa5vf.fsf@shell01.TheWorld.com>
 <f4ae75$jtp$1@jacob-sparre.dk> <gwqsi47pdu2j.89sc0pb9332p$.dlg@40tude.net>
 <uzm3aq130.fsf@STRIPCAPStelus.net> <s2uary9xul2i.bsehe8l9otx3.dlg@40tude.net>
 <usl92wdyj.fsf@STRIPCAPStelus.net>
 <cdcp1ydis4o7$.185z3b5nusall$.dlg@40tude.net> <m2k5ue8dhk.fsf@mac.com>
 <1it2vtizha2fi$.jxnoaxmm9sop$.dlg@40tude.net> <m27iqd8g04.fsf@mac.com>
 <12vqux55uf5rn.1u5enj1mh0ubk$.dlg@40tude.net> <m23b1096w7.fsf@mac.com>
 <kyiyvo7rv97m$.vy3bfrwvqfem$.dlg@40tude.net> <m2y7is6nc5.fsf@mac.com>
 <lmg98mzw0o50.1txm4j8o5ek2s$.dlg@40tude.net>
 <umyz79lhh.fsf@STRIPCAPStelus.net>
 <3lowwfm48x76$.18vzi5t6t4mf9.dlg@40tude.net>
 <u7iqae7zu.fsf@STRIPCAPStelus.net>
Date: Mon, 11 Jun 2007 21:57:51 +0200
Message-ID: <1mwlktxzsffsl$.2gv04v0jjzmn$.dlg@40tude.net>
NNTP-Posting-Date: 11 Jun 2007 21:57:26 CEST
NNTP-Posting-Host: 42d94f23.newsspool4.arcor-online.net
X-Trace: 
 DXC=YW;SFHkIFHQ\9P[:DUn00Q4IUK<Cl32<Q4Fo<]lROoRQ4nDHegD_]RUeKi`79]ob8VDNcfSJ;bb[UIRnRBaCd<M^3l^AEES5^TRj74KI:LJGa_
X-Complaints-To: usenet-abuse@arcor.de
Xref: g2news1.google.com comp.lang.ada:16164
Date: 2007-06-11T21:57:26+02:00
List-Id: <comp.lang.ada>

On Mon, 11 Jun 2007 17:06:19 GMT, Ray Blaak wrote:

> I know the context, starting with "assertions should not cause unplanned
> exceptions", and followed by "use the debugger to stop on such failures".

Bugs. The point is, to treat it as a failure, you have to invest some
efforts in the software infrastructure, to foresee the effect and possible
ways of handing.

> I can see this as a correct theoretical approach, but the problem is that both
> items are not workable in practice.

On the contrary, it has very practical consequences like documenting
exception contracts and designing exceptions in a way that would make
possible reasonable handling. For example, by removing side effects before
raising an exception.

All this does not apply to run-time assertions.

> Continuation is unsafe, but just stopping is not helpful either.

Right. Consider OS design. When an application fails, OS continues, the
application does not. If you want your software be fault-tolerant, design
it in a way, that potentially failing components could be independent
enough to survive each others fault. Never use assertions to check for
faults.

-- 
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de