From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,31c0457c1c47fc2 X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2001-10-22 23:26:34 PST Path: archiver1.google.com!postnews1.google.com!not-for-mail From: mjsilva697@earthlink.net (Mike Silva) Newsgroups: comp.lang.ada Subject: Re: Have you ever had a bug caused by... Date: 22 Oct 2001 23:26:34 -0700 Organization: http://groups.google.com/ Message-ID: <27085883.0110222226.76e006a2@posting.google.com> References: <27085883.0110191714.784d3d25@posting.google.com> NNTP-Posting-Host: 209.179.252.103 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Trace: posting.google.com 1003818394 23342 127.0.0.1 (23 Oct 2001 06:26:34 GMT) X-Complaints-To: groups-abuse@google.com NNTP-Posting-Date: 23 Oct 2001 06:26:34 GMT Xref: archiver1.google.com comp.lang.ada:15064 Date: 2001-10-23T06:26:34+00:00 List-Id: David Bolen wrote in message news:... > mjsilva697@earthlink.net (Mike Silva) writes: > > > While discussing (er, pushing) Ada with some C-coding co-workers today > > I asked a question to which I knew the answer (always the best kind!): > > "Have you ever had a bug caused by accessing off the end of an > > array?" Well, of course, they all had to say yes. Then I started > > thinking of other bugs that they would have to admit to, and which > > wouldn't occur in Ada. Nothing new here (Ada prevents many bugs...), > > but I thought it would be fun and useful to develop a group list as an > > Ada advocacy tool. For example: > > I'm curious as to how Ada _prevents_ such bugs. Are you saying that > no Ada programmer has ever had a bug caused by walking off the end of > an array either? > > I'll buy that Ada will catch that error more quickly than in C, and > probably help isolate the problem more quickly. And even that by > using attributes such as Range, Low and High that you can write more > robust code to avoid the issue (which is no small benefit). But given > that you can still compute indices and then attempt to dereference > based on those computations, there has to be the occasional bug that > is introduced through the use of indices that overflow the array. > > And that's different from saying "wouldn't occur in Ada" ... there's a > difference between better handling of the bug, and not having the bug > ever occur. Or to put it another way, if I have a bug that creates > this condition (or say, tries to set a value outside its range, as in > another example), generating an exception - even if handled - still > implies the bug exists. > > Some of the suggested items appear to be language checks that are > completely possible at compile time, for which I'd buy the "can't > happen" argument. But any issues that can occur at runtime and > require runtime checks and exceptions don't, IMHO, prevent bugs, but > simply act to make it easier to diagnose and manage them when they do > occur. You're right -- I was imprecise in my language, and Ada has enough real advantages that it doesn't need hyperbole. As you say, some types of bugs are completely prevented, others should never happen when using the proper idioms (such as the use of attributes), while others are simply caught at a much earlier stage. Each of these outcomes is vastly preferable to one of those horrible "six degrees of separation" bugs in C where it can take days or weeks to trace back from discovered effect to root cause. Mike