From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,HEADER_SPAM autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: fc772,b30bd69fa8f63cb2 X-Google-Attributes: gidfc772,public X-Google-Thread: 103376,b30bd69fa8f63cb2 X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2003-06-14 02:50:15 PST Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!logbridge.uoregon.edu!uwm.edu!rpi!not-for-mail From: kanze@gabi-soft.fr Newsgroups: comp.lang.ada,comp.lang.c++.moderated Subject: Re: C bug of the day Date: 14 Jun 2003 05:52:23 -0400 Organization: http://groups.google.com/ Sender: cppmods@netlab.cs.rpi.edu Message-ID: References: <1054751321.434656@master.nyc.kbcfp.com> NNTP-Posting-Host: netlab.cs.rpi.edu X-Original-Date: 13 Jun 2003 08:49:35 -0700 X-Submission-Address: c++-submit@netlab.cs.rpi.edu X-Auth: PGPMoose V1.1 PGP comp.lang.c++.moderated iQBVAwUAPurwUUHMCo9UcraBAQGgCgH/dqquJnLOXvvlbCjI2boTwV8nIEqJ52ow g9jMXN/D523R+dGdp3TijrhqWFL/fC3d39D/aFo57tKuqYhwjuYDOg== =/Rdy Xref: archiver1.google.com comp.lang.ada:39160 comp.lang.c++.moderated:68327 Date: 2003-06-14T05:52:23-04:00 List-Id: James Rogers wrote in message news:... > kanze@gabi-soft.fr wrote in > news:d6652001.0306120418.37a97d1c@posting.google.com: > > James Rogers wrote in message > > news:... > >> kanze@gabi-soft.fr wrote in > >> news:d6652001.0306100323.338a2a1c@posting.google.com: > >> > That doesn't mean C++ is perfect, of course. I'd rather have a > >> > language in which all of the defaults were fundamentally safe, > >> > but with the freedom to override them if you had special > >> > constraints, or even in cases where you came across a case > >> > which the language authors hadn't considered. I don't know > >> > such a language, however; it may exist somewhere, but if it > >> > does, it certainly isn't very popular or wide spread. > >> Since this was cross-posted to comp.lang.ada I think it is fair to > >> mention that there is a language that meets your description > >> above. That language is Ada. > > Permit me to be sceptical. If your claim is that Ada has more of > > the safe defaults than C++, I doubt anyone would dare argue it. If > > your claim is even that most of the defaults are the safe version, > > from what little I know of the language, it would seem true. But > > to say that in 1983, they got everything right, including problems > > that weren't even understood until significantly later. Well, I'm > > sceptical. Perfection just isn't of this world. > I am sorry. I did not mean that Ada is perfect. I meant that Ada is a > fundamentally safe language with the ability to turn off checking if > you encounter a situation where checking presents a problem for you. > > One point where I'm pretty sure Ada 83 didn't have the right > > default (although they may have fixed it in Ada 95): garbage > > collection. While there are places where it is necessary to turn > > garbage collection off (which seriously limits the use of a > > language in which you cannot have untraced pointers, which the > > garbage collector cannot see), the safe option is obviously to have > > it on by default, no? > Is garbage collection always the right default? For web applications > this may be true. Ada was originally designed for hard real time > embedded systems. In 1983 and 1995 there was no way to implement > deterministic garbage collection for hard real time systems with > nanosecond timing requirements. There still isn't, if you are talking about nanosecond timing requirements. In fact, at that level, there is no way to implement dynamic memory at all. > That said, like C++, Ada does not prohibit garbage collection. Perhaps a more relevant question would be: do comment implementations have it? Or is it used? (But as others have mentionned, it may not be used because typical Ada applications are in domains where it is NOT appropriate.) > >> Its defaults are fundamentally safe. It provides the ability to > >> override the safety constraints whenever you choose to. Note how > >> Ada differs from Java. You cannot turn off array bounds checking > >> for Java. In Ada you can. In fact, many Ada compilers will > >> optimize out bounds checking when they can determine the checks > >> are unnecessary. > > I believe that this is standard practice in all languages which > > support array bounds checking. > This is standard practice in theory. For many languages the reality is > that such optimizations are rare because the compiler lacks the > information needed to prove the safety of removing the bounds checks. The information isn't difficult to synthesize. But generally speaking, if the array bounds checking is part of the language, the compiler knows it. If your code is full of goto's, it is difficult for the compiler to figure out when it can suppress the checking, but it isn't difficult to realise that in a classical for loop, it doesn't have to check the bounds each time through. > >> In other words, you can arrive at the same level of safety which > >> is the default for C++. > > And you're bragging about it:-) ? > No, I am being practical. You can remove all safety checks in Ada and > produce a program as unsafe as anything you might write in C. On the > other hand, you can write a C++ program carefully and produce a very > safe result. Note that there is a lot of crossover in safety here. This sounds more like what I thought. You can write junk in either language, and you can write robust code in either. It's just that one language makes writing junk particularly easy, and the other makes robust code easier. -- James Kanze GABI Software mailto:kanze@gabi-soft.fr Conseils en informatique oriente objet/ Beratung in objektorientierter Datenverarbeitung 11 rue de Rambouillet, 78460 Chevreuse, France, Tl. : +33 (0)1 30 23 45 16 [ Send an empty e-mail to c++-help@netlab.cs.rpi.edu for info ] [ about comp.lang.c++.moderated. First time posters: do this! ]