From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,8893269a4640c798 X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2003-07-26 08:21:12 PST Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!fu-berlin.de!uni-berlin.de!82-43-33-75.cable.ubr01.croy.blueyonder.co.UK!not-for-mail From: "Nick Roberts" Newsgroups: comp.lang.ada Subject: Re: terminate applications Date: Sat, 26 Jul 2003 16:23:08 +0100 Message-ID: References: <3F17DF3C.4080204@noplace.com> <3F196773.2060809@noplace.com> <3F19F86C.9050808@attbi.com> <3F1A772F.9060708@noplace.com> <3F1AD6FB.8080806@attbi.com> <3F1BD666.6040506@noplace.com> <3F1C4DA6.3070405@attbi.com> <3F1D29E8.60107@noplace.com> <3F1D2FDC.1070402@noplace.com> <3F1DC75A.5050300@noplace.com> <87oezm9lar.fsf@inf.enst.fr> <3F1E7E1E.8090302@noplace.com> <3F1FC849.8070202@noplace.com> <3F227F16.2010908@noplace.com> NNTP-Posting-Host: 82-43-33-75.cable.ubr01.croy.blueyonder.co.uk (82.43.33.75) X-Trace: news.uni-berlin.de 1059232871 19978887 82.43.33.75 (16 [25716]) X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 5.50.4807.1700 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 Xref: archiver1.google.com comp.lang.ada:40838 Date: 2003-07-26T16:23:08+01:00 List-Id: "Marin David Condic" wrote in message news:3F227F16.2010908@noplace.com... > The critical point being that if you *don't* give the > programmer the choice, he'll just do an end-run > around you anyway and resent the fact that he has > to go outside the language to get what he wants. I think it might be valuable to add to the standard library a procedure, perhaps: procedure Ada.Unsafe_Terminate_Program; The RM could define the execution of this procedure maybe as follows: ---------- Dynamic Semantics Unsafe_Terminate_Program causes the execution of all the tasks in all the partitions of the program to immediately cease execution. No finalization occurs, and execution within abort-deferred regions will be terminated without any deferral. A call to Unsafe_Terminate_Program never returns. The time or place at which each task ceases is undefined. Implementation Requirements Implementations must document all the potential consequences of the execution of Unsafe_Terminate_Program which are different to those of normal program termination. Implementation Permissions An implementation may omit Unsafe_Terminate_Program if it would be unreasonable (or too dangerous) to provide it. The mechanisms used by an implementation to cause the cessation of execution in tasks other than the calling task (especially those in separate partitions) is undefined, thus the speed at which this cessation is propagated, and whether it may or may not succeed in being propagated to all tasks in a program, is undefined. An implementation may perform some or all finalization, if it would be unreasonable not to. An implementation may allow some or all executions within abort-deferred regions to complete before cessation, if it would be unreasonable to do otherwise. Notes It is intended that Unsafe_Program_Termination not only avoids any finalization or completion of abort-deferred regions in any part of the Ada program itself, but also that it avoids as much of the normal termination actions associated with the execution environment as reasonably possible (e.g. finalizations within a run-time environment). It is recommended that Unsafe_Program_Termination is used only as a last resort, when all other attempts at bringing a program to completion have failed. It is recommended that Unsafe_Program_Termination is not used in deliverable software unless its use is considered unavoidable. It is strongly recommended that whenever a program which could possibly execute Unsafe_Program_Termination is deployed in a different execution environment, or a change is made to that environment, a thorough check is made as to the worst possible consequences of its execution. ---------- I think this suggestion makes it clear that: the semantics of such a procedure would be difficult to define, and impossible to enforce or test; it truly could be really dangerous in some environments. You might consider all the above a bit too much to add to the RM to be worth it. -- Nick Roberts Jabber: debater@charente.de [ICQ: 159718630]