From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 1014db,582dff0b3f065a52 X-Google-Attributes: gid1014db,public X-Google-Thread: 109fba,582dff0b3f065a52 X-Google-Attributes: gid109fba,public X-Google-Thread: 103376,bc1361a952ec75ca X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2001-08-09 16:55:14 PST Path: archiver1.google.com!newsfeed.google.com!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!netnews.com!xfer02.netnews.com!newsfeed2.earthlink.net!newsfeed.earthlink.net!newsmaster1.prod.itd.earthlink.net!newsread2.prod.itd.earthlink.net.POSTED!not-for-mail Message-ID: <3B7323B2.B7223E18@earthlink.net> From: Martin Ambuhl X-Mailer: Mozilla 4.77 [en] (Win95; U) X-Accept-Language: en,zh-CN,fr,de-CH,ru MIME-Version: 1.0 Newsgroups: comp.lang.ada,comp.lang.c++,comp.lang.c Followup-To: comp.lang.ada,comp.lang.c++ Subject: Re: How Ada could have prevented the Red Code distributed denial of References: <3b690498.1111845720@news.worldonline.nl> <9kbu15$9bj@augusta.math.psu.edu> <3b6a453c.1193942215@news.worldonline.nl> <9keejl$fhj@augusta.math.psu.edu> <3c30da40.0108060848.796d9bd9@posting.google.com> <3B6F3216.F410BBFF@home.com> <3B6F3FAE.B9B9FFCF@globetrotter.qc.ca> <3B6F5BF6.1E22543B@home.com> <3B706538.5AB33833@globetrotter.qc.ca> <3B70BDA5.575D8E6A@home.com> <3B71C74E.505A8753@globetrotter.qc.ca> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Date: Thu, 09 Aug 2001 23:55:30 GMT NNTP-Posting-Host: 209.246.68.184 X-Complaints-To: abuse@earthlink.net X-Trace: newsread2.prod.itd.earthlink.net 997401330 209.246.68.184 (Thu, 09 Aug 2001 16:55:30 PDT) NNTP-Posting-Date: Thu, 09 Aug 2001 16:55:30 PDT Organization: EarthLink Inc. -- http://www.EarthLink.net X-Received-Date: Thu, 09 Aug 2001 16:52:25 PDT (newsmaster1.prod.itd.earthlink.net) Xref: archiver1.google.com comp.lang.ada:11723 comp.lang.c++:81403 comp.lang.c:73287 Date: 2001-08-09T23:55:30+00:00 List-Id: Ted Dennison wrote: > > In article <3B71C74E.505A8753@globetrotter.qc.ca>, Chris Wolfe says... > >So why not compare _comparable_ things: like a C++ compiler and > >library designed with safety in mind against Ada. Rather than a > > Because this thread is about OS's and the C++ dialects which they have been > implemented in, vs. (standard) Ada. Clearly your wonderful non-standard dialect > of C++ was not used either for the system software in question. Perhaps it would > have been an equally good idea to use it, but that's not what the thread is > about. > > >So we do the Ada thing: throw away the flexibility of the > >language to force everyone to play safe. In case you missed it, > >most C++ compiler also provide support for inline assembler: A) > >if I need it, I can get it. B) if I don't need it, I can stick > >with the safer stuff. Ada has a very different philosophy. > > That's a odd complaint. Ada's just as flexible as C. You just have to announce > to the compiler (and not so incidently, the human source code reader) when you > are doing something unsafe, but its not prevented. Also *every* Ada compiler (as > opposed to "most" C++ compilers) has support for inline assembler. Its actually > in the standard. The Ada philosopy is indeed quite different from C's but its > not quite what you seem to think it is. > > >> 2. You now have to prove that your Class Posix is fault free > >> before you put it on an aircraft or in a medical instrument. > > > >Duh, and this was somehow skipped when producing the Ada > >libraries? I somehow fail to believe that Ada circumvents bugs in > >the functions provided by my operating system. > > He probably shouldn't have brought this up, as it confuses just about everyone > who isn't familiar with safety-critical software. Debugging software and proving > it correct are two *very* different things. There's a whole lot of theory behind > safety critical software and software correctness proofs that you really have to > study for a while to understand. Bringing it into a discussion with folks who > are unfamiliar with it is just going to cause a lot of confusion. > Taking your pronouncements as Gospel, I have removed comp.lang.c from the Followup-To: list. I suggest you do the same.