From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,42427d0d1bf647b1 X-Google-Attributes: gid103376,public From: geert@fozzie.sun3.iaf.nl (Geert Bosch) Subject: Re: Ada Core Technologies and Ada95 Standards Date: 1996/03/31 Message-ID: <4jm0jv$9l2@fozzie.sun3.iaf.nl>#1/1 X-Deja-AN: 145118583 references: <00001a73+00002c20@msn.com> <828038680.5631@assen.demon.co.uk> <828127251.85@assen.demon.co.uk> organization: La Calandre Infortunee newsgroups: comp.lang.ada Date: 1996-03-31T00:00:00+00:00 List-Id: In article <828127251.85@assen.demon.co.uk> John McCabe wrote: `` I was obviously thinking of validation of Ada compilers in the same way that _my_ software is validated - i.e a full set of test cases proving that _all_ requirements have been met. '' You *cannot* prove this for complex software, like Ada compilers. Creating a full set of test cases for ``proving'' that an Ada-compiler conforms to the language standard is impossible. For one, this would mean to prove that the compiler has no bugs. Another point is that a) All requirements should be known b) All requirements should be specified unambigiously c) Everybody agrees on b) and on the one and only possible interpretation An example for how irrelevant this is, is the following: when two parties on an ethernet-segment want to send each other a message, it is not certain they will succeed in finite time, because of the ethernet protocol. On the other hand, billions of dollars would be lost if from now on, all ethernet packets would keep colliding whenever possible. You can't prove it won't happen, but you can *rely* on it not to happen. These are different things. `` If I cannot prove this, my software is not accepted by my customer. '' As a customer, I would not accept any software engineer who thinks that he can prove his software works right in the case of something as complex as an Ada compiler. Regards, Geert Bosch -- E-Mail: geert@sun3.iaf.nl *** As far as we know, there have not been *** Phone: +31-53-4303054 ** any undetected failures in our software. **