From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.5-pre1 (2020-06-20) on ip-172-31-74-118.ec2.internal X-Spam-Level: X-Spam-Status: No, score=0.8 required=3.0 tests=BAYES_50,LOTS_OF_MONEY autolearn=ham autolearn_force=no version=3.4.5-pre1 Date: 18 Dec 92 04:06:02 GMT From: munnari.oz.au!goanna!ok@uunet.uu.net (Richard A. O'Keefe) Subject: Re: C++ vs. Ada -- Is Ada loosing? Message-ID: <16269@goanna.cs.rmit.oz.au> List-Id: In article <172@fedfil.UUCP>, news@fedfil.UUCP (news) writes: > The more I think about it, Ada (safe, sane....) reminds me of the Volvo. > You see all those advertisements for Volvos tauting safety features, and > they never mention the best safety feature, i.e. the fact that they usually > don't run and you can only hurt yourself so badly sitting under a tree > in a car. I have deleted the rest of Holden's flame. Let me offer a data point. Just recentrly, I posted an article to comp.lang.c in which I listed a number of errors in a textbook. The textbook is about data structures in C. The authors understand data structures very well. Author X "is chair of the CS dept and Professor of CS&EE at . [He] has published 30 proceedings, managed research grants totalling over US$3.5 million, ... " Author Y "is Professor of CS in . [He] has published over 140 articles and has written several texts. He is an editor of four professional journals and has managed over US$8 million in research grants." Author Z "is chair of 's CS dept and a veteran of 14 years of teaching." The authors thank Profesor P, Dr Q, and Messrs R & S for "debugging" the book. They also thank Mr T of AT&T Bell Labs (who has written several books on C himself) for reviewing the manuscript. Sounds good, no? The authors also say that the code in the book is not specially typeset because every example has been tested, and they didn't want to introduce any errors. On p6 they write "all programs in this book follow the rules of ANSI C". The first example is on p7, facing this claim, and it contains an OBVIOUS violation of the ANSI standard, and a known portability problem (which X3J11 invented a new macro for the express purpose of fixing), and calls an operation which may fail without checking whether it succeeded. The last example in the book has a type error, and the authors' only comment is to say that the compiler's error message can be ignored. In my posting in comp.lang.c I described (with page numbers) several other mistakes. My personal favourite is one which appears to reveal a fairly basic misunderstanding about C scope rules. There are others which should never have been accepted by any C compiler, although they are legal C++. Many of the problems are potentially serious. As it happens, with the exception of the scope problem, GCC or an ANSI lint _would_ catch all of them. But Professors X, Y, and Z "tested" their programs under an awesome total of two compilers, which evidently did _not_ catch these errors. I can never quite remember the line in "Life, the Universe, and Everything." "Don't worry, Arthur Dent ............... be very very frightened." You see, I had been talking with a publisher's representative, and had complained about another publisher's recent book which had about one factual error every two pages. The publisher's representative said, "well, OURS are checked. I'll send you one I think you'll be able to use." Well, no, I can't. I think my students are better off being shown how to write CORRECT C code for a smaller variety of data structures than INCORRECT C code for an impressive range of data structures. I also think that a textbook that TALKS so much about abstract data types should teach students to DO it, but although it is easy to define a stack type in C so that a program using it has no clue about the implementation, the code in this book just isn't like that. The authors never even mention how to use header files to get modular code. Am I worried about C, when experienced people who are managing huge amounts of money (once upon I time I paid US taxes, some of that was my money) manifestly don't understand C, even though they imagine they think they understand it well enough to instruct others? Worried? No. I'm very very frightened. I believe that Ada is a bigger language than C. Both languages have "dark corners". But there seems to be a tradition of Ada compilers being picky and C compilers letting it all hang out. With all due respect to "The Emperor's New Clothes", which I loved when it came out, I am now _more_ frightened about critical software being written in C or C++ than in Ada. This is actually an important point. A programming language is more than a standard. There is also a tradition, a way of approaching the language. (It's something I have observed about Prolog: if you plug into the Edinburgh _tradition_, Prolog is a simple, comprehensible, and powerful tool, but if you just look at a manual, most people never learn how to use it effectively, and that most especially applies to the authors of textbooks about it.) It would be perfectly possible to have an "Ada" compiler which was as sloppy as a C compiler, and it is possible to have C systems which are very strict. My current impression is that Ada textbooks tend to be more accurate in the claims they make about what is or is not valid Ada, and tend to have a higher level view of the software process, than C books. Is this an illusion, due to my knowing C relatively better than I know Ada?