From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,e6a2e4a4c0d7d8a6 X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2003-02-21 09:40:28 PST Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!syros.belnet.be!news.belnet.be!news.tele.dk!news.tele.dk!small.news.tele.dk!uninett.no!ntnu.no!not-for-mail From: Preben Randhol Newsgroups: comp.lang.ada Subject: Re: status of PL/I as a viable language Date: Fri, 21 Feb 2003 17:40:27 +0000 (UTC) Organization: Norwegian university of science and technology Message-ID: References: <3E51908E.9CCA3412@adaworks.com> <8Gh4a.7455$_c6.743959@newsread2.prod.itd.earthlink.net> <3E51ABCE.5491B9A2@adaworks.com> <3E5273DE.2050206@cox.net> <3E531E6F.BDFB2599@adaworks.com> <3E546C45.4010406@cox.net> <3E54F926.441D5BB5@adaworks.com> <1045763933.848350@master.nyc.kbcfp.com> <42EA55F4BE83950E.F1DA277C2FDC157B.C804C1C52FE95D65@lp.airnews.net> <1045769690.126389@master.nyc.kbcfp.com> <2lb33b.7d6.ln@jellix.jlfencey.com> <1045772065.590669@master.nyc.kbcfp.com> <1045839283.86671@master.nyc.kbcfp.com> <1045845919.135559@master.nyc.kbcfp.com> NNTP-Posting-Host: kiuk0152.chembio.ntnu.no X-Trace: tyfon.itea.ntnu.no 1045849227 14015 129.241.83.78 (21 Feb 2003 17:40:27 GMT) X-Complaints-To: usenet@itea.ntnu.no NNTP-Posting-Date: Fri, 21 Feb 2003 17:40:27 +0000 (UTC) User-Agent: slrn/0.9.7.4 (Linux) Xref: archiver1.google.com comp.lang.ada:34352 Date: 2003-02-21T17:40:27+00:00 List-Id: Hyman Rosen wrote: > > My point was that checks should be disabled when it is > important for programs to continue operation. Security > situations are just the opposite. In that case, you want > to abort at any sign of error, perhaps even with timeouts > to kill things which run too long, because any such issue > can be a sign of attack. Yes, but in the case you want to have a program running continously it won't help if there are errors in the program which makes the program behave in strange ways. Say a nuclear powerplant. You don't want an untreated integer overflow to cause the rods to be pulled up causing a new nuclear meltdown. You want that the program to catch this error and go into a backup/safe-mode program IMHO. In my simple program I have an outer exception handling. If an exception is caught here the program will try to save the data in an EMERGENCY file before it quits. It will also give the user a notice of the error of course. When the program starts it always checks if there is an EMERGENCY file which if it exists will be loaded and the user will be told that the data is restored and ought to be checked. This works. Another example, when I'm running my experiments (chemistry) in the lab, I'm logging the data from an electrode onto a computer. The logging software worked fine except that I sometimes found that the log had stopped at some random place in the experiment. These experiments can be 10 or more hours and I'm not there during this time. After some checking I found out that what made the program crash was that the some strange feed came from the logger causing the logging program to crash. I changed the program so that in case it got this feed it should simply write -1000 (as this is not a value I would get from my electrode and thus I can remove it later from the log) and then I got the program to continue. I can see in my logs that in some experiments I get this strange error, but after 3 years I still have no idea what causes it, and it is not important as it doesn't influence my experiment now that the logging is working. Note this was not written in Ada, but some language of the logger. So my point is that I don't think that one are more safe turning off all checks in the distributed code. You newer know the side-effects that this will have. It is better to make an outer safty net which can catch the any error and deal with it and notify the user. -- Preben Randhol ---------------- http://www.pvv.org/~randhol/ -- "Violence is the last refuge of the incompetent", Isaac Asimov