Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!crdgw1!sunroof!hammondr From: hammondr@sunroof.crd.ge.com (Richard A Hammond) Newsgroups: comp.software-eng Subject: Re: bridge building (was Re: Documenting OO Systems) Message-ID: <19167@crdgw1.crd.ge.com> Date: 2 May 91 13:08:02 GMT References: <1259@grapevine.EBay.Sun.COM> <9105012313.AA23259@enuxha.eas.asu.edu> <33846@mimsy.umd.edu> <9105020234.AA01202@enuxha.eas.asu.edu> Sender: news@crdgw1.crd.ge.com Distribution: na Organization: General Electric Corporate R&D Center Lines: 60 In article <33846@mimsy.umd.edu> cml@care.cs.umd.edu (Christopher Lott) writes: >Let's discuss how we can identify these classes of faults, so we are >able to say before code reviews "watch out for this class of mistakes." >What are the classes of faults which occur most often in your environment? >How expensive are they to identify, fix? (In the previous red herring, >due to the application, pretty darned expensive if missed.) >It's more than that. The point is that the error was not caused by To which, In article <9105020234.AA01202@enuxha.eas.asu.edu> koehnema@enuxha.eas.asu.edu (Harry Koehnemann) responds: >a single programming mistake. It was designed, reviewed, and tested >extensively (I hope). Therefore, we must blame th process as being >inadequate to catch that type of error. Now, is that type of error >less likely to occur in a strongly typed language that strictly enforces >well identified software engineering principles (which C does not). >I'd say yes. Hell, anyone that uses a break stmt to transfer control >out of an if probably needs a little help. Does anybody have the actual code fragment and what it should have been? What follows may not apply (but neither may Harry's comment above). BULL!!! Harry, the error has nothing to do with typing, strong or weak, it was a syntax error, according to your description. In fact, the same error could be made in Ada, i.e. using 'exit' out of an if statement which is inside a loop, e.g. (formatted to line up parallel constructs) Ada version C Version loop for .... { if condition if ( condition ) then { do_something; do_something; exit; break; end if; } something_else_to_do; something_else_to_do; end loop; } Now I admit that the actual description I heard, which was similar to that given by Harry, was: using a break statement to terminate an if, makes no sense to me, i.e. it would be like saying that they used exit to terminate an if in Ada. Both only work in the syntax of the language if there is an outer loop (or case statement in C). As far as a language that supports "software engineering prnciples", I fail to see how this would help in this case. The error was inside a single module. I've done 13 years of programming in C, and spent the last two using Ada. While I much prefer using Ada to C, I won't be so bold as to claim that they make any difference in my error rate or productivity. In fact, I strongly suspect that some of the Ada sucess stories I've been hearing, on closer examination are examples of the Hawthorn effect, i.e. management pays attention to what's going on and gets better results. Disclaimer: my opinions are my own and not GE's. Rich Hammond