From: "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de>
Subject: Re: Contracted exceptions for Ada
Date: Mon, 10 Dec 2007 09:19:49 +0100
Date: 2007-12-10T09:12:06+01:00 [thread overview]
Message-ID: <5tw4p3ydoalt$.eyhp82hd04ch.dlg@40tude.net> (raw)
In-Reply-To: m23aubiufw.fsf@mac.com
On Sun, 09 Dec 2007 18:39:31 +0000, Simon Wright wrote:
> "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de> writes:
>
>> On Sun, 09 Dec 2007 16:11:13 +0100, Martin Krischik wrote:
>>
>>> Dmitry A. Kazakov wrote:
>>>
>>>> (Maybe a wild guess, but this could save Ariane V. A program assumed
>>>> Constraint_Error exception free was recompiled for the hardware where that
>>>> was not the case.)
>>>
>>> My understanding is that the system was brought down by an unexpected
>>> hardware exception - i.E. one which the CPU's floating point unit
>>> generated.
>>
>> Yes, and that would be detected by the compiler:
>>
>> function Integer (X : Float) return Integer;
>>
>> which was contracted as exception-free on one platform will not be on
>> another. So the compiler would reject either its implementation that raises
>> Constraint_Error or else its use contracted as Constraint_Error-free. So
>> the idea.
>
> I don't see how the compiler/platform in use has anything to do with
> this.
>
> In Ariane IV the maximum horizontal velocity is X.
>
> Therefore we can convert the hardware input to this-type without
> worrying about overflow.
Hardware input had a type different from one used later in the control
circle, because it needed to be converted. So what was the contract of that
conversion?
> Therefore any exception will be caused by hardware error.
The article mentioned by Martin talks about floating point to integer
conversion. Was the conversion programmed in Ada? Probably it wasn't. Then
I can only wonder why people keep on talking about "Ada fault"...
> seems a proper analysis for Ariane IV; reusing precisely the same
> software/platform in an environment where the maximum horizontal
> velocity was much larger than X is an error that no amount of
> *software* engineering is going to fix.
My point is that the fault could be detected (assuming that conversion was
in Ada), under the condition that the compiler vendor would not make the
same mistake while porting the compiler... (:-))
--
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de
next prev parent reply other threads:[~2007-12-10 8:19 UTC|newest]
Thread overview: 97+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-12-06 15:00 Exceptions shaunpatterson
2007-12-06 21:24 ` Exceptions tmoran
2007-12-07 8:54 ` Exceptions Dmitry A. Kazakov
2007-12-07 10:21 ` Exceptions Georg Bauhaus
2007-12-07 15:11 ` Exceptions shaunpatterson
2007-12-07 16:08 ` Exceptions Gautier
2007-12-07 18:56 ` Exceptions Simon Wright
2007-12-08 10:04 ` Exceptions Stephen Leake
2007-12-08 3:30 ` Exceptions Randy Brukardt
2007-12-08 10:09 ` Contracted exceptions for Ada (was: Exceptions) Dmitry A. Kazakov
2007-12-09 10:22 ` Contracted exceptions for Ada Stephen Leake
2007-12-09 11:02 ` Dmitry A. Kazakov
2007-12-11 8:10 ` Stephen Leake
2007-12-11 10:36 ` Dmitry A. Kazakov
2007-12-09 15:11 ` Contracted exceptions for Ada (was: Exceptions) Martin Krischik
2007-12-09 17:36 ` Contracted exceptions for Ada Dmitry A. Kazakov
2007-12-09 18:39 ` Simon Wright
2007-12-10 8:19 ` Dmitry A. Kazakov [this message]
2007-12-10 20:25 ` Simon Wright
2007-12-11 8:50 ` Dmitry A. Kazakov
