Everyone who writes safety critical software should read this

[Andrei Alexandrescu]

On 11/1/13 8:03 AM, bearophile wrote:
> Walter Bright:
>
>> ...
>
> Everyone who writes safety critical software should really avoid
> languages unable to detect integral overflows (at compile-time or
> run-time) in all normal numerical operations,

I'm unclear on why you seem so eager to grind that axe. The matter seems 
to be rather trivial - disallow statically the use of built-in 
integrals, and prescribe the use of library types that do the 
verification. A small part of the codebase that's manually verified 
(such as the library itself) could use the primitive types. Best of all 
worlds. In even a medium project, the cost of the verifier and 
maintaining that library is negligible.

> and languages that have undefined operations in their basic
> semantics.

We need to get SafeD up to snuff!

> So Ada language is OK, C and D are not OK for safety critical software.

Well that's Ada's claim to fame. But I should hope D would have a safety 
edge over C.


Andrei