From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: *
X-Spam-Status: No, score=1.3 required=5.0 tests=BAYES_00,INVALID_MSGID,
	MSGID_RANDY autolearn=no autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,6405eefbf080daa6
X-Google-Attributes: gid103376,public
From: Robert Dewar <robert_dewar@my-dejanews.com>
Subject: Re: Is an RTOS Required for Ada?
Date: 1999/05/25
Message-ID: <7ifapi$lf1$1@nnrp1.deja.com>#1/1
X-Deja-AN: 482069451
References: <373B2927.7B22F898@pop.safetran.com>
 <19990514155120.03860.00000396@ng-cr1.aol.com> <7hmc18$jr6$1@nnrp1.deja.com>
 <wccogjh80os.fsf@world.std.com> <7i1b7p$3nb$1@nnrp1.deja.com>
 <FCB3LD.2F2@sd.aonix.com>
X-Http-Proxy: 1.0 x26.deja.com:80 (Squid/1.1.22) for client 205.232.38.14
Organization: Deja.com - Share what you know. Learn what you don't.
X-Article-Creation-Date: Tue May 25 23:12:52 1999 GMT
Newsgroups: comp.lang.ada
X-Http-User-Agent: Mozilla/4.04 [en] (OS/2; I)
Date: 1999-05-25T00:00:00+00:00
List-Id: <comp.lang.ada>

In article <FCB3LD.2F2@sd.aonix.com>,
  "George Romanski" <romanski@aonix.com> wrote:
>
> If the compiler inserts code for you, then this inserted code
> must also be verified at level A.   (you will need
> requirements design, source code tests and all appropriate
> reviews)

Right! Of course the line between generating code for the source
you write, and "inserting code" is a very difficult, perhaps
impossible line to draw.

Let's take two extremes. The only inlining that goes on in GNORT
for example is very simple stuff. For example, if someone writes
a call to To_Address (XYZ) from System.Storage_Elements, then
this is inlined, but it also generates no code at all (it is
basically an unchecked conversion). There is no place in the
GNORT generated code where you see anything other than
straightforward code generation that corresponds exactly to
what you would expect from the source code.

Let's assume on the other hand that a GNORT like compiler
decides that it would be really nice to implement tasking.
It does it by including the entire code of the tasking run time
in your generated program. You can't simply decide that this
is inlining, though it could be technically achieved by
inlining. An attempt to say that this code did not need
independent certification would indeed be completely bogus
and would be considered cheating!

Drawing the precise line between these two extremes would not
be an easy task. In the case of GNORT itself, we keep the subset
so simple thatno such bogus insertions of code ever occur. You
don't typically want fancy language features anyway in a
safety-critical application!

Robert Dewar
Ada Core Technologies


--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---