Introduction to Computers and Programming Prof. I. K. Lundqvist Lecture 12 April 14 2004 2 The goal of an engineer is to retire without having caused any major catastrophe -Dilbert3 Today 4 • – Internet – computers running versions of Berkeley UNIX, and used their resources to attack still more computers. – across the U.S., infecting thousands of computers and making many of them unusable due to the burden of its activity. – Cause: undetected buffer overflow in C routine gets() • Program robustness • Exception handling November 2, 1988 Internet Worm A self-replicating program was released upon the This program (a worm) invaded VAX and Sun Within the space of hours this program had spread5 • several patients – Cause: poor testing of the software • st – Cause• communicating with NASA – Cause: Approach orbit angle was incorrect because of inconsistency between units of measurement 7 Errors – – Exceptions 1986: Therac 25 radiation machine kills June 4, 1996: 1 flight of Ariane 5 aborted: Ariane 5 destroyed : Code from Ariane 4 guidance system was reused in Ariane 5 but not tested. September 23 1999: Mars Orbiter stops • No programmer is perfect – The good ones handle errors gracefully • Errors –Compile time –Link-time • Run-time errors – Program errors User errors8 User Errors outside legal bounds gracefully 9 Exceptions recovery may be possible system handlers conditional checks • User provides invalid input – types in name of file that does not exist – provides program argument with value • Detect using “if” checks in program – Program should print message and recover – Possibly ask user for new input • Rare errors “exceptional” from which – User hits interrupt key –Arithmetic overflow • Detected by hardware or operating – Program can handle them using exception – Not usually possible/practical to detect with10 Robustness without either 11 Finding Errors • Your program should never terminate – Completing successfully – Sending a meaningful error message • Approaches to achieve Robustness –Debug – Defensive programming • Conditional checks • Assertions – Exception handling • Try to “break” the program –What can go wrong? – What happens if it does? – Sometimes nothing needs to be done. – If that is a problem, how can we detect it? – What can we do about it? • Tell the user • Die gracefully • Recover reasonably12 Ada’s Classification of Errors 1.1.5 required to be detected prior to run time by every Ada implementation required to be detected at run time by the execution of an Ada program 13 exception represents a kind of exceptional situation time) is called: raise an exception is to abandon normal program execution the arising of an exception is called handling the exception 1. Errors that are 2. Errors that are 3. Bounded errors 4. Erroneous execution Exceptions – Ada Perspective •An – An occurrence of such a situation (at run exception occurrence •To • Performing some actions in response to);14 Example with Ada.Text_Io, Ada.Integer_Text_Io;use Ada.Text_Io, Ada.Integer_Text_Io; procedure Main is subtype Numrange is Integer range 1..10;Num : Numrange; begin --main Put ("please enter an integer from 1 to 10: "Get(Num); Skip_Line; end; 15 Exception Declaration exception_declaration declares a name for an exception – Overflow, Underflow : exception;Error : exception; – Constraint_Error, Program_Error,Storage_Error, and Tasking_Error •An • User-defined exceptions: • Predefined language exceptions:1716 Exception Handlers is specified by an exception_handler subprogram specificationdeclarations beginstatements exceptionone or more exception handlersend; Exception Handling – for that exception – terminates – never returns to point where exception occurred – passed back to its caller • main reached with no handler (program crashes) • subprogram specificationdeclarations beginstatements exceptionone or more exception handlersend; • The response to one or more exceptions •Operation: When exception occurs, control jumps to the handler When handler statements finish, subprogram Control If no handler, subprogram terminates and exception is Keep doing this until Or suitable handler found18 Examplewith Ada.Text_IO; use Ada.Text_IO; procedure Open_File is Filename : String (1 .. 30);Namelen : Natural;The_File : File_Type; begin Put (“What file do you want to read? ");Get_Line (Filename, Namelen);Open (File => The_File,Name => Filename (1 .. Namelen),Mode => In_File); exceptionwhen Status_Error => Put_Line ("The file is already open");when Name_Error => Put_Line ("There is no file with that name");when Use_Error => Put_Line ("The file cannot be read");when others => Put_Line ("Unexpected error on opening file");end Open_File; 19 Raise Statements – raise exception_name; – raise; --re-raise the current exception -- ... • A raise_statement raises an exception20 Block statement point in an Ada program. – declare declarations beginnormal sequence of statementsexceptionexception handlersend; 21 Declare block for local variables procedure main isx,y : integer;beginstatements; declare temp : integer;begintemp := x;x := y;y := temp;end; more statements end; The local declarations are only known inside the block statement. • You can define your own block at any • Its structure is similar to a subprogram: -- time to swap two variables22 Exception in block statements statement is to handling (especially in a loop). appropriate exception handler 23 Example program--Safe I/Owith Ada.Text_Io; use Ada.Text_Io; procedure Ex2 is type Days is (Mon, Tue, Wed, Thu, Fri, Sat, Sun);package Day_Io is new Enumeration_Io (Days); use Day_Io; Local_Day : Days; --entered by userGood_Day : Boolean := False; --loop control begin while not Good_Day loopbeginPut ("Enter a day name (first 3 letters) : ");Get (Local_Day); Good_Day := True;exceptionwhen Data_Error => Put ("Must be first 3 letters of a day name");New_Line; Skip_Line;end;end loop;Skip_Line;end Ex2; Block • The other reason for defining a block enable local exception •Operation: – when an exception occurs: • execution transfers straight to its exception handler • appropriate exception handler is executed • execution of the whole block statement terminates • execution continues with statement after the block – if no local exception handler: • block terminates immediately •
View Full Document