From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-0.8 required=5.0 tests=BAYES_00,INVALID_DATE,
	MSGID_SHORT autolearn=no autolearn_force=no version=3.4.4
Path: utzoo!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!uunet!crdgw1!sunroof!hammondr
From: hammondr@sunroof.crd.ge.com (Richard A Hammond)
Newsgroups: comp.lang.ada
Subject: Re: problems/risks due to programming language
Message-ID: <5498@crdgw1.crd.ge.com>
Date: 23 Feb 90 17:32:05 GMT
References: <10811@june.cs.washington.edu> <8126@hubcap.clemson.edu>
Sender: news@crdgw1.crd.ge.com
Organization: General Electric Corporate R&D Center
List-Id: <comp.lang.ada>

In article <8126@hubcap.clemson.edu> billwolf%hazel.cs.clemson.edu@hubcap.clemson.edu writes:
 .... [ in discussion of the AT&T bug]
>   The problem cannot simply be defined out of existence by saying,
>   in essence, that good programmers don't make mistakes.  All human
>   programmers make mistakes, and a well-designed language will help
>   to minimize this particular tendency.  In this case, C does not. 
       ^^^^^^^^

Uh Oh! I agree with Bill.  The problem here is that the original request was
for cases where a different language would have PREVENTED the error, that is,
reduced the probability to 0.0 .

Another example was a FORTRAN program fragment:

	DO 10 I = 1.100
which the compiler treated as:	DO10I = 1.100
while the programmer wanted:	DO 10 I = 1, 100

Using another language that was sensitive to spaces between characters would
have PREVENTED the problem.

Now the AT&T problem in C & Ada was:

	C Version			Ada Version
  do {				OUTER:	loop 
	...				    ...
	switch ...			    case ... is
	    {
	    case ... :				when ... =>
		if ( ...) {			    if ... then
		    ...					...
		    break;				exit; -- exits OUTER!!
		}				    end if;
		...				    ...
		break;				when ... =>
	    } /* end case */		    end case;
	...				    ...
  } while ( ...) ;			    exit OUTER when ... ;
					end loop OUTER;

I agree with Bill that Ada would minimize the chance of getting an "exit"
in there, since it doesn't need one at the end of each case.
However, it wouldn't PREVENT it, since the Ada and C fragments are both
not only legal, but sensible.

So I claim that the AT&T problem does not fall in the same class as the
FORTRAN do loop problem, switching to Ada would have made the mistake less
likely but not removed the possibility of it entirely.  Particularly if the
programmer really had the misconception that exit/break left if statements.

Rich Hammond