Re: Ariane (yet again...)

["Mike Silva" <mjsilva@jps.net>]

Samuel T. Harris wrote in message <388760A5.9E3A9F32@Raytheon.com>...
>
>A GoTo.com search on +ariane +5 +crash +report yields
>the following URLs ...
>
>http://www.siam.org/siamnews/general/ariane.htm
>http://java.sun.com/people/jag/Ariane5.html
>
>... reading these will correct any errors I may have
>introduced in my prior summary.
>
>BTW this is one of my favorite examples of Ada bashers
>getting egg on their face! Many were quick to blame
>Ada when this was in fact a management problem which
>was negligent in their reuse strategy, namely doing
>nothing at all to verify the reused components in
>a new environment.


Yes, the whole question came up again when somebody asserted that Ada's
runtime checks "caused" the Ariane-5 fireworks.  Eventually it worked around
to the question of what exactly the report meant when it said "The data
conversion instructions (in Ada code) were not protected from causing an
Operand Error."  Later it is implied that there is a performance cost to
"protection", and what I was asking was what was the form of this
protection.  At first glance it would seem that *not* having protection
(i.e. having the runtime check the results of the conversion) would have
more performance cost than having protection, if this meant not having the
runtime check the results.  Since the report implies the opposite I was
wondering what form the protection took.  The one answer I got was that the
"protection" was having a local exception handler deal with the conversion,
but then, if no exception occurs there's no cost.  An explicitly-coded
"precheck" of the variable before conversion would, OTOH, always have a
performance cost.

Sure wish I could see the code...

Mike