From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,7d3cb5920e882220 X-Google-Attributes: gid103376,public,usenet X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news1.google.com!news.glorb.com!peer1.news.newnet.co.uk!194.159.246.34.MISMATCH!peer-uk.news.demon.net!kibo.news.demon.net!news.demon.co.uk!demon!not-for-mail From: Simon Wright Newsgroups: comp.lang.ada Subject: Re: Contracted exceptions for Ada Date: Sun, 09 Dec 2007 18:39:31 +0000 Organization: Pushface Message-ID: References: <5947aa62-2547-4fbb-bc46-1111b4a0dcc9@x69g2000hsx.googlegroups.com> <7m9wkymyi5h7.1235e72is9mp9.dlg@40tude.net> <1355376.ahPdGlRDJW@linux1.krischik.com> <1bvj0n3ana6zj.1b1q7na2q2i0a.dlg@40tude.net> NNTP-Posting-Host: pogner.demon.co.uk Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: news.demon.co.uk 1197225571 3352 62.49.19.209 (9 Dec 2007 18:39:31 GMT) X-Complaints-To: abuse@demon.net NNTP-Posting-Date: Sun, 9 Dec 2007 18:39:31 +0000 (UTC) Cancel-Lock: sha1:hXsEmoP2c1JWPbQaxUfgvlN4dqw= User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.1 (darwin) Xref: g2news1.google.com comp.lang.ada:18822 Date: 2007-12-09T18:39:31+00:00 List-Id: "Dmitry A. Kazakov" writes: > On Sun, 09 Dec 2007 16:11:13 +0100, Martin Krischik wrote: > >> Dmitry A. Kazakov wrote: >> >>> (Maybe a wild guess, but this could save Ariane V. A program assumed >>> Constraint_Error exception free was recompiled for the hardware where that >>> was not the case.) >> >> My understanding is that the system was brought down by an unexpected >> hardware exception - i.E. one which the CPU's floating point unit >> generated. > > Yes, and that would be detected by the compiler: > > function Integer (X : Float) return Integer; > > which was contracted as exception-free on one platform will not be on > another. So the compiler would reject either its implementation that raises > Constraint_Error or else its use contracted as Constraint_Error-free. So > the idea. I don't see how the compiler/platform in use has anything to do with this. In Ariane IV the maximum horizontal velocity is X. Therefore we can convert the hardware input to this-type without worrying about overflow. Therefore any exception will be caused by hardware error. seems a proper analysis for Ariane IV; reusing precisely the same software/platform in an environment where the maximum horizontal velocity was much larger than X is an error that no amount of *software* engineering is going to fix.