From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00, REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4 Path: eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!mx02.eternal-september.org!feeder.eternal-september.org!aioe.org!.POSTED!not-for-mail From: "Dmitry A. Kazakov" Newsgroups: comp.lang.ada Subject: Re: How to get nice with GNAT? Date: Tue, 9 Dec 2014 18:59:16 +0100 Organization: cbb software GmbH Message-ID: References: <969708583438656051.436159nonlegitur-futureapps.invalid@reader80.eternal-september.org> <0d085a5a-d4ac-4506-ae5f-8da685f39004@googlegroups.com> <1ukyfvaqgkwo1.6ngfx1v21twz$.dlg@40tude.net> <1g5ttpzi8eywc$.1gluj9evlmeus.dlg@40tude.net> <1adpj5cs8xtkf$.hqv9tsofbfgz$.dlg@40tude.net> <1hrw1i0f6nyde.1obvidset2kfc$.dlg@40tude.net> Reply-To: mailbox@dmitry-kazakov.de NNTP-Posting-Host: yUABN/t9m6vXD7XrfDICJA.user.speranza.aioe.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Complaints-To: abuse@aioe.org User-Agent: 40tude_Dialog/2.0.15.1 X-Notice: Filtered by postfilter v. 0.8.2 Xref: news.eternal-september.org comp.lang.ada:23924 Date: 2014-12-09T18:59:16+01:00 List-Id: On Tue, 09 Dec 2014 16:14:20 -0700, Brad Moore wrote: > On 2014-12-09 1:51 AM, Dmitry A. Kazakov wrote: >>>> Which is using Ada as if it were C. The combinations of objects should be >>>> handled in a way allowing to map combinations onto the language items >>>> allowing static checks. Yes, it is not always possible, and where not >>>> possible it becomes a C program in Ada, partially of course. >>> >>> Not at all. C has no run-time checks; you'll never get any sort of error >>> from it unless you write it explicitly yourself. I'm never going to have >>> enough fortitude to write thousands of pages of checks by hand; I've got to >>> have language support to make those checks. >> >> Yes, but we are discussing bugs, not errors. When you say that an exception >> manifests a bug, then C is as good as Ada. The same bug in C will show >> itself differently, but so what. > > The "so what" is a monumentally huge difference in my experience. Aside > from C not having exceptions, having an exception flag an error at the > site of the violation can make it much easier to notice and fix the bug. And this is still a bug and a kind of C programming allowing such bugs to happen. > An unhandled exception in Ada however results in the > program ceasing execution, Not really. Quite frequently wrongly propagated exceptions are handled or converted into other exceptions (like when within Finalize). Even more frequently they are false positives like in the case of most accessibility checks and noise when they rather hide real problem than indicate it. > so it is more likely that the bug will be > noticed earlier, possibly before deployment, which can be far less costly. No. I don't think the difference is that big. In order to detect run-time bugs one needs tests designed to show these bugs. If an exception is not anticipated and thus was not targeted by a intentionally designed test chances that sporadic runs of the application will trigger it are very low. If the exception is anticipated, then it is easier to handle it properly or prevent altogether than to write a test. The real advantage of Ada over C in catching bugs early is not exceptions but static checks, most importantly static type checks. -- Regards, Dmitry A. Kazakov http://www.dmitry-kazakov.de