From: Maciej Sobczak <see.my.homepage@gmail.com>
Subject: Re: computer language used to program Mars Lander
Date: Tue, 15 Jul 2008 00:27:48 -0700 (PDT)
Date: 2008-07-15T00:27:48-07:00 [thread overview]
Message-ID: <749ee60d-e6e8-45f5-a855-cc98a35c3279@l64g2000hse.googlegroups.com> (raw)
In-Reply-To: 887fc0a7-0a5a-4d2e-a9ea-eb9e32d6a818@m36g2000hse.googlegroups.com
On 14 Lip, 13:49, Nick Keighley <nick_keighley_nos...@hotmail.com>
wrote:
> I suspect its a damn sight easier to prove C correct than C++.
>
> a = b + c;
>
> probably does what it says in C (assuming b and c have good values
> and it doesn't overflow). In C++ there could be half a dozen
> overloaded
> operators in there.
Your reasoning is completely broken.
Let's try this one:
I suspect its a damn sight easier to prove C correct than Ada.
a = b + c;
probably does what it says in C. In Ada (substitute := for = ) there
could be half a dozen overloaded operators in there (and some
controlled operations as well).
Do you think that there are some monkeys in the project that randomly
overload operators? If yes, then Ada is equally vulnerable.
Another point: the operator + in C *is* overloaded and not only its
meaning, but also the generated object code differs depending on the
types of a and b. Yes, this is what overloading is all about and yes,
you can have serious errors in C because of that, especially when
combined with implicit conversions. What C++ or Ada can offer in this
area is at least to get rid of those implicit conversions. This is a
huge gain for proving correctness of the code.
--
Maciej Sobczak * www.msobczak.com * www.inspirel.com
next prev parent reply other threads:[~2008-07-15 7:27 UTC|newest]
Thread overview: 61+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-07-14 11:18 computer language used to program Mars Lander jhc0033
2008-07-14 11:21 ` jacob navia
2008-07-14 21:27 ` Maciej Sobczak
2008-07-14 11:49 ` Nick Keighley
2008-07-15 7:27 ` Maciej Sobczak [this message]
2008-07-16 6:02 ` jhc0033
2008-07-16 21:57 ` Brian
2008-07-23 14:43 ` Michael Oswald
2008-07-23 22:53 ` Larry Elmore
2008-07-24 6:59 ` jhc0033
2008-07-24 7:18 ` Stefan Scholl
2008-07-24 12:14 ` Grant Rettke
2008-07-24 7:39 ` John Thingstad
2008-07-24 7:51 ` jhc0033
2008-07-24 9:40 ` John Thingstad
2008-07-24 20:39 ` Brian
2008-07-25 6:10 ` jhc0033
2008-07-25 20:29 ` Brian
2008-07-26 3:03 ` jhc0033
2008-07-26 6:09 ` Brian
2008-07-24 8:40 ` pls.mrjm
2008-07-24 9:04 ` Pascal J. Bourguignon
2008-07-24 11:35 ` Michael Oswald
2008-07-24 12:15 ` Stefan Scholl
2008-07-24 12:36 ` Michael Oswald
2008-07-25 21:19 ` j.oke
2008-07-25 22:34 ` Adam Beneschan
2008-07-25 23:30 ` Joost Kremers
2008-07-26 12:41 ` j.oke
2008-07-26 12:51 ` j.oke
2008-07-17 21:56 ` Paul Hsieh
2008-07-17 22:30 ` Chris Thomasson
2008-07-17 23:03 ` Default User
2008-07-18 0:03 ` Chris Thomasson
2008-07-18 0:02 ` Gary Scott
2008-07-18 0:08 ` Chris Thomasson
2008-07-18 18:02 ` Colin Paul Gloster
2008-07-18 18:51 ` Dmitry A. Kazakov
2008-07-18 18:37 ` Pascal Obry
2008-07-18 19:45 ` Gautier
2008-07-18 20:26 ` jacob navia
2008-07-18 21:01 ` Georg Bauhaus
2008-07-18 21:14 ` Gary Scott
2008-07-18 20:45 ` Richard Tobin
2008-07-22 8:39 ` Jean-Pierre Rosen
2008-07-22 10:45 ` Nick Keighley
2008-07-22 10:50 ` Richard
2008-07-22 11:20 ` Jean-Pierre Rosen
2008-07-22 21:11 ` CBFalconer
2008-07-23 8:40 ` Jean-Pierre Rosen
2008-07-23 13:00 ` CBFalconer
2008-07-26 11:13 ` Antoninus Twink
2008-07-22 12:05 ` Chris Dollin
2008-07-22 13:39 ` Walter Banks
2008-07-14 15:31 ` george.priv
2008-07-14 15:38 ` Keith Thompson
2008-07-14 21:29 ` CBFalconer
2008-07-15 12:04 ` Stephen Leake
2008-07-15 13:55 ` Georg Bauhaus
2008-07-15 23:35 ` Phaedrus
2008-07-16 5:21 ` christoph.grein
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox