From: Paul Rubin <no.email@nospam.invalid>
Subject: Re: Introductory Presentations, especially aimed at C++ programmers!
Date: Thu, 08 Dec 2016 02:25:46 -0800
Date: 2016-12-08T02:25:46-08:00 [thread overview]
Message-ID: <87y3zq4t05.fsf@nightsong.com> (raw)
In-Reply-To: f3abc4c7-9009-40eb-ac09-ad984c8d3fec@googlegroups.com
Maciej Sobczak <see.my.homepage@gmail.com> writes:
> Randy has correctly shown that in Ada it would not be any better - the
> log history would contain the same number of fixes for what is the
> same programming error.
I'm not convinced: because of C's lack of checks, more bugs make it
through the testing process, and end getting noticed after released,
resulting in fixes in the log. An Ada programmer might code the same
bug, but it might get caught right away during the developer's private
workflow, so the buggy version wouldn't make it into the public repo
resulting in a bug ticket and fix.
> Instead, you have written: "it is impossible for humans to write code
> in them without making such errors"
>
> The problem is - you did not provide any evidence to claim that those
> same humans would not make such errors in Ada.
I think the claim was that it's impossible for humans to stop making
silly errors in general, not that specific error of mismatched bounds on
a buffer.
> SPARK is a game-changer in this area - but there are too few
> long-lived internet-oriented open-source projects in SPARK to make a
> realistic comparison either. That is, if for whatever reason it is
> unrealistic to write such projects in SPARK, then SPARK is not a
> solution, either.
In this case another solution is dynamically allocated buffers and
automatic reclamation (GC, RAII, or whatever). Then a bug could result
in OOM, but that doesn't seem to happen nearly as often as buffer
overflows.
> And *this* is a real argument. Ada is safer not because it would
> prevent programmers from making errors, but because it would help them
> *contain the damage* resulting from those errors.
Best is to do both.
next prev parent reply other threads:[~2016-12-08 10:25 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-07-10 12:24 Introductory Presentations, especially aimed at C++ programmers! John McCabe
2009-07-10 21:49 ` jimmaureenrogers
2009-07-10 23:37 ` wwilson
2009-07-11 0:07 ` jimmaureenrogers
2009-07-12 4:00 ` wwilson
2009-07-11 8:15 ` Stephen Leake
2009-07-15 6:43 ` Jean-Pierre Rosen
2016-12-07 17:06 ` john
2016-12-07 17:44 ` Luke A. Guest
2016-12-07 18:35 ` Jeffrey R. Carter
2016-12-07 23:03 ` Randy Brukardt
2016-12-07 23:47 ` Jeffrey R. Carter
2016-12-08 0:08 ` Paul Rubin
2016-12-09 22:01 ` Randy Brukardt
2016-12-09 22:18 ` Jeffrey R. Carter
2016-12-13 0:53 ` Randy Brukardt
2016-12-13 3:21 ` Jeffrey R. Carter
2016-12-13 21:15 ` Robert A Duff
2016-12-13 22:05 ` Jeffrey R. Carter
2016-12-13 22:52 ` Robert A Duff
2016-12-14 0:02 ` Jeffrey R. Carter
2016-12-13 23:05 ` Randy Brukardt
2016-12-14 0:13 ` Jeffrey R. Carter
2016-12-14 22:48 ` Randy Brukardt
2016-12-15 0:00 ` Jeffrey R. Carter
2016-12-15 10:46 ` Maciej Sobczak
2016-12-16 7:37 ` Paul Rubin
2016-12-15 20:14 ` Niklas Holsti
2016-12-15 20:27 ` Jeffrey R. Carter
2016-12-15 21:04 ` Niklas Holsti
2016-12-15 21:40 ` Jeffrey R. Carter
2016-12-16 7:41 ` Paul Rubin
2016-12-13 22:50 ` Randy Brukardt
2016-12-14 0:08 ` Jeffrey R. Carter
2016-12-14 1:01 ` Shark8
2016-12-08 8:08 ` Maciej Sobczak
2016-12-08 8:38 ` Dmitry A. Kazakov
2016-12-08 10:25 ` Paul Rubin [this message]
2016-12-08 13:39 ` Maciej Sobczak
2016-12-09 1:30 ` Paul Rubin
2016-12-09 8:31 ` J-P. Rosen
2016-12-09 8:58 ` Paul Rubin
2016-12-09 9:18 ` J-P. Rosen
2016-12-09 9:27 ` Paul Rubin
2016-12-09 10:49 ` J-P. Rosen
2016-12-09 19:58 ` Jeffrey R. Carter
2016-12-09 8:35 ` G.B.
2016-12-09 8:57 ` Paul Rubin
2016-12-09 22:15 ` Randy Brukardt
2016-12-09 21:58 ` Randy Brukardt
2016-12-08 8:23 ` Maciej Sobczak
2016-12-08 18:54 ` Adam Jensen
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox