Ariane 5 Failure from 1996

15 views
Skip to first unread message

John McCabe

unread,
Jul 10, 2009, 10:53:33 AM7/10/09
to
Dear All

The other day, some geezer who was presenting to me claimed that
someone had carried out an analysis to show that, had the Ariane 5
software been written in C, the first launch would have succeeded.

Are any of you aware of this claim and have information to debunk
this?

Thanks
John

Martin

unread,
Jul 10, 2009, 11:04:21 AM7/10/09
to

Not aware of this claim and it's entirely hypothetical - you could
argue that if the C programmers had been 'average' C programmers, it
might not have got to the launch pad!

My understanding of the Ariane pretty slim but if Wikipedia is
accurate (http://en.wikipedia.org/wiki/Ariane_5) then it seems likely
that the same error would have occurred, as my reading is that it was
the deliberate removal of Ada checks that led to the 32-bit Float
being assigned to a 16-bit value, i.e. that part was C-in-Ada-syntax.

Cheers
-- Martin

John McCabe

unread,
Jul 10, 2009, 11:09:04 AM7/10/09
to
On Fri, 10 Jul 2009 08:04:21 -0700 (PDT), Martin
<martin...@btopenworld.com> wrote:

>On Jul 10, 3:53�pm, John McCabe <j...@nospam.assen.demon.co.uk> wrote:
>> Dear All
>>
>> The other day, some geezer who was presenting to me claimed that
>> someone had carried out an analysis to show that, had the Ariane 5
>> software been written in C, the first launch would have succeeded.
>>
>> Are any of you aware of this claim and have information to debunk
>> this?
>>
>> Thanks
>> John
>
>Not aware of this claim and it's entirely hypothetical - you could
>argue that if the C programmers had been 'average' C programmers, it
>might not have got to the launch pad!

That was the general view of me and one other non-anti-Ada person in
the room :-)

>My understanding of the Ariane pretty slim but if Wikipedia is
>accurate (http://en.wikipedia.org/wiki/Ariane_5) then it seems likely
>that the same error would have occurred, as my reading is that it was
>the deliberate removal of Ada checks that led to the 32-bit Float
>being assigned to a 16-bit value, i.e. that part was C-in-Ada-syntax.

Interestingly enough, it is claimed in this article by the presenter,
with no reference as far as I can see to back up the claim.

http://www.two-sdg.demon.co.uk/curbralan/papers/MindYourLanguage.pdf

To me the whole section on Ada sounds like a typical spiel from
someone who really doesn't know Ada and has picked up a load of
anti-Ada propaganda from a number of disparate sources.

Albrecht Käfer

unread,
Jul 10, 2009, 11:26:48 AM7/10/09
to
John McCabe schrieb:

> The other day, some geezer who was presenting to me claimed that
> someone had carried out an analysis to show that, had the Ariane 5
> software been written in C, the first launch would have succeeded.

Yes.


In 2030. When the debugging was done.


Albrecht

Adam Beneschan

unread,
Jul 10, 2009, 11:38:00 AM7/10/09
to

Microsoft Windows is written in C (or C++), I think. That should be
good enough to debunk any such garbage. :) :)

-- Adam

jonathan

unread,
Jul 10, 2009, 11:45:21 AM7/10/09
to
On Jul 10, 3:53 pm, John McCabe <j...@nospam.assen.demon.co.uk> wrote:

Any program that met the requirements would have destroyed the flight
at exactly the same time and in exactly the same way. It could
have been written in C, Ada, or assembly and if it met the
requirements
exactly it would have destroyed flight 501 the same 37 seconds
after liftoff.

Post-flight analysis described the problem as a requirements failure .

(That's my memory of the event.)

Jonathan

Bjarne Bäckström

unread,
Jul 10, 2009, 12:01:35 PM7/10/09
to
Martin <martin...@btopenworld.com> wrote:

The full report can be found here:
<http://sunnyday.mit.edu/accidents/Ariane5accidentreport.html>
--

Hibou57 (Yannick Duchêne)

unread,
Jul 10, 2009, 12:27:45 PM7/10/09
to
On 10 juil, 17:09, John McCabe <j...@nospam.assen.demon.co.uk> wrote:
> http://www.two-sdg.demon.co.uk/curbralan/papers/MindYourLanguage.pdf
>
> To me the whole section on Ada sounds like a typical spiel from
> someone who really doesn't know Ada and has picked up a load of
> anti-Ada propaganda from a number of disparate sources.

Thanks for the link, there a many others interesting papers in this
directory : http://www.two-sdg.demon.co.uk/curbralan/papers/

John B. Matthews

unread,
Jul 10, 2009, 2:17:59 PM7/10/09
to
In article <t8me55930rcv5n4ml...@4ax.com>,
John McCabe <jo...@nospam.assen.demon.co.uk> wrote:

> On Fri, 10 Jul 2009 08:04:21 -0700 (PDT), Martin
> <martin...@btopenworld.com> wrote:

[...]


> >My understanding of the Ariane pretty slim but if Wikipedia is
> >accurate (http://en.wikipedia.org/wiki/Ariane_5) then it seems
> >likely that the same error would have occurred, as my reading is
> >that it was the deliberate removal of Ada checks that led to the
> >32-bit Float being assigned to a 16-bit value, i.e. that part was
> >C-in-Ada-syntax.
>
> Interestingly enough, it is claimed in this article by the presenter,
> with no reference as far as I can see to back up the claim.
>
> http://www.two-sdg.demon.co.uk/curbralan/papers/MindYourLanguage.pdf

The author may have meant to cite "ARIANE 5 Flight 501 Failure Report
by the Inquiry Board" in reference 7, but the link is invalid:

<http://www.esrin.esa.it/htdocs/tidc/Press/Press96/ariane5rep.html>

An archive may be found here:

<http://web.archive.org/web/20000815230639/www.esrin.esa.it/htdocs/tidc/
Press/Press96/ariane5rep.html>

> To me the whole section on Ada sounds like a typical spiel from
> someone who really doesn't know Ada and has picked up a load of
> anti-Ada propaganda from a number of disparate sources.

The article claims, "had the system been written in C, the disaster
would probably never have happened!" That conclusion is unsupported in
the article.

In contrast, I never get tired of reading Ian Joyner's "C++??", which
I'd forgotten has a whole section on C:

<http://www.literateprogramming.com/c++critique.pdf>

--
John B. Matthews
trashgod at gmail dot com
<http://home.roadrunner.com/~jbmatthews/>

John McCabe

unread,
Jul 10, 2009, 2:29:13 PM7/10/09
to
jonathan <john...@googlemail.com> wrote:

Jonathan

>Any program that met the requirements would have destroyed the flight
>at exactly the same time and in exactly the same way. It could
>have been written in C, Ada, or assembly and if it met the
>requirements
>exactly it would have destroyed flight 501 the same 37 seconds
>after liftoff.
>
>Post-flight analysis described the problem as a requirements failure .
>
>(That's my memory of the event.)

I don't want to get into another discussion on the failure itself, I'd
just like to know if there's any known information about this claim
that's been made about C.

FWIW though, if, as someone else has said, the SRI for A5 used a
MIL-STD-1750A processor then, as I remember that chip, there is a way
for arithmetic overflow (i.e. x + y = z where x and y are both
positive and z is negative) to cause a machine fault interrupt. I
imagine that this would be disabled in C as it's not a check that
should be made by the language (forgive me if my memory of
MIL-STD-1750A is hazy, I haven't used them since 1997). The point this
guy was making was that, in C, the machine fault would not have
occured as the overflow would have been allowed to happen and 3 or 4
seconds later the SRI would have shut down as expected (well, as
required for Ariane 4!) and all would have been well.

Sounds like nonsense to me though.

John

John McCabe

unread,
Jul 10, 2009, 2:44:31 PM7/10/09
to
John McCabe <jo...@nospam.assen.demon.co.uk.nospam> wrote:

>FWIW though, if, as someone else has said, the SRI for A5 used a
>MIL-STD-1750A processor then, as I remember that chip, there is a way
>for arithmetic overflow (i.e. x + y = z where x and y are both
>positive and z is negative) to cause a machine fault interrupt. I
>imagine that this would be disabled in C as it's not a check that
>should be made by the language (forgive me if my memory of
>MIL-STD-1750A is hazy, I haven't used them since 1997).

This is what I was getting at (from MIL-STD-1750A):

5.85 Convert floating point to 16-bit integer.
----------------------------------------
ADDR MODE MNEMONIC FORMAT/OPCODE
---- ---- -------- -------------
8 4 4
----------------------
R FIX RA,RB | E8 | RA | RB |
----------------------
DESCRIPTION: The integer portion of the floating point Derived
Operand, DO
----------- (i.e., the contents of registers RB and RB+1), is stored
into
register RA. If the actual value of the DO floating point exponent
is greater than 0F (Base 16), then RA remains unchanged and a
FIXED POINT OVERFLOW OCCURS. The condition status, CS, is set <<<<<<
based on the result in RA.
Note: The algorithm truncates toward zero.

===============
Fixed point overflow is, I believe, a maskable interrupt.

Niklas Holsti

unread,
Jul 10, 2009, 3:46:48 PM7/10/09
to
John McCabe wrote:

> jonathan <john...@googlemail.com> wrote:
>
>> Any program that met the requirements would have destroyed the flight
>> at exactly the same time and in exactly the same way. It could
>> have been written in C, Ada, or assembly and if it met the
>> requirements
>> exactly it would have destroyed flight 501 the same 37 seconds
>> after liftoff.
>>
>> Post-flight analysis described the problem as a requirements failure .
>>
>> (That's my memory of the event.)

Agrees with my understanding.

> ...


> The point this
> guy was making was that, in C, the machine fault would not have
> occured as the overflow would have been allowed to happen and 3 or 4
> seconds later the SRI would have shut down as expected (well, as
> required for Ariane 4!) and all would have been well.

That is like a bit arguing against using seatbelts in a car because you
know of one (very strange) accident in which a person wearing a seatbelt
was killed while a person not wearing a seatbelt would perhaps have
survived. While such arguments were used years ago against the mandatory
use of seatbelts, I don't think many would accept them today, because we
know that seatbelts are beneficial in most accidents.

jonathan

unread,
Jul 10, 2009, 4:10:05 PM7/10/09
to

(First, I defer to Marin Condic's analysis (search cla for: condic
ariane 5).
Unlike me he knows about this.)

In fact I thought I was paraphasing Marin Condic's conclusions, but I
might
have dreamt it!

I still find the summary I gave plausible: as soon as they disabled
the
checks on the infamous variable there is no reason why a different set
of requirements or specifications would have to be, or would have
been drawn up for C, Ada, Fortran etc versions of the software.

Cheers
Jonathan

jimmaure...@worldnet.att.net

unread,
Jul 10, 2009, 5:51:30 PM7/10/09
to

It might have worked, given the fact that C does not generate
exceptions upon overflow. On the other hand, it might have
produced some exceptionally nasty garbage data for the same reason.

Jim Rogers

Albrecht Käfer

unread,
Jul 11, 2009, 10:21:24 AM7/11/09
to
Niklas Holsti schrieb:

> That is like a bit arguing against using seatbelts in a car because you
> know of one (very strange) accident in which a person wearing a seatbelt
> was killed while a person not wearing a seatbelt would perhaps have
> survived. While such arguments were used years ago against the mandatory
> use of seatbelts, I don't think many would accept them today, because we
> know that seatbelts are beneficial in most accidents.

On the other hand, seat belts increase the likelihood of an accident ...


Albrecht

John McCabe

unread,
Jul 11, 2009, 12:54:29 PM7/11/09
to

Well, yes, but my understanding was that the requirements for Ariane 5
were defined, but no one bothered to spot that they were different to
Ariane 4 in terms of the intertial reference system operation hence
reuse of the Ariane 4 SRI as is was not appropriate.

Funnily enough, I have personal experience of changing requirements
being ignored by a French person.

John McCabe

unread,
Jul 11, 2009, 12:55:09 PM7/11/09
to

:-}

Marco

unread,
Jul 12, 2009, 10:08:33 AM7/12/09
to
On Jul 10, 11:17 am, "John B. Matthews" <nos...@nospam.invalid> wrote:

>
> > To me the whole section on Ada sounds like a typical spiel from
> > someone who really doesn't know Ada and has picked up a load of
> > anti-Ada propaganda from a number of disparate sources.

It doesn't sound particularly anti-Ada to me. Just anti only-one-
language I doubt he has much experience in Ada.

>
> The article claims, "had the system been written in C, the disaster
> would probably never have happened!" That conclusion is unsupported in
> the article.
>

Mr Henney is a respectable SW writer. I assume he meant that if it
was written in C that more extensive testing would have occurred but
he should have said that or otherwise defended his statement.

Dmitry A. Kazakov

unread,
Jul 12, 2009, 10:34:44 AM7/12/09
to

How then he would compare these? Even an unrespectable SW writers know that
more testing implies bigger budget. That would makes any comparison
meaningless.

Compare. Proposition: an auto with an anti-lock braking system is less safe
because the driver knowing that would drive more careless.

The answer: don't tell him! (:-))

--
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de

John McCabe

unread,
Jul 13, 2009, 6:03:45 AM7/13/09
to
On Sun, 12 Jul 2009 07:08:33 -0700 (PDT), Marco
<prenom...@yahoo.com> wrote:

>On Jul 10, 11:17�am, "John B. Matthews" <nos...@nospam.invalid> wrote:
>
>>
>> > To me the whole section on Ada sounds like a typical spiel from
>> > someone who really doesn't know Ada and has picked up a load of
>> > anti-Ada propaganda from a number of disparate sources.
>
> It doesn't sound particularly anti-Ada to me. Just anti only-one-
>language I doubt he has much experience in Ada.

Fair enough and you're entitled to your opinion. I feel that, straight
off it goes into supporting the myths about Ada; "Ada was a language
born of committees, the US Department of Defense, and Pascal.". You're
immediately led in to the "Ada was designed by a committee" view (even
though, technically that's not quite what it says!) and, as we all
know, that's not true. Ada was designed by Honeywell Bull in order to
meet a set of requirements that, presumably, were specified by a
committee.

>> The article claims, "had the system been written in C, the disaster
>> would probably never have happened!" That conclusion is unsupported in
>> the article.

> Mr Henney is a respectable SW writer. I assume he meant that if it
>was written in C that more extensive testing would have occurred but
>he should have said that or otherwise defended his statement.

Of course, by why would he as all he's trying to do is disparage Ada.

The fact is, if this system had been written in any language to meet
the Ariane 5 requirements, the disaster would probably not have
happened. If you build a subsystem that meets the requirements of
system X, and reuse it in system Y (which has different requirements),
it probably won't work!

John B. Matthews

unread,
Jul 13, 2009, 8:53:09 PM7/13/09
to
In article
<c1a21454-44cf-4cbb...@u38g2000pro.googlegroups.com>,
Marco <prenom...@yahoo.com> wrote:

He is also "an author who writes on the subject of computer programming
in C and C++," as well as "a member of the Association of C and C++
Users":

<http://en.wikipedia.org/wiki/Kevlin_Henney>
<http://www.two-sdg.demon.co.uk/curbralan/>

As he is a noted author, I would have liked to hear his thoughts. Too
often, proponents of less strongly typed languages argue that some
combination of skill, experience and discipline are as effective as Ada,
and less expensive. This seems contradictory.

If I may extend the automotive analogy: the Ariane 5 project reused the
ABS from a sedan in a truck without testing it in the truck. Well,
except for the one time.

--
John B. Matthews
trashgod at gmail dot com

<http://sites.google.com/site/drjohnbmatthews>

Nicholas Paul Collin Gloucester

unread,
Jul 14, 2009, 9:49:37 AM7/14/09
to
On 2009-07-14, John B. Matthews <nos...@nospam.invalid> wrote:

|-------------------------------------------------------------------------|

|> On Jul 10, 11:17??am, "John B. Matthews" <nos...@nospam.invalid> wrote:|
|> |
|> > > To me the whole section on Ada sounds like a typical spiel from |
|> > > someone who really doesn't know Ada and has picked up a load of |
|> > > anti-Ada propaganda from a number of disparate sources. |
|> |
|> It doesn't sound particularly anti-Ada to me. Just anti only-one- |
|> language I doubt he has much experience in Ada. |
|> |
|> > The article claims, "had the system been written in C, the disaster |
|> > would probably never have happened!" That conclusion is unsupported |
|> > in the article. |
|> |
|> Mr Henney is a respectable SW writer. I assume he meant that if it |
|> was written in C that more extensive testing would have occurred but |
|> he should have said that or otherwise defended his statement. |
| |
|He is also "an author who writes on the subject of computer programming |
|in C and C++," as well as "a member of the Association of C and C++ |
|Users": |
| |
|<http://en.wikipedia.org/wiki/Kevlin_Henney> |
|<http://www.two-sdg.demon.co.uk/curbralan/> |
| |
|As he is a noted author, I would have liked to hear his thoughts. Too |
|often, proponents of less strongly typed languages argue that some |
|combination of skill, experience and discipline are as effective as Ada, |
|and less expensive. This seems contradictory. |
| |
|If I may extend the automotive analogy: the Ariane 5 project reused the |
|ABS from a sedan in a truck without testing it in the truck. Well, |
|except for the one time." |

|-------------------------------------------------------------------------|

I do not appreciate why you would want to hear from Kevlin Henney as
you know that he believes and writes bull. However, I was surprised
and displeased that he was a speaker at an Ada UK event earlier this
decade.

I am also a member of the Association of C & C++ Users. In response to
an email from me on one of our email lists, he claimed that taking
a precaution to protect against accidentally using = instead of == is
not worthwhile.

