From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,25aa3c7e1b59f7b5
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2002-01-03 13:27:45 PST
Path: 
 archiver1.google.com!news1.google.com!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!wn4feed!worldnet.att.net!135.173.83.71!wnfilter1!worldnet-localpost!bgtnsc04-news.ops.worldnet.att.net.POSTED!not-for-mail
Message-ID: <3C34CCDD.E2DFCA52@worldnet.att.net>
From: James Rogers <jimmaureenrogers@worldnet.att.net>
X-Mailer: Mozilla 4.76 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
Newsgroups: comp.lang.ada
Subject: Re: A case where Ada defaults to unsafe?
References: <3C34BF2C.6030500@mail.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Date: Thu, 03 Jan 2002 21:27:44 GMT
NNTP-Posting-Host: 12.86.34.60
X-Complaints-To: abuse@worldnet.att.net
X-Trace: bgtnsc04-news.ops.worldnet.att.net 1010093264 12.86.34.60 (Thu,
 03 Jan 2002 21:27:44 GMT)
NNTP-Posting-Date: Thu, 03 Jan 2002 21:27:44 GMT
Organization: AT&T Worldnet
Xref: archiver1.google.com comp.lang.ada:18490
Date: 2002-01-03T21:27:44+00:00
List-Id: <comp.lang.ada>

Hyman Rosen wrote:
> 
> The conventional belief (at least on CLA :-) is that one of the
> main distinctions between Ada and C/C++ is that Ada defaults to
> safe behavior and C/C++ defaults to unsafe behavior (eg., array
> indexing, automatic type conversions, and overflow checking).
> 
> It occurs to me that there is a case where the opposite seems to
> be true. In C/C++, the && and || binary operators short-circuit,
> evaluating their right operand only if necessary. In Ada, it is
> necessary to specify "and then" and "or else" for this behavior,
> otherwise the order of evaluation of the two sides is unspecified
> if the simple "and" and "or" forms are used.
> 
> So in Ada, one could say 'if a /= 0 and b/a > 3' and fall into a
> trap that would not happen in C/C++. Discuss?

My experience is that any such unsafe condition in Ada will result
in an exception. The same cannot be expected of C++. The very fact
that Ada has a stronger type system than C++ ensures that an
exception will be raised in Ada, while the condition may go
undetected for quite a while in C++.

This is not meant to imply that raising exceptions is as safe as 
avoiding errors. It simply means that, through analysis and/or 
testing, the Ada programmer is likely to find the need for the
short-circuit form and apply it. 

Jim Rogers
Colorado Springs, Colorado USA