William Lederer <william.lederer@gmail.com> writes:Not at all.
> Regarding the question
>
> What would you personally fly, software written in C or software
> written in Common Lisp?
>
> In the reality of today's fly-by-wire, the modern planes you fly in
> are likely to have C in some critical component. Ada is likely there
> as well.
>
> But let's just examine a few software related disasters to see if
> they are attributable to programming language:
>
> Ariane 5 rocket explosion: from the official report: This loss of
> information was due to specification and design errors in the
> software of the inertial reference system.
> Mars Climate Orbiter: one system used metric units, another used
> English
> Therac 5: improper understanding of multi-tasking code
> Heartbleed: Overly complex protocol combined with being able to
> read beyond allocated memory
>
> Of these, only heartbleed can credit language as a contributing
> factor.
* Programmed in Common Lisp, either the fixnum in the Ariane 5 would have
been converted into a bignum, or an condition would have been
signaled, which could have been handled. This would have taken
time, which could perhaps have "exploded" the real time constraints,
but it is better to control your rocket slughishly than not to
control it at all.
* Programmed in Common Lisp, instead of using raw numbers of physical
magnitudes, you'd use objects such as:
(+ #<kilometer/hour 5.42> #<foot/fortnight 12857953.0> )
--> #<meter/second 4.7455556>
and Mars Climate Orbiter wouldn't have crashed.
* Programmed in Common Lisp, the Therac-5 bug wouldn't have occured:
"The defect was as follows: a one-byte counter in a testing
routine frequently overflowed; if an operator provided manual
input to the machine at the precise moment that this counter
overflowed, the interlock would fail."
since again, incrementing a counter doesn't fucking overflow in
lisp!
* Programmed in Common Lisp, heartbleed wouldn't have occured, because
lisp implementors provide array bound checks, and lisp programmers
are conscious enough to run always with (safety 3), as previously
discussed in this thread.
What I'm saying is that there's a mind set out-there, of using modular
arithmetic to approximate arithmetic blindly. Until you will be able to
pay $1.29 for 3 kg of apples @ $2.99, people should not program with
modular arithmetic!
postfix too is architectured to deal with security.
> And I again point out a software non-disaster qmail, whose author
> offered a bug bounty. Secure programs can be written in C.
You can also write secure software on a Turing Machine.
This is another question, that of the resources invested in a software
> And if the flight safety of an aircraft depended upon the current
> Lisp version of Ironclad's impenetrability, we would be in trouble.
ecosystem, and that of programming language mind share. Why the
cryptographists don't write their libraries in Common Lisp and choose to
produce piles of C instead?
--
__Pascal Bourguignon__
http://www.informatimago.com/
"Le mercure monte ? C'est le moment d'acheter !"
_______________________________________________
pro mailing list
pro@common-lisp.net
http://common-lisp.net/cgi-bin/mailman/listinfo/pro