2007-12-11 20:50 ` Simon Wright
2007-12-12 10:20 ` Dmitry A. Kazakov
2007-12-09 19:04 ` Martin Krischik
2007-12-10 8:20 ` Dmitry A. Kazakov
2007-12-09 22:09 ` Robert A Duff
2007-12-10 7:09 ` Stefan Lucks
2007-12-10 16:57 ` Robert A Duff
2007-12-11 1:53 ` Contracted exceptions for Ada (was: Exceptions) Randy Brukardt
2007-12-11 9:16 ` Contracted exceptions for Ada Dmitry A. Kazakov
2007-12-12 0:26 ` Randy Brukardt
2007-12-08 12:26 ` Exceptions Peter C. Chapin
2007-12-08 14:01 ` Exceptions Dmitry A. Kazakov
2007-12-08 18:01 ` Exceptions Peter C. Chapin
2007-12-09 10:06 ` Exceptions Dmitry A. Kazakov
2007-12-09 12:40 ` Exceptions Peter C. Chapin
2007-12-09 14:31 ` Exceptions Dmitry A. Kazakov
2007-12-09 16:38 ` Exceptions Peter C. Chapin
2007-12-10 8:31 ` Exceptions Dmitry A. Kazakov
2007-12-09 21:56 ` Exceptions Robert A Duff
2007-12-09 10:24 ` Exceptions Stephen Leake
2007-12-09 12:46 ` Exceptions Peter C. Chapin
2007-12-09 21:39 ` Exceptions Robert A Duff
2007-12-09 22:13 ` Exceptions Georg Bauhaus
2007-12-11 8:07 ` Exceptions Stephen Leake
2007-12-11 20:28 ` Exceptions Simon Wright
2007-12-12 22:10 ` Exceptions Maciej Sobczak
2007-12-13 13:40 ` Exceptions Robert A Duff
2007-12-13 14:00 ` Exceptions Maciej Sobczak
2007-12-13 14:44 ` Exceptions Robert A Duff
2007-12-14 0:46 ` Exceptions Ray Blaak
2007-12-14 2:36 ` Exceptions Randy Brukardt
2007-12-14 6:21 ` Exceptions Ray Blaak
2007-12-14 12:40 ` Exceptions Georg Bauhaus
2007-12-14 17:29 ` Exceptions Robert A Duff
2007-12-14 19:32 ` Exceptions Dmitry A. Kazakov
2007-12-15 5:29 ` Exceptions Ray Blaak
2007-12-13 19:29 ` Exceptions Randy Brukardt
2007-12-12 19:18 ` Exceptions Martin Krischik
2007-12-13 13:27 ` Exceptions Robert A Duff
2007-12-13 23:25 ` Exceptions Ray Blaak
2007-12-06 21:25 ` Exceptions Gautier
2007-12-07 4:29 ` Exceptions anon
2007-12-07 4:43 ` Exceptions, part 2 anon
2007-12-07 16:55 ` Exceptions Adam Beneschan
2007-12-07 18:59 ` Exceptions Simon Wright
2007-12-08 0:38 ` Exceptions Adam Beneschan
2007-12-09 21:45 ` Exceptions Robert A Duff
2007-12-09 22:40 ` Exceptions Georg Bauhaus
2007-12-10 8:22 ` Exceptions Dmitry A. Kazakov
2007-12-10 9:20 ` Exceptions Georg Bauhaus
2007-12-10 9:30 ` Exceptions Georg Bauhaus
2007-12-10 10:56 ` Exceptions Dmitry A. Kazakov
2007-12-11 2:18 ` Exceptions Randy Brukardt
2007-12-11 8:19 ` Exceptions Georg Bauhaus
2007-12-11 11:55 ` Exceptions Dmitry A. Kazakov
2007-12-11 16:13 ` Exceptions Georg Bauhaus
2007-12-12 11:18 ` Exceptions Dmitry A. Kazakov
2007-12-10 12:09 ` Exceptions Niklas Holsti
2007-12-10 13:08 ` Exceptions Dmitry A. Kazakov
2007-12-10 20:02 ` Exceptions Niklas Holsti
2007-12-11 12:31 ` Exceptions Dmitry A. Kazakov
2007-12-11 13:21 ` Exceptions Niklas Holsti
2007-12-12 0:01 ` Exceptions Randy Brukardt
2007-12-12 11:37 ` Exceptions Niklas Holsti
2007-12-12 13:14 ` Exceptions Dmitry A. Kazakov
2007-12-12 14:37 ` Exceptions Robert A Duff
2007-12-13 19:20 ` Exceptions Randy Brukardt
2007-12-13 20:15 ` Exceptions Robert A Duff
2007-12-12 11:00 ` Exceptions Dmitry A. Kazakov
2007-12-11 2:12 ` Exceptions Randy Brukardt
2007-12-11 15:17 ` Exceptions Robert A Duff
2007-12-12 0:10 ` Exceptions Randy Brukardt
2007-12-13 19:58 ` Exceptions Robert A Duff
2007-12-14 0:53 ` Exceptions Ray Blaak
2007-12-14 2:48 ` Exceptions Randy Brukardt
2007-12-14 6:33 ` Exceptions Ray Blaak
2007-12-08 10:03 ` Exceptions Stephen Leake
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox