From: Rod Chapman <rod@praxis-cs.co.uk>
Subject: Re: Renaming Fixed Point Mutiplicative operator in Ada 95
Date: 1998/05/22
Date: 1998-05-22T00:00:00+00:00 [thread overview]
Message-ID: <356536FD.87A2B0A@praxis-cs.co.uk> (raw)
In-Reply-To: dewar.895785693@merv
Robert Dewar wrote:
> Incidentally, in a critical system, I would jolly well hope that EITHER
>
> a) you prove that division by zero cannot happen
>
We've done that (for all exceptions) for several non-trivial SPARK programs.
It's actually a useful exercise too!
Most programs we think are exception-free aren't when we attempt the proofs,
and so
in doing so we learn alot about the program (and Ada semantics :-) ) in
addition to
improving the program itself.
Having done so, we can then _justifiably_ turn off run-time checks in the
generated code, which
gives me a nice warm feeling...
- Rod Chapman
Praxis Critical Systems
next prev parent reply other threads:[~1998-05-22 0:00 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
1998-05-19 0:00 Renaming Fixed Point Mutiplicative operator in Ada 95 Stuart Hutchesson
1998-05-19 0:00 ` Matthew Heaney
1998-05-20 0:00 ` Robert Dewar
[not found] ` <matthew_heaney-ya023680002005981908570001@news.ni.net>
[not found] ` <01bd84c3$47215d60$440029a1@m00rq900>
1998-05-21 0:00 ` Matthew Heaney
1998-05-21 0:00 ` Robert Dewar
1998-05-21 0:00 ` Robert Dewar
1998-05-21 0:00 ` Simon Pilgrim
1998-05-21 0:00 ` Matthew Heaney
1998-05-22 0:00 ` Robert I. Eachus
1998-05-22 0:00 ` Rod Chapman [this message]
1998-05-22 0:00 ` John McCabe
1998-05-22 0:00 ` Stuart Hutchesson
1998-05-22 0:00 ` Matthew Heaney
1998-05-23 0:00 ` Robert Dewar
1998-05-21 0:00 ` Robert Dewar
1998-05-22 0:00 ` Robert I. Eachus
1998-05-23 0:00 ` Robert Dewar
1998-05-21 0:00 ` John McCabe
1998-05-21 0:00 ` Robert Dewar
1998-05-21 0:00 ` Matthew Heaney
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox