Re: Ada and C++: A request for comparison/contrast/relative benefits

[alice!bs@ucbvax.Berkeley.EDU (Bjarne Stroustrup)]

Under the heading

	Ada and C++: A request for comparison/contrast/relative benefits

dewar@cs.nyu.edu (Robert Dewar @ Courant Institute of Mathematical Sciences) wr
ites

 > ah yes, and this thorough testing of the phone system by the public includes
 > we, the public, being kind enough to find the bug that brought down the AT&T
 > long lines for a period of time which was probably sufficient to exhaust the
ir
 > quota for downtime for the next hundred years.

referring to the infamous bug in a C program (assuming that it really was
a C bug, which I don't for a fact).

Two days ago one of the new Swedish JAS-39 Gripen fighter planes crashed
during a low speed demonstration flight over central Stockholm. The problem
was an error in the control system. That system is programmed in Ada. The
pilot ejected safely and amazingly only a few people were injured when the
plane hit the ground.

Assume for the moment that the assertions of a software failure that I
have heard are true. Does that mean that Ada is a bad programming language?
Does that mean that Ada programming is unsafe? Does that mean that I have
to express fear of dealing with ``gadgets'' programmed in Ada? Does that
mean I have to write to my congressman demanding the exclusive use of
another, safer, language for all critical applications?

	Of course not!

However, did I accurately describe a common thread of argument against C++
in this newsgroup?

	Of course.

On top of that, that common thread takes a problem with C and counts it as
a fatal flaw in C++. 

What catastrophic software induced failures, such as plane crashes and
telephone breakdowns, tells us is that no language is 100% safe and that
we can't rely 100% on any part of a system. the reliability of a system
depends on every part and ascribing an error to a particular part of the
total system is simply pin-pointing the error. The real responsibility
for the integrity of the system is in the people who produce the system
and not in any one part of the system.

Should this argument be taken to mean that safety of language constructs
is irrellevant? Not at all; we want to have our languages as safe as is
reasonable. Exactly as we want every other component in the system as
safe and reliable as is reasonable. However, we can decide where in the
system to spend our limited resources. Focussing exclusively on the
programming language - or any other individual part of the system -
is absurd.

Blaming a programming language for a specific systems failure, even a purely
software one is confusing the issue. We can make mistakes in any language.
We can write bad code in any language. We try not to and we try to choose
our languages with that in mind.

	- Bjarne

PS For solid information about C++ I recommend
  B.Stroustrup: The C++ Programming Language (2nd edition), Addison-Wesley
  B.Stroustrup: The History of C++, Proc HOPL2 Conf. ACM Sigplan Notices, Mar'9
3.
They don't compare C++ to Ada but they ought to be able correct some of the
misconceptions and hype that is floating around.