However, to be fair to him, he has treated Ada better than many other
C++ advocates.

(I have noticed today that he coauthored something with Mordechai
Ben-Ari. That is a surprise.)

Nicholas Paul Collin Gloucester

unread,
Jul 14, 2009, 10:33:44 AM7/14/09
to
On 2009-07-11, John McCabe <jo...@nospam.assen.demon.co.uk> wrote:

|-----------------------------------------------------------------------|
|"[..] |


| |
|Well, yes, but my understanding was that the requirements for Ariane 5 |
|were defined, but no one bothered to spot that they were different to |
|Ariane 4 in terms of the intertial reference system operation hence |
|reuse of the Ariane 4 SRI as is was not appropriate." |

|-----------------------------------------------------------------------|

Another year, another time to bring <397A5CB4...@earthlink.net>
by Robert I. Eachus timestamped 2000/07/23, archived at
HTTP://groups.Google.com/group/comp.lang.eiffel/msg/414c1bfb4a374be2?dmode=source
to someone's attention.

|-----------------------------------------------------------------------|


|"Funnily enough, I have personal experience of changing requirements |
|being ignored by a French person." |

|-----------------------------------------------------------------------|

Ah, the U.K. and German proposals for SMART-1: within the mass
requirement, in contrast to the French proposal which won despite
using more mass than had been permitted.

However, not only French people cheat or ignore requirements in
European astronautics.

John McCabe

unread,
Jul 14, 2009, 10:39:46 AM7/14/09
to
On Tue, 14 Jul 2009 14:33:44 +0000 (UTC), Nicholas Paul Collin
Gloucester <Colin_Pau...@ACM.org> wrote:

>On 2009-07-11, John McCabe <jo...@nospam.assen.demon.co.uk> wrote:
>
>|-----------------------------------------------------------------------|
>|"[..] |
>| |
>|Well, yes, but my understanding was that the requirements for Ariane 5 |
>|were defined, but no one bothered to spot that they were different to |
>|Ariane 4 in terms of the intertial reference system operation hence |
>|reuse of the Ariane 4 SRI as is was not appropriate." |
>|-----------------------------------------------------------------------|
>
>Another year, another time to bring <397A5CB4...@earthlink.net>
>by Robert I. Eachus timestamped 2000/07/23, archived at
>HTTP://groups.Google.com/group/comp.lang.eiffel/msg/414c1bfb4a374be2?dmode=source
>to someone's attention.

Thanks for that. That's something I don't ever remember having read.

>|-----------------------------------------------------------------------|
>|"Funnily enough, I have personal experience of changing requirements |
>|being ignored by a French person." |
>|-----------------------------------------------------------------------|

>Ah, the U.K. and German proposals for SMART-1: within the mass
>requirement, in contrast to the French proposal which won despite
>using more mass than had been permitted.

No, much more personal than that :-)

>However, not only French people cheat or ignore requirements in
>European astronautics.

Of course.

John B. Matthews

unread,
Jul 14, 2009, 11:16:01 AM7/14/09
to
In article <h3i2dh$1l7$1...@news.eternal-september.org>,

Nicholas Paul Collin Gloucester <Colin_Pau...@ACM.org> wrote:

Well, one always hopes to learn something new. :-)

> I am also a member of the Association of C & C++ Users.

No disrespect intended to the Association or its members.

> In response to an email from me on one of our email lists, he claimed
> that taking a precaution to protect against accidentally using =
> instead of == is not worthwhile.

I enjoy using both Ada and Java, but I wouldn't want to do so without
such warnings from either compiler.

> However, to be fair to him, he has treated Ada better than many other
> C++ advocates.
>
> (I have noticed today that he coauthored something with Mordechai
> Ben-Ari. That is a surprise.)

Interesting. The paper <http://portal.acm.org/citation.cfm?id=271046>
was a critique of the C++ subset used for high school advanced placement
computer science testing, when the Educational Testing Service
deprecated Pascal in 1999. It looks like the ETS moved to Java in 2004.

I always though going from Pascal to Ada would have been easier.

Nicholas Paul Collin Gloucester

unread,
Jul 14, 2009, 1:29:41 PM7/14/09
to
On 2009-07-14, John B. Matthews <nos...@nospam.invalid> wrote:

|-------------------------------------------------------------------|
|"In article <h3i2dh$1l7$1...@news.eternal-september.org>, |
|Nicholas Paul Collin Gloucester <Colin_Pau...@ACM.org> wrote:|
| |

|[..] |


| |
|> I am also a member of the Association of C & C++ Users. |
| |
|No disrespect intended to the Association or its members. |
| |

|[..]" |
|-------------------------------------------------------------------|

None taken.

