Re: Introductory Presentations, especially aimed at C++ programmers!

[Maciej Sobczak <see.my.homepage@gmail.com>]

> > Of course, Ada detected the error and crashed, but that's only
> > an iota better than what would have happened in C (the uninstaller didn't do
> > its job either way).
> 
> Well, no, that's not the same thing. You didn't overflow a buffer; you tried to 
> overflow a buffer, but Ada wouldn't let you.

But it is not what you have been referring to earlier. You have proposed to browse the log of changes of any long-lived internet-oriented open-source project in C++ and see how many fixes there were for buffer overflow problems. Randy has correctly shown that in Ada it would not be any better - the log history would contain the same number of fixes for what is the same programming error.
The run-time consequences of such errors might be different, but that was not your argument, either. Instead, you have written:

"it is impossible for humans to write code in them without making such errors"

The problem is - you did not provide any evidence to claim that those same humans would not make such errors in Ada.

SPARK is a game-changer in this area - but there are too few long-lived internet-oriented open-source projects in SPARK to make a realistic comparison either. That is, if for whatever reason it is unrealistic to write such projects in SPARK, then SPARK is not a solution, either.

> To my mind, that's exponentially 
> better than what you get in C. Nobody was able to take control of your computer 
> because your program crashed.

And *this* is a real argument. Ada is safer not because it would prevent programmers from making errors, but because it would help them *contain the damage* resulting from those errors. Use the right arguments, then you will be (more) convincing.

-- 
Maciej Sobczak * http://www.inspirel.com