From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,25b9eb5c3a89bced X-Google-Attributes: gid103376,public X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news2.google.com!news3.google.com!border1.nntp.dca.giganews.com!nntp.giganews.com!wns14feed!worldnet.att.net!24.30.200.11!news-east.rr.com!news-feed-01.rdc-kc.rr.com!news.rr.com!cyclone2.kc.rr.com!news2.kc.rr.com!tornado.socal.rr.com.POSTED!53ab2750!not-for-mail Newsgroups: comp.lang.ada Subject: Re: where exactly c++,c fail and Ada gets thru' References: <1145852356.559455.222600@i39g2000cwa.googlegroups.com> <1145855124.720029.35280@t31g2000cwb.googlegroups.com> From: Keith Thompson Message-ID: User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux) Cancel-Lock: sha1:jDrrS3942He1WPA6swrh0CPfRFI= MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 24 Apr 2006 22:33:09 GMT NNTP-Posting-Host: 66.75.136.120 X-Complaints-To: abuse@rr.com X-Trace: tornado.socal.rr.com 1145917989 66.75.136.120 (Mon, 24 Apr 2006 15:33:09 PDT) NNTP-Posting-Date: Mon, 24 Apr 2006 15:33:09 PDT Organization: Road Runner High Speed Online http://www.rr.com Xref: g2news2.google.com comp.lang.ada:3923 Date: 2006-04-24T22:33:09+00:00 List-Id: "jimmaureenrogers@worldnet.att.net" writes: > Ananth the Boss wrote: >> we are developing safety critical software.my seniors say that c and >> c++ are not suitable for safety critical software development and ada >> is very much safe.NASA aslo uses Ada.at what point c++ or c turns to be >> not suitable for devleloping flight software. i may be wrong also. can >> any one give some more justifications for telling "ADA is safe" thanks >> in advance > > The Coding Standards for the Joint Strike Fighter > http://public.research.att.com/~bs/JSF-AV-rules.pdf > give you an idea of the kinds of safety problems recognized in both > C and C++. > > For example, the standard prohibits the use of C-style arrays as > function parameters. The problem cited is the degeneration of an > array function argument into a pointer. The pointer provides no > information about the size of the array it points to. In fact, it's not possible in C to pass an array directly as a function parameter. The language allows a parameter to be declared with array syntax, but this is exactly equivalent to declaring it as a pointer. For example, these two C declarations are exactly equivalent: void func(int arr[]); void func(int *arr); It's a common misconception that arrays are "really" pointers in C. In fact they're not, but there are some features of the language (certain implicit conversions, the above syntax for parameter declarations) that can make it look that way. If you're curious about the details, section 6 of the comp.lang.c FAQ has a good summary. I haven't looked at the coding standards document in question. Possibly it just forbids the use of array syntax to represent what's really a pointer parameter. Forbidding pointer parameters would be a serious problem; much of the standard library does this, and it's the normal way to achieve the effect of passing an array. -- Keith Thompson (The_Other_Keith) kst-u@mib.org San Diego Supercomputer Center <*> We must do something. This is something. Therefore, we must do this.