[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Everyone contributed to the following key point:
Standard POISON distribution can easily be implemented, either by
a clever tool, or via exception handling, or via ifs.
However, all deviations (termination sequences) from the standard
distribution behavior are difficult to implement.
I think this is an INTRINSICALLY difficult problem because the "best"
fault-recovery behavior depends strongly on the current state of the
system, and the fault that occured. It often varies significantly
in case of only marginally different states.
I agree with John that, in principle, Occam already contains the
essential facilities to implement poison: the if statement. However,
to a void a clog up of the code for the most common solution (e.g.,
poison distribution), an exception-like mechanism would be useful.
In my opinion, readable and understandable code is vital for
the "correctness" and "maintainability" of software in most real-life
situations. Only readable and understandable programs can be proven
to be correct. Ununderstandable programs can easily be proven to be
incorrect. A mathematical proof only guarantees the correctness. It
typically is not the method to obtain the correct piece of software in
the first place.
In Java, an exception handling mechanism is present. I agree with Peter's
suggestion that this mechanism should be used to extend the Java based CSP
implementation with a termination mechanism. I think it is a very practical
and useful extension to the library: termination while maintaining readability.
In both Occam and Java, the mechanism should be presented in such a way that
mis-use of the exception mechanism for non-exceptional situations is
avoided. Maybe, just by calling it "Termination handling" instead of
"Exception handling" makes programmers get the point: as a programmer,
you are coding exceptions all day long; only once in a while you have to
focus on termination, which is pretty boring...