From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,FREEMAIL_FROM, HEADER_SPAM autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: fc772,b30bd69fa8f63cb2 X-Google-Attributes: gidfc772,public X-Google-Thread: 103376,b30bd69fa8f63cb2 X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2003-06-12 02:21:32 PST Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!newspeer1.nwr.nac.net!nntp.cifnet.net!news-out.newsfeeds.com!propagator2-maxim!news-in.spamkiller.net!usc.edu!rpi!not-for-mail From: James Rogers Newsgroups: comp.lang.ada,comp.lang.c++.moderated Subject: Re: C bug of the day Date: 12 Jun 2003 05:23:44 -0400 Organization: AT&T Worldnet Sender: cppmods@netlab.cs.rpi.edu Message-ID: References: <1054751321.434656@master.nyc.kbcfp.com> NNTP-Posting-Host: netlab.cs.rpi.edu X-Original-Date: Thu, 12 Jun 2003 01:04:46 GMT X-Submission-Address: c++-submit@netlab.cs.rpi.edu X-Auth: PGPMoose V1.1 PGP comp.lang.c++.moderated iQBVAwUAPuhGnUHMCo9UcraBAQEHywH+ME8fkD385TPIQSj/3/MQ6FXFQqsD75Ix 6EKMTQNa9b1prO74UQc/tt7XgS2hzczY6z0+C+eTSfFoji4I1PAFFg== =ugLa Xref: archiver1.google.com comp.lang.ada:39038 comp.lang.c++.moderated:68203 Date: 2003-06-12T05:23:44-04:00 List-Id: "Andrei Alexandrescu" wrote in news:bc8423$gt53a$1@ID-14036.news.dfncis.de: > "James Rogers" wrote in message > news:Xns9396BDBB14558jimmaureenrogers@204.127.36.1... >> Its defaults are fundamentally safe. It provides the ability to >> override the safety constraints whenever you choose to. Note how >> Ada differs from Java. You cannot turn off array bounds checking >> for Java. In Ada you can. In fact, many Ada compilers will optimize >> out bounds checking when they can determine the checks are >> unnecessary. > > In fairness, it should be said that Java optimizers have the same > prerogative. Yes, Java optimizers can disable bounds checking. Java programmers cannot. The point I was trying to make is that Ada allows the programmer to explicitly turn off checks. Most of the time it is not necessary or desirable to turn off checks. Nevertheless, the programmer is allowed to do so. > >> In other words, you can arrive at the same level of safety which >> is the default for C++. With Ada, however, you need to remove >> safety checks to get there. Manually removing safety checks is not >> usually needed for performance reasons. >> >> Most programmers will use a language in the manner which requires >> minimum effort. This is why safety checks are not terribly common >> in C++. It is also why manually turning off safety checks is not >> terribly common in Ada. > > That's deep. I bet a ton of problems would have not existed through the > years if C (or at least C++) would have required: > > int i = uninitialized; > > instead of: > > int i; > > to define an uninitialized variable, and would have defaulted to > zero-initialization in the latter case. Interesting. Do you think the fundamental safety problem in C code is ininitialized integers? What about memory leaks, de-referencing null pointers, and array bounds violations? The lint tool was able to identify uninitialized variables nearly thirty years ago. Of course, lint is not part of the C language, but it is one of those tools that has been used to try to improve the quality of C code for decades. With the common availability of lint for so many years, why is do uninitialized variables still occur in C? The reason is that many programmers neglect to use tools such as lint, which support my point. Programmers are frequently lazy. They will do what takes the least amount of time to meet minimum requirements. This is simple human nature. A language that requires extra work to achieve safety will frequently be used to create unsafe programs. This is not because it is impossible to create safe programs with the language. It is because doing so requires extra work. On the other hand, a language that requires extra work to remove built in safety features will frequently be used to create safe programs. This is not because it is impossible to create unsafe programs with the language. It is because doing so requires extra work. Jim Rogers [ Send an empty e-mail to c++-help@netlab.cs.rpi.edu for info ] [ about comp.lang.c++.moderated. First time posters: do this! ]