From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM, MAILING_LIST_MULTI autolearn=unavailable autolearn_force=no version=3.4.4 X-Google-Thread: 103376,ac9405996d0dcb7f X-Google-Attributes: gid103376,public X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news1.google.com!proxad.net!usenet-fr.net!enst.fr!melchior!cuivre.fr.eu.org!melchior.frmug.org!not-for-mail From: Marius Amado Alves Newsgroups: comp.lang.ada Subject: Re: Would You Fly an Airplane with a Linux-Based Control System? Date: Fri, 26 Nov 2004 19:50:52 +0000 Organization: Cuivre, Argent, Or Message-ID: References: <20619edc.0411251028.3e249bf3@posting.google.com> NNTP-Posting-Host: lovelace.ada-france.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Trace: melchior.cuivre.fr.eu.org 1101498755 28710 212.85.156.195 (26 Nov 2004 19:52:35 GMT) X-Complaints-To: usenet@melchior.cuivre.fr.eu.org NNTP-Posting-Date: Fri, 26 Nov 2004 19:52:35 +0000 (UTC) To: comp.lang.ada@ada-france.org Return-Path: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en In-Reply-To: X-OriginalArrivalTime: 26 Nov 2004 19:50:18.0207 (UTC) FILETIME=[27D50EF0:01C4D3F1] X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at ada-france.org X-BeenThere: comp.lang.ada@ada-france.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Gateway to the comp.lang.ada Usenet newsgroup" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Xref: g2news1.google.com comp.lang.ada:6523 Date: 2004-11-26T19:50:52+00:00 Jeffrey Carter wrote: > Marius Amado Alves wrote: > >> No. This whole talk of hardware-generated exception sounds like "FUD". >> Namely, it sounds like your trying to blame the hardware. The cause >> was a SOFTWARE enginering error. Yes, a BUG. In the Ada software. And >> because it's connected to exceptions, the hypothesis that if the thing >> had been done in an exceptionless language like C the effect might >> have been different. And yes, maybe less bad. And none of the >> explanations I've seen so far (here, in books, and in the Internet) >> disprove this hypothesis. > > I think you're mistaken. "Hardware-generated exception", "signal", > "interrupt", whatever you call it, this comes from the hardware and must > be handled regardless of the language used for the SW. Since the > behavior of the Ada SW was exactly that specified for this situation, > and the specification would have been the same regardless of the > language used, the choice of language would not have changed the > behavior of the SW. I'm not mistaken. What you say does not disprove my hypothesis. Look, I probably know the story as well as you guys. And the story is that an Ada software component from Ariane 4 was reused for Ariane 5 without change. This and the fact that there was an hardware mismatch resulted in a BUGGY software system. Just answer this: how was the system fixed? Did they change the hardware? No. Ergo, the software was at fault, not the hardware. Sentences like "the behavior of the Ada SW was exactly that specified for this situation" (above) or "The software behaved _exactly_ as specified" (Vinzent) are worse than irrelevant, they are confusing, and actually strictly false. Surely the specification for Ariane 5 did not say "plug in software from Ariane 4 at will and crash on hardware mismatches." My hypothesis remains undisproven.