From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=BAYES_00,INVALID_DATE, MSGID_SHORT autolearn=no autolearn_force=no version=3.4.4 Path: utzoo!attcan!uunet!crdgw1!sunroof!hammondr From: hammondr@sunroof.crd.ge.com (Richard A Hammond) Newsgroups: comp.lang.ada Subject: Re: problems/risks due to programming language, stories requested Keywords: risk, programming language, story, internet worm, AT&T breakdown Message-ID: <5432@crdgw1.crd.ge.com> Date: 21 Feb 90 16:49:59 GMT References: <9790@medusa.cs.purdue.edu> Sender: news@crdgw1.crd.ge.com Organization: General Electric Corporate R&D Center List-Id: In article <9790@medusa.cs.purdue.edu> gb@cs.purdue.EDU (Gerald Baumgartner) writes: >For a research project I am collecting information about the risk of >choosing the wrong programming language. In particular I am looking >for problems that could have been avoided if another (a better) >programming language would have been used. >I know of these three such stories: ... > 3. The AT&T breakdown a month ago was caused by a break statement > in C. See the following mail (multiple forwarding headers deleted): >| | This is the bug that cause the AT&T breakdown >| | the other day (no, it wasn't an MCI virus): >| | >| | In the switching software (written in C), there was a long >| | "do . . . while" construct, which contained >| | a "switch" statement, which contained >| | an "if" clause, which contained a >| | "break," which was intended for >| | the "if" clause, but instead broke from >| | the "switch" statement. >| | > > Again it looks like this bug wouldn't have occurred in another > programming language. What other programming language? Only one without any GOTO or restricted GOTO (e.g. exit, break, ...). This leaves out Ada!!!!!! Similar bug in Ada: (Cut down for posting, but gives the flavor) procedure test is MAX : constant := 10; type t is array(positive range 1 .. MAX) of boolean; NEW_ITEMS : t; begin for N in 1 .. MAX loop case ... when ... => if NEW_ITEMS(N) = FALSE then -- some other useful work gets done here exit; -- exits loop, not if! end if; when ... => end case; end loop; end test; So, in the AT&T case using Ada we would have exited both the switch and the loop rather than just the switch. Hardly an improvement! More generally, I find it distressing that the advocates of Ada are failing to distinguish between language independent features and language dependent features in assigning credit for software improvements. In my limited experience the cases where Ada is introduced into a programming environment also introduce lots of other good software engineering practices. For example, lots of people I know who program in C don't use LINT. I view it as a deficiency of management and not of the language that they don't use available tools. I bring this up because Ada isn't the last language ever to be designed and we should be willing to learn what could be used in future languages. Rich Hammond