DIP33: A standard exception hierarchy

Ali Çehreli acehreli at yahoo.com
Mon Apr 1 15:46:49 PDT 2013


On 04/01/2013 02:01 PM, Dmitry Olshansky wrote:> 02-Apr-2013 00:34, Ali 
Çehreli пишет:

 >> The failed assertion may be the moment when the program detects that
 >> something is wrong. A safe program should stop doing anything else.
 >
 > And that's precisely the interesting moment. It should stop but the
 > definition of "stop" really depends on many factors. Just pretending
 > that calling abort is a panacea is totally wrong IMO.
 >
 > BTW what do you exactly mean by "safe" program?

I meant a program that wants to produce correct results. I was indeed 
thinking about Therac-25 that Simen Kjærås mentioned. I agree that there 
must be hardware fail-safe switches as well but they could not protect 
people from every kind of software failure in that example.

Having said that, I can see the counter argument as well: We are in an 
inconsistent state, so trying to do something about it could be better 
than not running a cleanup code. But I also remember that an AssertError 
may be thrown by an assert() call, telling us that a programmer put it 
in there explicitly, meaning that the program cannot continue. If there 
was any chance of recovery, then the programmer could have thrown an 
Exception or remedy the situation right then.

Ali



More information about the Digitalmars-d mailing list