From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,8893269a4640c798 X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2003-07-28 01:37:16 PST Path: archiver1.google.com!news1.google.com!sn-xit-03!sn-xit-02!sn-xit-06!sn-xit-09!supernews.com!news.maxwell.syr.edu!fu-berlin.de!uni-berlin.de!tar-alcarin.cbb-automation.DE!not-for-mail From: Dmitry A. Kazakov Newsgroups: comp.lang.ada Subject: Re: terminate applications Date: Mon, 28 Jul 2003 10:17:59 +0200 Message-ID: References: <3F1D2FDC.1070402@noplace.com> <3F1DC75A.5050300@noplace.com> <87oezm9lar.fsf@inf.enst.fr> <3F1E7E1E.8090302@noplace.com> NNTP-Posting-Host: tar-alcarin.cbb-automation.de (212.79.194.111) Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Trace: news.uni-berlin.de 1059380005 20918732 212.79.194.111 (16 [77047]) X-Newsreader: Forte Agent 1.8/32.548 Xref: archiver1.google.com comp.lang.ada:40893 Date: 2003-07-28T10:17:59+02:00 List-Id: On Fri, 25 Jul 2003 22:58:53 -0400, "Warren W. Gay VE3WWG" wrote: >"Dmitry A. Kazakov" wrote in message news:bluvhvsr5kagtd9ksjdlpasf2iamcgu67v@4ax.com... >> On Thu, 24 Jul 2003 10:54:51 -0400, "Warren W. Gay VE3WWG" >> wrote: >> >> Now, how this can support any need to incorporate that buggy API into >> the standard? > >You are labelling it a "buggy API". I see this as a legitamate >function. For example, if an some internal assertion fails, it may >be highly desireable to have the whole application be "canned" >immediately, without a shutdown (which might inflict further damage). > >The problem as I see it, is that there is a very strong tension between >the embedded/rocket/life-threatening developers and those that write >much more mundane applications. I feel this same tension is rearing >its head here. If Ada is to gain wider exceptance, you need to take >those blinkers off. ;-) What I am doing right now, is reviewing design of a C++ Windows application which hangs upon exit! (:-)) The reason was unknown, so a clever decision was made - just to wait a bit on application exit and then if it is still active to kill it. A fine design? (:-)) Not at all! Because it has 10+ DLLs and opens 20+ devices of various types. So after a suicide, things are going strange, very strange. Do you really want to legitimize such things in Ada? >The embedded people don't want it because they don't want it used (to >that I say fine, don't use it!) Ravenscar avoids a large portion >of Ada features that it considers "unsafe". What harm can one more >"feature" bring if it is correctly documented? Nobody reads documentation. (:-)) However, the place where a feature appears is already a sort of documentation. When it appears in ARM body, then it is safe. In ARM annex it could be a little less safe. In the package Crappy.Windows.API it is, you'll get, what you asked for! (:-)) >To use an analogy you want to ban emergency brakes because they're >weak, and almost useless. Yet every car in North America must have >one. I think having the choice of an emergency brake makes sense. >No one is suggesting that you should use it, or that it be recommended. >It merely should exist to offer a choice for those practical >situations where it might be useful and valid. No disagreement. But what I want, is to keep a sort of "sandbox" design. Features of different safety levels should be put in different boxes. From this point of view, an unconditional termination just does not belong to the box of Ada standard. But it still may have a place in OS-specific bindings. --- Regards, Dmitry Kazakov www.dmitry-kazakov.de