Georg Bauhaus

unread,
Jul 14, 2009, 4:18:51 PM7/14/09
to
John B. Matthews wrote:

> I always though going from Pascal to Ada would have been easier.

Which subset of Ada? Without exceptionally good explanations,
I can't imagine full Ada, with access discriminants, say, as
a possible teaching vehicle at all.

Java is probably thought to be closer to business;
at least I've heard teachers say so. It is,
in another sense, at least: sloppy base type systems
and hand made concurrency are a good basis for
continued support business. While Java's int, long, etc. only
require a little hubris to handle them properly, there are the
ubiquituous features of the same spirit, equally successful:
int, long, etc. in C and their integer overflows and buffer
overflows.
These will provide for vulnerability protection opportunities
and help establish international software companies :-)
Java has learned from this base type system, so it
moved the imperfections to object spaghetti. No?

You should be teaching what everyone wants.
You should be teaching what everyone teaches.
You should be rushing towards a new paradigm
in teaching as soon as it is there.
Be part of the crowd. It's only tax payers' money.

sjw

unread,
Jul 14, 2009, 4:50:37 PM7/14/09
to
On Jul 10, 4:04 pm, Martin <martin.do...@btopenworld.com> wrote:

> My understanding of the Ariane pretty slim but if Wikipedia is
> accurate (http://en.wikipedia.org/wiki/Ariane_5) then it seems likely
> that the same error would have occurred, as my reading is that it was
> the deliberate removal of Ada checks that led to the 32-bit Float
> being assigned to a 16-bit value, i.e. that part was C-in-Ada-syntax.

In the Ariane 4 flight profile the float couldn't have overflowed the
16-bit target (I think the physical value concerned was the ground
velocity) so they decided they could save cycles by not checking for
potential overflow before assigning and/or not setting up an exception
handler (these protections were retained elsewhere).

In Ariane 5 the flight profile was such that overflow could, and did,
occur, resulting in an exception (presumably a constraint error).. I
don't exactly what is said to have happened after that, there was
mention of a subsystem that shouldn't have been running after launch
feeding diagnostic data in place of real data to a higher subsystem
which shut itself down ...

So, in C, the overflowed data might well not have resulted in the
exception which doomed the rocket. As someone below has said, it's
quite possible that something else would have gone wrong!

Adam Beneschan

unread,
Jul 14, 2009, 5:10:32 PM7/14/09
to
On Jul 14, 1:18 pm, Georg Bauhaus <rm.tsoh.plus-

My understanding was that the computer science testing was going to be
dropped entirely due to low enrollment or budget cuts or something, so
none of this matters anyway. But I could have this confused with some
other ETS test.

-- Adam

John B. Matthews

unread,
Jul 14, 2009, 6:36:57 PM7/14/09
to
In article <4a5ce82c$0$32682$9b4e...@newsspool2.arcor-online.net>,
Georg Bauhaus <rm.tsoh.plus...@maps.futureapps.de> wrote:

> John B. Matthews wrote:
>
> > I always though going from Pascal to Ada would have been easier.
>
> Which subset of Ada?

Why, the Pascal subset, of course! :-)

> Without exceptionally good explanations, I can't imagine full
> Ada, with access discriminants, say, as a possible teaching
> vehicle at all.

Why use a subset at all? Surely the novice can write useful
programs that use a library, even if that library depends on access
discriminants for it's implementation. Using access discriminants
for one's own self-referential data structures and iterators can be
deferred to a second level course.

> Java is probably thought to be closer to business;
> at least I've heard teachers say so. It is,
> in another sense, at least: sloppy base type systems
> and hand made concurrency are a good basis for
> continued support business. While Java's int, long, etc. only
> require a little hubris to handle them properly, there are the
> ubiquituous features of the same spirit, equally successful:
> int, long, etc. in C and their integer overflows and buffer
> overflows.
> These will provide for vulnerability protection opportunities
> and help establish international software companies :-)
> Java has learned from this base type system, so it
> moved the imperfections to object spaghetti. No?

In version 1.5, Java added a generic form of compile-time type
checking [1] and task oriented support for concurrent programming
[2]. These are a significant improvement, but they are optional;
with Ada, the features are "baked-in," so to speak. Java has always
supported interface inheritance from a single Object; IIUC, the
present Ada standard offers a similar approach [3].

