Re: where exactly c++,c fail and Ada gets thru'

"jimmaureenrogers@xxxxxxxxxxxxxxxx" <jimmaureenrogers@xxxxxxxxxxxxxxxx> writes:
Ananth the Boss wrote:
we are developing safety critical software.my seniors say that c and
c++ are not suitable for safety critical software development and ada
is very much safe.NASA aslo uses Ada.at what point c++ or c turns to be
not suitable for devleloping flight software. i may be wrong also. can
any one give some more justifications for telling "ADA is safe" thanks
in advance

The Coding Standards for the Joint Strike Fighter
http://public.research.att.com/~bs/JSF-AV-rules.pdf
give you an idea of the kinds of safety problems recognized in both
C and C++.

For example, the standard prohibits the use of C-style arrays as
function parameters. The problem cited is the degeneration of an
array function argument into a pointer. The pointer provides no
information about the size of the array it points to.

In fact, it's not possible in C to pass an array directly as a
function parameter. The language allows a parameter to be declared
with array syntax, but this is exactly equivalent to declaring it as a
pointer. For example, these two C declarations are exactly
equivalent:

void func(int arr[]);
void func(int *arr);

It's a common misconception that arrays are "really" pointers in C.
In fact they're not, but there are some features of the language
(certain implicit conversions, the above syntax for parameter
declarations) that can make it look that way. If you're curious about
the details, section 6 of the comp.lang.c FAQ has a good summary.

I haven't looked at the coding standards document in question.
Possibly it just forbids the use of array syntax to represent what's
really a pointer parameter. Forbidding pointer parameters would be a
serious problem; much of the standard library does this, and it's the
normal way to achieve the effect of passing an array.

--
Keith Thompson (The_Other_Keith) kst-u@xxxxxxx <http://www.ghoti.net/~kst>
San Diego Supercomputer Center <*> <http://users.sdsc.edu/~kst>
We must do something. This is something. Therefore, we must do this.
.

Relevant Pages

  • Re: char **argv & char *argv[]
    ... "pointer to pointer to char". ... >> pointer)) pointing to the first element of an array. ... so we have to start adding more context. ... type "pointer to char", rather than "array MISSING_SIZE of char". ...
    (comp.lang.c)
  • Re: **p vs. p[][]
    ... declare a 2D array and then treat it as a pointer to a pointer (e.g., ... Note that after these declarations you can increment both objects by ...
    (comp.lang.c)
  • Re: why cannot assign to function call
    ... hypothetical C-like languages, ... sizeof business would still indicate that a pointer was being passed. ... talk about variables of an array type. ... the earlier version of the standard didn't have numbered ...
    (comp.lang.python)
  • Re: multi dimensional arrays as one dimension array
    ... please - where does the standard say that such a conversion ... Pointer conversion yields a pointer to the same object as ... exist only where there are array declarations. ...
    (comp.lang.c)
  • Re: Evaluating unary *
    ... 'arr' exists, ... value can be used with the same syntax as would be used to access a 2D array of the kind you're referring to, but that 2D array is just a different way of looking as the same object that was already created by the definition of 'arr'. ... to me, it makes sense to return a pointer to the first value of an array, but to return the address of the pointer to the first value of an array, is not directly possible as such. ... lea eax, ...
    (comp.std.c)