dmd foreach loops throw exceptions on invalid UTF sequences, use replacementDchar instead
Abdulhaq
alynch4047 at gmail.com
Sun Nov 7 08:31:35 UTC 2021
On Friday, 5 November 2021 at 10:09:40 UTC, norm wrote:
>
> It isn't always that simple, e.g. working on medical devices
> crashing isn't an option when it comes to how we're going to
> deal with bad data.
Mm, I have a totally different take on this. In my view all
incoming data should be sanitised on entry into the application,
this takes place at what I think of as leaf nodes in the
application. This sanitisation includes conversion of all
measurements into standard units, checking validity of strings
etc.
Once data has entered the main application then the application
should **fail fast**. This is **especially important** for
medical devices. This allows the developers of the application to
see, early in development, problems with their code and the logic
thereof.
Signs of developers ignoring the fail fast principle include a
disease I've identified where ```if (x is null)``` is seen to
start proliferating through the code. This happens when you are
calling a function that you did not write and one day you find it
has returned null, you don't know why. So you add an ```if (null)
return null``` to your code and carry on. This allows the program
to stagger on in the face of being in a state that is not
understood by the developer.
If I am on a ventilator and the program enters a state that the
programmer did not anticipate, then life can start to get very
uncomfortable for me. I would far prefer that it stopped, coughed
up an error code, and the medical staff can unplug it and
(quickly, I hope) replace it with another one. If there is
actually a scenario where staggering on is considered better,
then at the very least it should be under instruction from the
programmer. The idea of the language runtime silently modifying
application data is somewhat frightening for me in this scenario.
More information about the Digitalmars-d
mailing list