> You should be teaching what everyone wants.
> You should be teaching what everyone teaches.
> You should be rushing towards a new paradigm
> in teaching as soon as it is there.
> Be part of the crowd. It's only tax payers' money.

I'm sorry, I cannot support your candidacy for public office. :-)

[1]<http://java.sun.com/j2se/1.5.0/docs/guide/language/>
[2]<http://java.sun.com/j2se/1.5.0/docs/api/java/util/concurrent/
package-summary.html>
[3]<http://www.adaic.com/standards/05rat/html/Rat-2-4.html>

--
John B. Matthews
trashgod at gmail dot com

<http://home.roadrunner.com/~jbmatthews/>

Georg Bauhaus

unread,
Jul 14, 2009, 7:42:41 PM7/14/09
to
John B. Matthews wrote:

> Why use a subset at all? Surely the novice can write useful
> programs that use a library, even if that library depends on access
> discriminants for it's implementation. Using access discriminants
> for one's own self-referential data structures and iterators can be
> deferred to a second level course.

Could there be "canonical Ada" good for teaching?
Some subset possibly extracted from successful
introductory courses/books. Such as, maybe, John English's?
(Does someone know whether Robert Dewar's plan still exists to
collect (his) teaching efforts at NYU into a book on Ada?)

> In version 1.5, Java added a generic form of compile-time type
> checking [1]

Norman H. Cohen (author of "Ada as a Second Language")
has been involved in designing Java generics (Don't
know more).
Java arrays cannot fully take advantage of Java generics,
in particular compile time checking is basically off,
so the sloppy base type system strikes again.
Another language corner case that I imagine must be explained
to students of the (Java) language at length...

> and task oriented support for concurrent programming
> [2].

Yes, task *oriented*... (BTW, Microsoft is currently both
working on and advertising the Task Parallel Library
for .NET 4.0.)
Doesn't Brinch Hansen's critique still apply, or can
libraries really replace language when it comes to
concurrent programming?

(see below)

unread,
Jul 14, 2009, 9:03:49 PM7/14/09
to
On 15/07/2009 00:42, in article
4a5d17f2$0$30231$9b4e...@newsspool1.arcor-online.net, "Georg Bauhaus"
<rm.tsoh.plus...@maps.futureapps.de> wrote:

> Could there be "canonical Ada" good for teaching?
> Some subset possibly extracted from successful
> introductory courses/books. Such as, maybe, John English's?
> (Does someone know whether Robert Dewar's plan still exists to
> collect (his) teaching efforts at NYU into a book on Ada?)

Introductory courses must teach a subset, even of Pascal.
The make-up of the subset is determined by the need for a digestible
presentation of the material to be covered in the time available.
It is also influenced by the teacher's theological position, e.g., whether
to start with an OOP slant or not.
These considerations (especially course time) don't leave much wiggle room.

Second-level courses start to tackle the tricky stuff.

> Norman H. Cohen (author of "Ada as a Second Language")
> has been involved in designing Java generics (Don't
> know more).

As was an ex-colleague of mine (Phil Wadler).

> Java arrays cannot fully take advantage of Java generics,
> in particular compile time checking is basically off,
> so the sloppy base type system strikes again.
> Another language corner case that I imagine must be explained
> to students of the (Java) language at length...

The extensions that have been made to Java to try to fit it for applications
to which it is inherently unsuited are all laughably bad, in my view.

--
Bill Findlay
<surname><forename> chez blueyonder.co.uk

John B. Matthews

unread,
Jul 15, 2009, 11:08:54 AM7/15/09
to
In article <4a5d17f2$0$30231$9b4e...@newsspool1.arcor-online.net>,
Georg Bauhaus <rm.tsoh.plus...@maps.futureapps.de> wrote:

> > John B. Matthews wrote:

[...]


> Java arrays cannot fully take advantage of Java generics, in
> particular compile time checking is basically off, so the sloppy
> base type system strikes again.

It's an unfortunate legacy.

> Another language corner case that I imagine must be explained
> to students of the (Java) language at length.

The usual explanation is that arrays are covariant, with
type-checking enforced at runtime; Java generic types are
invariant, checked only at compile-time [1].



> > and task oriented support for concurrent programming [2].
>
> Yes, task *oriented*.

Indeed. I think Java's original support for concurrent programming was
offered at much too low a level. Ada 83's level may have been a bit too
high, with protected types, for example, added in Ada 95 and enhanced
in Ada 2005 [3].

