Re: Lack of Mature Tools (was: Lockheed Martin, Green Hills, etc.)

["Robert I. Eachus" <rieachus@earthlink.net>]

Chris Morgan wrote:
 
> Yeah, but simple corruption would normally cause either tar or gunzip
> to fail. What I should have said, I suppose, is it's not at all
> difficult to reliably transmit the public versions to users and be
> assured the right bits got there, e.g. if ACT had a public area on
> their own ftp servers and published MD5 checksums. Of course ACT may
> occasionally make a mistake and put the wrong file up, even on their
> own servers, but in that case the odds would be reasonable that they
> would also make up a cd containing the mistake.

    You seem to want to continue to misunderstand.  Why would gunzip
fail?
Because the checksum did not match.  MD5 allows additional protection
against forged checksums, which are totally inapplicable to this case.
To repeat something which you may have missed, ACT does not create all
of the versions of GNAT, not even all versions on cs.nyu.edu.  And for
example, if you want a version of GNAT for Linux, there are several
versions depending on whether you have Debian or Red Hat, and on which
kernel version you are using, etc.  You are much, much more likely to
run into problems due to downloading the wrong version or installing it
improperly than from someone smuggling a spoofed version onto the
server.  

    If you really need security, you have to pay the price.  I am not
talking about ACT's support price, which is trival, if you are working
on a trusted or secure system.  It may triple or more the cost of
development to insure that your tools are trustworthy, and yes, if you
need security and mission or life critical code, you can triple it
again.  Just adding an MD5 checksum would not help at all, you need to
start with a risk analysis and a threat analysis.  Then you can start
doing all the things necessary to reduce the threat, which often will
include examining the generated machine code for certain key parts of
your program, burning parts of the code into ROM, etc.
 
> Fair enough. But if I download this new p version and have a problem,
> it shouldn't be hard to verify my version.

   Have you had a problem?  I certainly have had bad downloads, but no
difficulty in determining that the problem was just that...
 
> Well not having ever had an ACT CD, I have to presume they transmit
> checksums with their CDs, in which case yes it's more reliable,
> however I still heartily dislike the implication that any users who
> just picked up some random bits called gnat somewhere on the net can't
> are not likely to have a valid version. Seeing as GNAT started off on
> DoD money to be a freely available tool, and started off with NYU
> staff dominating the development team, if they can't reliably transmit
> a known version to me at least most of the time via some ftp site such
> as cs.nyu.edu something is wrong.

     They can reliably transmit a known version to you.  What RBKD is
saying is that the version you pick up off the web without any
involvement by ACT is not reliably transmitted, and I can't understand
why you find that amazing.  ACT is very good at insuring that the
version they send you is appropriate for your system.  If you want to
install the Solaris version on your PC, it won't work, it is not their
fault, end of story.  Also if you decide to build GNAT from source for a
currently unsupported system without ACT's help, they do not guarentee
the result in any way, but they are quite willing to let you do so.  If
you want to do that, and add an MD5 signature to the version you
prepare, go ahead.

     Well maybe not end of story.  You have to understand what RBKD was
saying.  He was NOT saying, if you want to be sure of getting our
version of GNAT, you must pay.  He was saying that the support given to
POTENTIAL customers by sales@gnat.com often makes the difference in a
company's compiler choice.  If you are trying to choose between
supported compilers, compare the supported GNAT product to their
competitor's supported product, or even to the unsupported version of
GNAT.  The "handholding" can, and often will, make a big difference. 
For example, if your company has Ada 83 legacy code and you are moving
to Ada 95, they can help, in some cases by providing a special compiler
version, to make it easy to get the existing code into GNAT style
libraries and still or back under your version control system.  This is
why he is saying you should compare apples to apples.

    On the other hand, if you intend to compare the free version to some
other compiler, go ahead.  But understand that it is not the product
that ACT is selling.  The support from ACT is very good, and that is one
of their major selling points.