From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Thread: 103376,25e091afe1184988,start
X-Google-Attributes: gid103376,public
X-Google-Language: ENGLISH,ASCII-7-bit
Path: 
 g2news2.google.com!news3.google.com!news.glorb.com!newsfeed-0.progon.net!progon.net!news-zh.switch.ch!switch.ch!cernne03.cern.ch!not-for-mail
From: Maciej Sobczak <no.spam@no.spam.com>
Newsgroups: comp.lang.ada
Subject: Reference-oriented language and high-integrity software
Date: Fri, 03 Nov 2006 09:03:07 +0100
Organization: CERN News
Message-ID: <eiet3r$2on$1@cernne03.cern.ch>
NNTP-Posting-Host: abpc10883.cern.ch
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-2; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: cernne03.cern.ch 1162540987 2839 137.138.37.241 (3 Nov 2006 08:03:07
 GMT)
X-Complaints-To: news@@cern.ch
NNTP-Posting-Date: Fri, 3 Nov 2006 08:03:07 +0000 (UTC)
User-Agent: Thunderbird 1.5.0.7 (X11/20060922)
Xref: g2news2.google.com comp.lang.ada:7346
Date: 2006-11-03T09:03:07+01:00
List-Id: <comp.lang.ada>

John Barnes in "Programming in Ada 2005", in the introductory section in 
the chapter devoted to access types, writes:

"Java is currently popular. It has pointers which are called references. 
In fact almost everything is declared using references although this is 
hidden from the user. This means that Java is inappropriate for high 
integrity applications."

What is interesting is the following implication which JB leaves without 
explanation:

references => no high integrity

It's also clear that the above statement applies not only to Java in 
particular, but to every other language that is similarly 
"reference-oriented".

My question is - where this implication comes from?

Taking into account that JB also wrote a book about SPARK, some 
reasoning can be found there and my understanding (simplified) is that 
reference-oriented language implies a heavy use of dynamic memory, which 
makes it impractical/impossible to perform any static analysis of memory 
consumption. Garbage collectors add their own factors to the problem.

Is the above a reasonable explanation? Is it the only one? What else 
makes the reference-oriented languages inappropriate for high-integrity 
software?

And last but not least, how does the JB's statement stand in front of 
things like RealTime Java or even HIJA (High-Integrity Java)?


-- 
Maciej Sobczak : http://www.msobczak.com/
Programming    : http://www.msobczak.com/prog/