In both areas, type-checking and concurrent programming, I see Ada and
Java moving in similar directions, if not actually converging.

I don't teach except in the sense of occasionally being asked to guide
students of one language in using the other. I'd be interested to learn
of any reference that outlines corresponding features of the two
languages.

Students (or teachers) of both languages may like to look at these
simple projects done in both Ada [4, 5] and Java [6, 7], respectively.

[...]

[1]<http://java.sun.com/docs/books/effective/generics.pdf>
[2]<http://java.sun.com/j2se/1.5.0/docs/api/java/util/concurrent/
package-summary.html>
[3]<http://www.adaic.com/standards/05rat/html/Rat-1-3-4.html>
[4]<http://home.roadrunner.com/~jbmatthews/misc/groots.html>
[5]<http://home.roadrunner.com/~jbmatthews/jumble.html>
[6]<http://sites.google.com/site/drjohnbmatthews/polyroots>
[7]<http://sites.google.com/site/drjohnbmatthews/jumble>

--
John B. Matthews
trashgod at gmail dot com

<http://sites.google.com/site/drjohnbmatthews>

John McCabe

unread,
Jul 15, 2009, 11:36:45 AM7/15/09
to
On Wed, 15 Jul 2009 11:08:54 -0400, "John B. Matthews"
<nos...@nospam.invalid> wrote:

>I don't teach except in the sense of occasionally being asked to guide
>students of one language in using the other. I'd be interested to learn
>of any reference that outlines corresponding features of the two
>languages.

I don't know of one off-hand, at least not one that addresses Ada 2005
and Java 6 e.g., but Ben Brosgol appears to be a bit of an expert on
this sort of thing so it might be worth trying to get hold of him or
some of his articles.

John B. Matthews

unread,
Jul 15, 2009, 2:28:28 PM7/15/09
to
In article <bqtr55lad1s29aacl...@4ax.com>,
John McCabe <jo...@nospam.assen.demon.co.uk> wrote:

Ah, thank you. I see he's written extensively on the topic:

<http://www.informatik.uni-trier.de/~ley/db/indices/a-tree/b/
Brosgol:Benjamin_M=.html>

Highlights of is most recent presentation are summarized here:

<http://www.adacore.com/wp-content/files/attachments/
PaperPresentationAE2006-Brosgol.pdf>

Nicholas Paul Collin Gloucester

unread,
Jan 8, 2010, 8:19:13 AM1/8/10
to
I posted on July 14th, 2009:
|---------------------------------------------------------------------------|
|"On 2009-07-14, John B. Matthews [..] wrote: |
| |
||-------------------------------------------------------------------------||
||"[..] ||

|| ||
||He is also "an author who writes on the subject of computer programming ||
||in C and C++," as well as "a member of the Association of C and C++ ||
||Users": ||
|| ||
||<http://en.wikipedia.org/wiki/Kevlin_Henney> ||
||<http://www.two-sdg.demon.co.uk/curbralan/> ||
|| ||
||As he is a noted author, I would have liked to hear his thoughts. Too ||
||often, proponents of less strongly typed languages argue that some ||
||combination of skill, experience and discipline are as effective as Ada, ||
||and less expensive. This seems contradictory. ||
|| ||
||If I may extend the automotive analogy: the Ariane 5 project reused the ||
||ABS from a sedan in a truck without testing it in the truck. Well, ||
||except for the one time." ||
||-------------------------------------------------------------------------||
| |
|I do not appreciate why you would want to hear from Kevlin Henney as |
|you know that he believes and writes bull. However, I was surprised |
|and displeased that he was a speaker at an Ada UK event earlier this |
|decade. |
| |
|[..]" |
|---------------------------------------------------------------------------|


I hereby admit that Kevlin Henney had the good sense to allow a
promotion of Ada in the chapter
HTTP://Programmer.97Things.OReilly.com/wiki/index.php/Prefer_Domain-Specific_Types_to_Primitive_Types
by Einar Landre of the book "97 Things Every Programmer Should Know"
which Kevlin Henney edited and which is due to be printed in February
2010.

Hibou57 (Yannick Duchêne)

unread,
Jan 8, 2010, 12:34:22 PM1/8/10
to
On 8 jan, 14:19, Nicholas Paul Collin Gloucester
<Colin_Paul_Glos...@ACM.org> wrote:
> HTTP://Programmer.97Things.OReilly.com/wiki/index.php/Prefer_Domain-Specifi­c_Types_to_Primitive_Types
A source is never too much explicit and never too much verbose
Reply all
Reply to author
Forward
0 new messages