Can anyone recomend a good intoduction to C...
Werner Schiendl
ws-news at gmx.at
Wed Mar 7 12:59:55 EST 2001
Thank you for your really thorough reply
I would agree that inspecting a C++ compiler to every extent is impossible.
But I think so are most other languages, apart from extremely simply ones
like assembler.
Do you think one can inspect a Python interpreter and make sure there is no,
not a single, error or security problem in it?
I would never expect that possible... nor for C... and of course not for C++
I do not think that a review (this is basically what human expecting source
code means) can prove code to be error free. Not for any language, otherwise
there would not be errors in production software.
The one way I could imagine to test an application for safety is to test all
possible data on the smallest part in software.
But of course this is not practically manageable for normal size
application.
How can you be sure the CPU is doing correct calculation? Think about that
Pentium FDIV bug years ago...
You can use a parallel executing different platform and compare each and
every result.
This does however not support recovery because you do not know which one is
correct.
That is not a way, because it would not be safe either.
So you can use three different architectures (and make sure that one is not
somehow copied/related from an other) and do a majority decision.
The alternative is to inspect the CPU (and other hardware) the same.
What I think is that there is no absolute safety.
You can test as much as you like and review as much as you like.
Never can you be completely sure that there can not be a problem.
Maybe that sounds pessimistic, but this is what I think.
Safety inspection just greatly reduces the number of problems that could
arise by doing much more thorough tests but in the end is limited as well.
>From the educational standpoint it does not matter if the standard library
uses templates or not.
the average user can use it in a cookbook fashion and does not need to know
how the machanics work.
If you need to inspect that as well, yes this is hard.
But if you need the full flexibility you'll end up with code the same
complex than the original.
If the application only needs more trivial containers and I cannot afford
using the template based standard ones, I can still resort to writing an
simpler one myself.
So in the end I think it is an issue, but probably not for the question the
original poster had.
There are other reasons as well, like customers that insist on plain C
because they do not have people experienced in C++.
Again, I really enjoyed your thorough reply
regards
werner
More information about the Python-list
mailing list