From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.5-pre1 (2020-06-20) on ip-172-31-74-118.ec2.internal X-Spam-Level: X-Spam-Status: No, score=-0.5 required=3.0 tests=BAYES_05 autolearn=ham autolearn_force=no version=3.4.5-pre1 Date: 7 Jan 93 19:51:40 GMT From: agate!spool.mu.edu!think.com!enterpoop.mit.edu!mintaka.lcs.mit.edu!ai-lab !life.ai.mit.edu!tmb@ucbvax.Berkeley.EDU (Thomas M. Breuel) Subject: Re: An Ada Program Does What It Says? Message-ID: List-Id: In article <1993Jan6.215758.10007@mksol.dseg.ti.com> mccall@mksol.dseg.ti.com ( fred j mccall 575-3539) writes: >Stuff like expression ordering, floating point representation, concurency, >etc, will always be indeterminate. >Not to trigger yet another C vs Ada flamefest, but this expression in >C is a classic example... > r = (i++ == ++i) [*] It is also, of course, quite well documented and understood. You are correct in stating that just about every language is going to have syntactically correct constructs which produce undefined or implementation-defined results. You are, however, incorrect in your assumption that Ada is the only language in which these things are well documented or understood. First, there are different degrees of undefined behavior. For example, you could mandate that any result of expression [*] is going to correspond to one particular order of evaluation. In particular, that would mean that the effects of writing [*] would be limited to the variables mentioned in the statement. I believe in the case of order-of-evaluation dependencies, this is what C does, but for other "undefined behavior" (notably, pointer errors), the effects are not limited. Language specs can make an effort to mandate features that make the detection of bugs due to "undefined behavior" easier, for example, by mandating compiler options that excercise the different possibilities. Some implementations do this, but I don't know of any language standard that even recommends it. But more importantly, these sources of "indeterminacy" ("undefined behavior) can be eliminated completely. You can define order of evaluation, you can eliminate side effects, you can mandate a particular floating point representation, and/or you can choose models of parallel computation that do not give rise to "indeterminacy". I believe neither Ada nor C go far enough in this regard, although I suspect that Ada is somewhat better than C. The only languages that I know of that go much further in eliminating undefined behavior have parted with the Pascal heritage (the Pascal type system, imperative updates, processes, ...). Thomas.