From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00, REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4 X-Google-Thread: 103376,7d3cb5920e882220 X-Google-Attributes: gid103376,public,usenet X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news1.google.com!eweka.nl!lightspeed.eweka.nl!195.114.231.69.MISMATCH!feeder.news-service.com!news.germany.com!storethat.news.telefonica.de!telefonica.de!newsfeed.arcor.de!newsspool1.arcor-online.net!news.arcor.de.POSTED!not-for-mail From: "Dmitry A. Kazakov" Subject: Re: Exceptions Newsgroups: comp.lang.ada User-Agent: 40tude_Dialog/2.0.15.1 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Reply-To: mailbox@dmitry-kazakov.de Organization: cbb software GmbH References: <5947aa62-2547-4fbb-bc46-1111b4a0dcc9@x69g2000hsx.googlegroups.com> <475c6ed8$0$13111$9b4e6d93@newsspool2.arcor-online.net> <1kxk3hlfa25dw$.fl2wvbn0tpbg$.dlg@40tude.net> <475d296a$0$27813$4f793bc4@news.tdc.fi> <12mjar2f2t2e6$.o2upq0n29j1f.dlg@40tude.net> <475d99c6$0$3520$4f793bc4@news.tdc.fi> <1x0h6yxp9rhy1.1thonmo9cmwy3$.dlg@40tude.net> <475e8bde$0$27850$4f793bc4@news.tdc.fi> Date: Wed, 12 Dec 2007 12:00:38 +0100 Message-ID: <1sdmhryiq1qvy.1hz5wbfxcwogb.dlg@40tude.net> NNTP-Posting-Date: 12 Dec 2007 11:52:53 CET NNTP-Posting-Host: 88c7e255.newsspool2.arcor-online.net X-Trace: DXC=[k3>R22mJ8Fk:C4l9A;OcOA9EHlD;3YcB4Fo<]lROoRA4nDHegD_]RE`nGUlYgR=kgBSZPYIKTmh0O X-Complaints-To: usenet-abuse@arcor.de Xref: g2news1.google.com comp.lang.ada:18907 Date: 2007-12-12T11:52:53+01:00 List-Id: On Tue, 11 Dec 2007 15:21:57 +0200, Niklas Holsti wrote: > Exception contracts could become a considerable part of the source > code, especially if they would have to include the "always > possible" exceptions like Storage_Error and in the absence of any > SPARK-like analysis to exclude impossible exceptions from the contract. Unluckily, but for backward compatibility an missing contract should be treated as "raises exception'Class," i.e. anything. This is a problem with most of new things recently introduced in Ada, that the defaults are more verbose than their less safe counterparts. For example "abstract", "interface", "overriding". >> A typical scenario: A lazy (let's say busy) programmer designs some set of >> low-level primitives raising some exceptions. Then he starts to write a >> middle layer that reuses those primitives, not necessarily in exactly this >> order, but anyway. The exceptions of the middle layer are different, and of >> course, the lower level exceptions do not propagate out the middle layer. >> At this point he has already forgot most of when and what the lower level >> raises. He remembers the exceptions E3 and E10, but the rest is vanished. >> He decides whether to use "when others" but has no clear idea what to do >> there, so maybe he places something looking more or less appropriate there >> hoping that the debugging phase will shed more light on the issue, or just >> drop it, depending on how much coffee he already had. The rest is obvious. >> Does it sound familiar? > > Not really. I use informal exception contracts (in comments > describing each and every subprogram), I do it as well. > so I have not experienced > that kind of mess. But I have mistakenly omitted a necessary > handler once or twice, generally when the raise-to-handle distance > has been very large (fatal or semi-fatal exception). The problem is that you have to analyse the descriptions of all m subprograms you call in the given scope. Remember also the figure n of the scopes where an exception propagates without handling. That gives us m x n (width x depth) of the search as the number of things to keep in the weary head at once. It is tedious and error prone, especially when the code gets changed. >> Now a contracted exceptions scenario: The programmer contracts a >> middle-layer subprogram as non-propagating anything he does not want to. He >> does not write any handlers, just compiles the code. The compiler complains >> about E1. Aha - he says, where that E1 comes from? This repeats until all >> low-level exceptions are caught, *understood* and handled. > > That would be ideal, and very much in the Ada spirit. But I can see > why it is not an easy addition to Ada. It would be difficult to compiler vendors, because they will have to add exception contracts to all language constructs and library subprograms and then maintain them upon porting the compiler to another target. -- Regards, Dmitry A. Kazakov http://www.dmitry-kazakov.de