From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID
	autolearn=no autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,a3ca574fc2007430
X-Google-Attributes: gid103376,public
From: Ken Garlington <GarlingtonKE@lmtas.lmco.com>
Subject: Re: Ada and Automotive Industry
Date: 1996/12/18
Message-ID: <32B8AF89.CA@lmtas.lmco.com>#1/1
X-Deja-AN: 204833900
references: <mazzanti-0512961053010001@131.114.200.115> <dewar.850626633@merv>
 <E2L8Ap.HCs@world.std.com> <dewar.850929677@merv> <E2MvrB.Ip7@world.std.com>
content-type: text/plain; charset=us-ascii
organization: Lockheed Martin Tactical Aircraft Systems
mime-version: 1.0
newsgroups: comp.lang.ada
x-mailer: Mozilla 3.01 (Win95; U)
Date: 1996-12-18T00:00:00+00:00
List-Id: <comp.lang.ada>


Robert A Duff wrote:
> 
> OK, I'll buy that.  How about the following rule of thumb: It's OK to
> raise C_E explicitly if the purpose is to indicate a bug in the program?

Actually, I like to raise Program_Error when this happens. Its' roughly
equivalent to the "WTF?" message we used to generate in our FORTRAN
tools
when we reached a condition in the program that "shouldn't happen."

> That is, if the exception occurs, you want the program to stop running,
> not do any more damage, and go into the debugger and figure out what
> went wrong (or use a stack traceback or whatever).  On the other hand,
> if you want callers to *handle* the exception, and recover from it, you
> ought to define your own exception name.
> 
> My reasoning is that handlers for C_E are questionable -- you probably
> don't know for sure whether you got there from a range check, or your
> explicit raise, so you have to worry about 11.6 issues.  It's possible,
> but extremely tricky, to write correct exception handlers for C_E, given
> 11.6.  I suspect that few programmers understand 11.6 -- they just use a
> simplified rule, which says "Don't handle C_E".  That's good -- it's
> much simpler than the real 11.6 rules, and works fine in the vast
> majority of cases.
> 
> (By the way, when I say "handle" here, I mean a handler that really
> handles the situation -- not one that does clean-up-then-re-raise.)
> 
> So, in your divide-by-zero example, it seems fine to raise C_E, if you
> believe that exception will always kill the program, if it happens.
> 
> - Bob

--
LMTAS - The Fighter Enterprise - "Our Brand Means Quality"
For job listings, other info: http://www.lmtas.com or
http://www.lmco.com