From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.4 required=5.0 tests=AC_FROM_MANY_DOTS,BAYES_00 autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,85034d1ac78a66eb X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2002-03-18 19:20:26 PST Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!newsfeeds.belnet.be!news.belnet.be!newsgate.cistron.nl!psiuk-p2!psiuk-p3!uknet!psiuk-n!news.pace.co.uk!nh.pace.co.uk!not-for-mail From: "Marin David Condic" Newsgroups: comp.lang.ada Subject: Re: Ada Operating System Date: Mon, 18 Mar 2002 12:24:29 -0500 Organization: Posted on a server owned by Pace Micro Technology plc Message-ID: References: <3c77b476.322111671@news.cis.dfn.de> <3C88E0D1.89161C16@despammed.com> <3C8A3999.2000301@earthlink.net> <3C8B0191.3080705@mail.com> <3C8C3C4E.9030703@mail.com> <3C961352.DE25ADF1@avercom.net> NNTP-Posting-Host: dhcp-200-133.miami.pace.co.uk X-Trace: nh.pace.co.uk 1016472270 25001 136.170.200.133 (18 Mar 2002 17:24:30 GMT) X-Complaints-To: newsmaster@news.cam.pace.co.uk NNTP-Posting-Date: 18 Mar 2002 17:24:30 GMT X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Xref: archiver1.google.com comp.lang.ada:21439 Date: 2002-03-18T17:24:30+00:00 List-Id: Oh sure. I'd agree - I just don't want to get caught making extraordinary claims that start the whole "Any Competent C Programmer Would..." kinds of debate. While Ada is busy checking mundane kinds of things, its likely to surface higher level mistakes. If you're tripping over all sorts of type conflicts, for example, it probably means you need to revisit your design as possibly needing some additional thinking. Or it might make it clear that someone is misusing a structure in some way that reflects incorrect logic. People often say "If you get an Ada program past the compiler, chances are it is correct..." - but I just don't want to claim that this is, of necessity, so. MDC -- Marin David Condic Senior Software Engineer Pace Micro Technology Americas www.pacemicro.com Enabling the digital revolution e-Mail: marin.condic@pacemicro.com "Tucker Taft" wrote in message news:3C961352.DE25ADF1@avercom.net... > > I would go a bit further than that. It is true that Ada is very good at > catching "stupid" errors like leaving out a semicolon, misspelling an > identifier, swapping the order of parameters, indexing with the wrong > variable, etc. But the surprising thing, once you start using a language > like Ada, is the number of "subtle" errors that it catches. May favorite > analogy is that of trying to ski down a ski slope. If there are is just > one (slalom) gate on the slope, pretty much anyone can make it through the gate > and down the slope. However, once you get a few dozen gates, you have > to have a "deeply correct" understanding of skiing to make it through > the "gauntlet," even though each gate is checking something "trivial." > > In the same way, Ada throws up several "gates" on every line of the > program, both picky compile-time checks, and run-time checks for things > that can't be proved correct at compile-time. The actual number of > checks performed compared to languages with a weaker typing model > is quite impressive when you start counting them. All of these > checks are of the "mundane" variety, but the combination of them > all creates a gauntlet that, typically, only a "deeply consistent" > program can satisfy. The empirical evidence is that a program > written in a language with as many consistency checks as Ada, once > it makes it through the compile-time and run-time gauntlets, is much > closer to being "correct" than a program with a weaker gauntlet > to pass. And the overall time required to bring a program to the > desired level of quality is significantly less because of these > gauntlets made up of "trivial" checks. >