Therac25 and Exception Handling

1
Therac-25and Exception Handling

• Michael W. Bigrigg
• CS1590 Spring 2004

2
Introduction

• Therac-25
• History and the Therac-24
• Exception Handling
• Problems with Exception Handling

3
Therac-25 History

• Therac A radiation treatment machine
• Therac-25 design based on the Therac-24
• Was a mix of hardware and software
• Therac-25 was all software controlled
• Therac-24 had mechanical safety mechanisms
• Missing exception handling was silently caught by
  the hardware
• Therac-25 was all software controlled
• There was no backup for missing exception
  handling

4
An Error or a Result?
An exception is a message from an underlying
function or subsystem to further explain the
result

• include ltstdio.hgt
• void bar()
• FILE f
• int n, x
• f fopen(foo.txt, r)
• if (f NULL)
• exit(1)
• n fread (f, 1, sizeof(int), x)

Set
Check
Use
5
Guard Against Using an Error as a Result

• include ltstdio.hgt
• void bar()
• FILE f
• int n, x
• f fopen(foo.txt, r)
• if (f NULL)
• exit(1)
• n fread (f, 1, sizeof(int), x)

Set
Check
Use
6
Find the Check

• Based on the function call, there should be a
  check of either the same value or an associated
  value between the set and use.

Same Value x fopen(foo.txt,r) if (x
NULL) exit(1) n fread(x, 1, sizeof(int), a)
Associated Value n fread(x, 1, sizeof(int),
a) if (n lt 1) exit(1) b a 1
7
Conclusion

• The Therac-25 is a good example of where
  incomplete code leads to problems.
• Exception handling is used to protect against
  using an error as a correct value.