On Saturday, 3 June 2017 at 09:48:05 UTC, Timon Gehr wrote:
On 03.06.2017 08:55, Paolo Invernizzi wrote:
On Friday, 2 June 2017 at 23:23:45 UTC, nohbdy wrote:
It's exacerbated because Walter is in a mindset of writing
mission-critical applications where any detectable bug means
you need to restart the program. Honestly, if I were writing
flight control systems for Airbus, I could modify druntime to
raise SIGABRT or call exit(3) when you try to throw an Error.
It would be easy, and it would be worthwhile. If you really
need cleanup, atexit(3) is available.
The worst thing happened in programming in the last 30 years
is just that less and less programmers are adopting Walter
mindset...
I'm really really puzzled by why this topic pops up so often...
/Paolo
I don't get why you would /restart/ mission-critical software
that has been shown to be buggy. What you need to do instead:
Have a few more development teams that create independent
implementations of your service. (Completely from scratch, as
the available libraries were not developed to the necessary
standard.) All of them should run on different hardware
produced in different factories by different companies.
Furthermore, you need to hire a team of testers and software
verification experts vastly exceeding the team of developers in
magnitude, etc.
That's what should be done in mission-critical software, and we
are relaxing the constraint of mission critical, it seems [1]
The point is software, somehow, has to be run, with bugs, or
sometimes logic flaws: alas bugged software is running here [2]...
So, if you have to, you should restart
'not-so-critical-software', and you should code it as it should
be restarted from time to time.
It's an opinion, when it's the better moment to just restart it,
and a judgement between risks and opportunities.
My personal opinion, it should be stopped ASAP a bug is detected.
/Paolo
[1]
http://exploration.esa.int/mars/59176-exomars-2016-schiaparelli-anomaly-inquiry
[2]
https://motherboard.vice.com/en_us/article/the-f-35s-software-is-so-buggy-it-might-ground-the-whole-fleet
