From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: fac41,a48e5b99425d742a X-Google-Attributes: gidfac41,public X-Google-Thread: f43e6,a48e5b99425d742a X-Google-Attributes: gidf43e6,public X-Google-Thread: 107d55,a48e5b99425d742a X-Google-Attributes: gid107d55,public X-Google-Thread: 103376,a48e5b99425d742a X-Google-Attributes: gid103376,public X-Google-Thread: 1108a1,5da92b52f6784b63 X-Google-Attributes: gid1108a1,public From: jezequel@irisa.fr (Jean-Marc Jezequel) Subject: Please do not start a language war (was Re: Papers on the Ariane-5 crash and Design by Contract Date: 1997/03/17 Message-ID: <5giu3p$beb$1@news.irisa.fr>#1/1 X-Deja-AN: 226127515 Distribution: world References: <332B5495.167EB0E7@eiffel.com> Organization: Irisa, Rennes (FR) Newsgroups: comp.lang.eiffel,comp.object,comp.software-eng,comp.lang.ada,comp.lang.java.tech Date: 1997-03-17T00:00:00+00:00 List-Id: In article , dewar@merv.cs.nyu.edu (Robert Dewar) writes: >Thomas says > ><had used Eiffel preconditions, the rocket would not have crashed. >You suggest a precondition of the form:>> > >Indeed .. anyone can argue that their favorite language, if used properly, >would have avoided the Ariane 5 bug. That's true even for assembly language. > >The fact of the matter is that this bug was a result of the approach >used, and had nothing to do with the particular language chosen. Indeed >the Ariane 5 crash serves as a useful reminder that Ada is not some magic >panacea that prevents incompetent design and implementation! I agree with Robert Dewar. Please do not start a language war! It is made crystal clear in the paper that *THIS IS NOT A LANGUAGE PROBLEM* let me repeat it in case it is not clear: *THIS IS NOT A LANGUAGE PROBLEM* Basically, our claim in this paper is that it is a reuse issue (and in a lesser extent, a system integration test problem). Reusing a component without a precise specification of it is dangerous. That the component is written in Ada, Eiffel, C, assembly language has nothing to do with the way it is specified. The all point of the paper is that Design by Contract helps in the precise specification of components: signatures (a la CORBA) are not enough to specify a behavior, pre- and post conditions are needed to give more details. I'm willing to discuss this last point, but I will not answer any language issue in this thread. Best regards, -- Jean-Marc Jezequel Tel : +33 2 99847192 IRISA/CNRS Fax : +33 2 99847171 Campus de Beaulieu e-mail : jezequel@irisa.fr F-35042 RENNES (FRANCE) http://www.irisa.fr/pampa/PROF/jmj.html