From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=BAYES_00,MAILING_LIST_MULTI autolearn=unavailable autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,a00006d3c4735d70 X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2003-12-27 19:01:23 PST Path: archiver1.google.com!news2.google.com!news.maxwell.syr.edu!newsfeed.icl.net!newsfeed.fjserv.net!proxad.net!usenet-fr.net!enst.fr!melchior!cuivre.fr.eu.org!melchior.frmug.org!not-for-mail From: Stephen Leake Newsgroups: comp.lang.ada Subject: Re: Certified C compilers for safety-critical embedded systems Date: 27 Dec 2003 22:01:02 -0500 Organization: Cuivre, Argent, Or Message-ID: References: <3fe00b82.90228601@News.CIS.DFN.DE> <3FE026A8.3CD6A3A@yahoo.com> <3bf1uvg2ntadvahfud2rg6ujk24sora6gr@4ax.com> <2u3auvogde8ktotlaq0ldiaska3g416gus@4ax.com> <20619edc.0312221020.3fd1b4ee@posting.google.com> <20619edc.0312222106.3b369547@posting.google.com> <45cs9hAbLc6$EAAx@phaedsys.demon.co.uk> <3fe9f0d7.104475725@News.CIS.DFN.DE> NNTP-Posting-Host: lovelace.ada-france.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: melchior.cuivre.fr.eu.org 1072580479 81507 80.67.180.195 (28 Dec 2003 03:01:19 GMT) X-Complaints-To: usenet@melchior.cuivre.fr.eu.org NNTP-Posting-Date: Sun, 28 Dec 2003 03:01:19 +0000 (UTC) To: comp.lang.ada@ada-france.org Return-Path: In-Reply-To: User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 X-Virus-Scanned: by amavisd-new-20030616-p5 (Debian) at ada-france.org X-BeenThere: comp.lang.ada@ada-france.org X-Mailman-Version: 2.1.3 Precedence: list List-Id: Gateway to the comp.lang.ada Usenet newsgroup List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Xref: archiver1.google.com comp.lang.ada:3870 Date: 2003-12-27T22:01:02-05:00 "Robert I. Eachus" writes: > Stephen Leake wrote: > > > The version of Ada most likely to run on 8 bit machines would have no > > tasking, no exceptions, and possibly no floating or fixed point, or > > dynamic dispatching. That would still be a far better language than C! > > Packages, generics, strong typing in general, aggregates, > > representation clauses; none of these make demands on the run-time > > environment, but all are very powerful programming language features. > > Actually, there is no reason not to support fixed-point, although I > probably wouldn't support decimal types. There is no reason to omit > exceptions, but I might not support exception occurances (RM 11.4.1). I was quoting the restrictions imposed by GNAT's undocumented 'pragma No_Runtime', which is admittedly serving a somewhat different purpose. The runtime support for fixed point is simple, but it is not zero. Same for exceptions. Runtime support for "zero cost" exceptions is more complex. > And again there is no reason not to support dynamic dispatching, I don't know if pragma No_Runtime eliminates this; I never tried it (since it's undocumented, the only way to discover if a feature is prevented is to try it. Well, one could read the source.). > > Having said all that, I can't really get excited about validating Ada > compilers for the i8051 or for that matter the Z-80. Every time I > have used a chip that "small" on a project, complete test coverage of > the machine code was not that hard to do. Typically the chip > implements a finite-state machine with at most a couple of dozen > states, and it is easier to tie the generated code to the state > diagram in the specification than to prove both the source code and > the compiler. Right. That's the approach I would take; test the application code thoroughly, so you find any compiler bugs. -- -- Stephe