From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 Path: border2.nntp.dca3.giganews.com!backlog4.nntp.dca3.giganews.com!border2.nntp.dca.giganews.com!nntp.giganews.com!usenet.blueworldhosting.com!feeder01.blueworldhosting.com!feeder.erje.net!eu.feeder.erje.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: Niklas Holsti Newsgroups: comp.lang.ada Subject: Re: Heartbleed Date: Sat, 12 Apr 2014 23:57:14 +0200 Organization: Tidorum Ltd Message-ID: References: <1ljwj8f.1wqbhvuabsdw1N%csampson@inetworld.net> <51c7d6d4-e3be-44d5-a4ce-f7e875345588@googlegroups.com> <%J32v.70539$kp1.45343@fx14.iad> <87mwfq4vvj.fsf@kuiper.lan.informatimago.com> <87ioqe4brz.fsf@kuiper.lan.informatimago.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Trace: individual.net IpNGPNnq/0F8VRcppqYHZQbjSAnrbcrI2m/M89Twovcwc3aeBq Cancel-Lock: sha1:nmV1pUxGvEyCESR4S82hFiiWaf4= User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 In-Reply-To: <87ioqe4brz.fsf@kuiper.lan.informatimago.com> X-Original-Bytes: 2821 Xref: number.nntp.dca.giganews.com comp.lang.ada:185722 Date: 2014-04-12T23:57:14+02:00 List-Id: On 14-04-12 20:56 , Pascal J. Bourguignon wrote: > > IIRC, Ariane 5 software was written in Ada. Still is, I believe, but irrelevant to the failure AIUI. > http://www.di.unito.it/~damiani/ariane5rep.html > In a language like lisp or python, the arithmetic operations that can't > produce fixnums automatically produce bignums, and all the code will > automatically handle bignums once the magnitudes require them. But, as I understand it, that out-of-range value was then to be put into some HW or telemetry field with a fixed size; the bignum would have to be converted to a fixnum; the out-of-range error would happen (one hopes), and there we are again. > Similarly, the Mars Climate Orbiter bug occured in statically typed > programming language: variables containing different units were still of > the same floating point data type. > http://en.wikipedia.org/wiki/Mars_Climate_Orbiter#Cause_of_failure > > A dynamically strongly typed-value programming language such as Lisp or > Python would have used objects containing both the magnitude and the > unit, and an operation mixing objects of different units would have > involved an automatic unit conversion. Except that the data were produced in one program and then given as input to another program, breaking the type-checking chain. Moreover, I don't see how you can be sure that a Lisp or Python implementation *would* have used run-time unit tags. And finally, as GNAT now shows, unit checking can be done statically with types, which is always IMO better for this kind of systems. -- Niklas Holsti Tidorum Ltd niklas holsti tidorum fi . @ .