TEAM-ADA Archives

Team Ada: Ada Programming Language Advocacy


Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
"(No Name Available)" <[log in to unmask]>
Reply To:
Sun, 26 Jul 1998 00:24:48 EDT
text/plain (23 lines)
[log in to unmask] (Samuel Mize) quoted and then wrote:

>> We want to build a safety related system (a control computer for=20
>> a flight simulator connected to a motion platform).
>> Our safty concept simply requires, that the Ada main detects a failure
>> in the C part and then shuts down the simulator.

>A rogue pointer in the C section can be used to write over anything in
>its address space: C data, Ada data, C or Ada code...  If your
>hardware and OS don't detect address-space violations, the C can write
>into random parts of the Ada even if they're in separate processes, or
>even into the OS data or code.

Leaving the Ada issues and the many valid C concerns aside, I would feel
very anxious about entering a flight simulator which I know depended upon
some hardware and OS which did _not_ detect address-space violations.  A
safety-related system should not skimp on the language-independent aspects
of the project.  If each computer is to be connected to a big physical
machine, computer hardware cost or OS license fees can hardly be an issue.

Larry Kilgallen