From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=BAYES_00,INVALID_DATE, MSGID_SHORT autolearn=no autolearn_force=no version=3.4.4 Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/18/84; site rtp47.UUCP Path: utzoo!watmath!clyde!bonnie!akgua!mcnc!rti-sel!rtp47!throopw From: throopw@rtp47.UUCP (Wayne Throop) Newsgroups: net.arch,net.lang.ada Subject: Re: What I miss... (really C, Ada, religion) Message-ID: <210@rtp47.UUCP> Date: Wed, 9-Oct-85 14:56:05 EDT Article-I.D.: rtp47.210 Posted: Wed Oct 9 14:56:05 1985 Date-Received: Sat, 12-Oct-85 19:23:23 EDT References: <796@kuling.UUCP> <2580002@csd2.UUCP> <191@graffiti.UUCP> <568@unisoft.UUCP> <1777@orca.UUCP> <272@graffiti.UUCP> Organization: Data General, RTP, NC Xref: watmath net.arch:1896 net.lang.ada:390 List-Id: > I'd like to re-ask my question. What do you do in a finished product in a > high-risk environment when an unanticipated bug (anticipated errors will have > been dealt with in both languages if the programmer is worth his pay) occurs? I don't have an answer (and I suspect there aren't any unique answers), but I'd like to point out that this doesn't seem to be either an architectural issue, nor a language issue. In any language, on any architecture, irrecoverable errors will occur (that is, fundamental assertions about the state of the world that are necessary to allow the program to proceed will be violated). When this happens, the acceptable response will vary according to the situation. If a critical subroutine traps, the process might attempt to recover (perhaps re-executing the subroutine after some fixup action). If a critical process "core dumps", the system might attempt to recover (perhaps by restarting the process at some checkpoint or other). If a critical process can't be restarted, the system might try to recover by rebooting. And so on and on. But when push comes to shove, there will be some cases that just can't be handled. So, my fuzzy answer to "What do you do in a finished product in a high-risk environment when an unanticipated bug occurs?" is "The best you can". -- Wayne Throop at Data General, RTP, NC !mcnc!rti-sel!rtp47!throopw