Python for air traffic control?

Ken Seehof kens at sightreader.com
Tue Jul 10 04:19:04 EDT 2001 

From: "Russ" <18k11tm001 at sneakemail.com>
> "Ken Seehof" <kens at sightreader.com> wrote in message
news:<mailman.994201507.10872.python-list at python.org>...
> > For liability reasons, I can't give you advice on whether or not to
> > use python for an air traffic control application :-)
> >
> > However, if I were (hypothetically, of course) to give you advice,
> > it would be the following, of which your reading constitutes an
> > agreement that I am not responsible for injury, deaths, and property
> > damage resulting from that which would be my advice, were it not,
> > if fact, hypothetical, which it is.
>
> If you hear something about an airplane crash in a few years, prepare
> for a call from my lawyer. :-)
>
> > Seems to me that python would be a good choice.  You can write
> > bugs in any language, including python.  However, python bugs
> > tend to be less subtle and easier to detect and fix than C/C++ bugs.
> >
> > The lack of type checking and function prototyping is not nearly as
> > big of a problem (if it's a problem at all) as C++ programmers tend
> > to fear.
> >
> > This fear is due to the fact that in some statically typed languages
> > such as C++, an undetected type mismatch is likely to cause rather
> > horrible bugs which are often intermittent and often corrupt unrelated
> > data.
> >
> > These kinds of type mismatch bugs that C++ programmers are
> > terrified of (memory overwrites, etc.) simply do not exist in python at
> > all.  Python doesn't ever need to infer the addresses of bytes of data
> > from dubious type information at runtime (as C++ does).  Type
> > information is always stored within the objects themselves.
> >
> > In python, data of the wrong type is not really any worse than data
> > of the wrong value, so these kinds of bugs tend to only have local
> > effects which are easily caught when tested.  Not surprisingly, I have
> > found that I usually get fewer type related bugs in Python than in C++.
> >
> > Saying that python is unreliable because it lacks type checking is like
> > saying fish cause pollution because they lack bicycles.
> >
> > - Ken
>
> That's very interesting. Thanks for that perspective. I'd like to see
> you hash this out with Peter Milliken, who claims that type checking
> is essential for safety-critical applications. (Perhaps you did
> already. I'm using google groups, and I get very slow updates on this
> thread.)
>
> Russ

Okay, time to retreat a little; that lawsuit thing is scaring me :-)

I think I have to agree with Peter on that point.  I also think that type
checking fails to make C++ safe, and that it is not nearly as important
in Python for the reasons stated above.  Presumably what you really
want is a high-level language that has strong type checking and no way
to corrupt memory even if you try to.  I'm don't have experience with
such languages.  The original question was about choosing between C++
and Python, and having used C++ since it's creation, I would rather
prefer not to trust anything written in it with my life (though no doubt I
have, unwittingly :-).

I was just taking the opportunity to point out the flaw in the common
misconception that C++ is more robust than Python because of static
type checking.  IMHO, neither language is really optimal for safety-
critical applications.

- Ken

More information about the Python-list mailing list