From: Keith Thompson <kst-u@mib.org>
Subject: Re: where exactly c++,c fail and Ada gets thru'
Date: Mon, 24 Apr 2006 22:33:09 GMT
Date: 2006-04-24T22:33:09+00:00 [thread overview]
Message-ID: <lniroy1u56.fsf@nuthaus.mib.org> (raw)
In-Reply-To: 1145855124.720029.35280@t31g2000cwb.googlegroups.com
"jimmaureenrogers@worldnet.att.net" <jimmaureenrogers@worldnet.att.net> writes:
> Ananth the Boss wrote:
>> we are developing safety critical software.my seniors say that c and
>> c++ are not suitable for safety critical software development and ada
>> is very much safe.NASA aslo uses Ada.at what point c++ or c turns to be
>> not suitable for devleloping flight software. i may be wrong also. can
>> any one give some more justifications for telling "ADA is safe" thanks
>> in advance
>
> The Coding Standards for the Joint Strike Fighter
> http://public.research.att.com/~bs/JSF-AV-rules.pdf
> give you an idea of the kinds of safety problems recognized in both
> C and C++.
>
> For example, the standard prohibits the use of C-style arrays as
> function parameters. The problem cited is the degeneration of an
> array function argument into a pointer. The pointer provides no
> information about the size of the array it points to.
In fact, it's not possible in C to pass an array directly as a
function parameter. The language allows a parameter to be declared
with array syntax, but this is exactly equivalent to declaring it as a
pointer. For example, these two C declarations are exactly
equivalent:
void func(int arr[]);
void func(int *arr);
It's a common misconception that arrays are "really" pointers in C.
In fact they're not, but there are some features of the language
(certain implicit conversions, the above syntax for parameter
declarations) that can make it look that way. If you're curious about
the details, section 6 of the comp.lang.c FAQ has a good summary.
I haven't looked at the coding standards document in question.
Possibly it just forbids the use of array syntax to represent what's
really a pointer parameter. Forbidding pointer parameters would be a
serious problem; much of the standard library does this, and it's the
normal way to achieve the effect of passing an array.
--
Keith Thompson (The_Other_Keith) kst-u@mib.org <http://www.ghoti.net/~kst>
San Diego Supercomputer Center <*> <http://users.sdsc.edu/~kst>
We must do something. This is something. Therefore, we must do this.
next prev parent reply other threads:[~2006-04-24 22:33 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-04-24 4:19 where exactly c++,c fail and Ada gets thru' Ananth the Boss
2006-04-24 5:05 ` jimmaureenrogers
2006-04-24 7:45 ` Ananth the Boss
2006-04-24 19:17 ` Martin Krischik
2006-04-24 20:23 ` Simon Wright
2006-04-24 22:34 ` Keith Thompson
2006-04-24 22:33 ` Keith Thompson [this message]
2006-04-25 5:23 ` Jeffrey R. Carter
2006-04-26 17:48 ` Martin Krischik
2006-04-26 19:33 ` Keith Thompson
2006-04-26 15:10 ` Maciej Sobczak
2006-04-26 17:32 ` Martin Krischik
2006-04-27 10:07 ` Maciej Sobczak
2006-04-27 21:19 ` Keith Thompson
2006-04-28 7:00 ` Martin Krischik
2006-04-28 12:27 ` Maciej Sobczak
2006-04-29 7:03 ` Martin Krischik
2006-04-29 14:08 ` REH
2006-05-01 10:20 ` Xcriber51
2006-05-01 13:55 ` REH
2006-05-02 6:43 ` Maciej Sobczak
2006-04-27 16:48 ` REH
2006-04-28 7:49 ` Martin Krischik
2006-04-28 11:17 ` REH
2006-04-29 6:47 ` Martin Krischik
2006-04-24 8:13 ` Rod Chapman
2006-04-25 1:57 ` Steve
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox