From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,ac9405996d0dcb7f X-Google-Attributes: gid103376,public X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!postnews.google.com!not-for-mail From: snarflemike@yahoo.com (Mike Silva) Newsgroups: comp.lang.ada Subject: Re: Would You Fly an Airplane with a Linux-Based Control System? Date: 30 Nov 2004 07:20:01 -0800 Organization: http://groups.google.com Message-ID: <20619edc.0411300720.13fa9d7b@posting.google.com> References: NNTP-Posting-Host: 67.8.58.78 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Trace: posting.google.com 1101828002 17812 127.0.0.1 (30 Nov 2004 15:20:02 GMT) X-Complaints-To: groups-abuse@google.com NNTP-Posting-Date: Tue, 30 Nov 2004 15:20:02 +0000 (UTC) Xref: g2news1.google.com comp.lang.ada:6668 Date: 2004-11-30T07:20:01-08:00 List-Id: "Alexander E. Kopilovich" wrote in message news:... > Preben Randhol wrote: > > > > ... hardware-generated exception ... > > > > I'm confused. Didn't they turn off all exceptions checks? > > They turned off software exception checks - because that brought much needed > gain in speed. But masking FPU exceptions would be unreasonable (if possible > at all for the particular processor architecture) - it will not speed up FPU > operations. At least equally important is that they determined, through analysis, that data for the variable in question that exceeded the range of a 16-bit integer could only be due to a hardware problem, and that the code should act accordingly (switch to backup hardware). They had "protected" other similar conversions but determined that this conversion should be left unprotected (capable of generating an out-of-range exception). To quote from the report: "The reason for the three remaining variables, including the one denoting horizontal bias, being unprotected was that further reasoning indicated that they were either physically limited or that there was a large margin of safety, a reasoning which in the case of the variable BH turned out to be faulty. It is important to note that the decision to protect certain variables but not others was taken jointly by project partners at several contractual levels." Thus if one of these variable conversions produced an out-of-range result it was considered to indicate a hardware failure, and that the designated action for hardware failure was appropriate.