Large Ruby Apps?

From: Warren Seltzer [mailto:warrens@actcom.net.il]
Sent: Wednesday, September 21, 2005 2:30 PM
To: ruby-talk ML
Subject: Large Ruby Apps ?

I am coming to Ruby having used the usual list of scripting
and C* languages. Since Ruby has such powerful programming
features, I think it may be used for some really large
system. My decades long observation of software is that
small programs that succeed become large programs.

But I am concerned about Ruby's suitability for programming
in the large. First off, the lack of the requirement to
declare variables sounds like an invitation to programming
bugs.

That's a very old school philosophy. It just isn't so.

It's just too easy to assign something to a
misspelling of a variable name. Make the same spelling
mistake again and you won't even get a warning about an
undefined variable.

For example this 1-line program issues no error:

puts @whatever

You'll get a warning if you run with -w. Also, those unit tests (that I
know you wrote) should catch that.

Regards,

Dan

···

-----Original Message-----

Oh, yes, the Unit Tests, they're right, um, well, over here, um, lemme look ... Uh, I'll
get back to you on that...

Warren Seltzer

I don't know why anyone would consider having tools (like compilers)
help catch errors as "old school". Personally, I want every tool I use
to help me catch my goofs. I've just started using Ruby, and while I am
jazzed with the language and really excited about Rails in particular,
the relative lack of support for static code checking and runtime
debugging as compared to C#/Java/etc. is a little disconcerting. In
those languages, I rely on unit testing, static checkers, AND runtime
checking to insure that I get it right.
Keith

Berger, Daniel wrote:

That's a very old school philosophy. It just isn't so.

<snip>

···

You'll get a warning if you run with -w. Also, those unit tests (that I
know you wrote) should catch that.

Regards,

Dan

We make jokes, but Unit Tests are a very real option. The myth is that they slow you down, but it's simply not true. I code at almost the exact same speed when doing Test Driven Development, because it shaves off so much debugging time. On top of that, I end up trusting the code so much more. Finally, it forces me to get the interface right, since I'm always using it to write the tests. That's a LOT of gain for something that's very easy to do.

James Edward Gray II

···

On Sep 21, 2005, at 5:23 PM, Warren Seltzer wrote:

Oh, yes, the Unit Tests, they're right, um, well, over here, um, lemme look ... Uh, I'll
get back to you on that...

the thing is, the gains you get from dynamic typing just far outweigh the
loss of compiler type checking. One of the reasons that ruby is so exciting
is that the compiler just lets you get on with writing code that does
things, and at the price of the occasional small bug which is generally not
hard to find.

···

On 9/22/05, klancaster1957@gmail.com <klancaster1957@gmail.com> wrote:

I don't know why anyone would consider having tools (like compilers)
help catch errors as "old school". Personally, I want every tool I use
to help me catch my goofs. I've just started using Ruby, and while I am
jazzed with the language and really excited about Rails in particular,
the relative lack of support for static code checking and runtime
debugging as compared to C#/Java/etc. is a little disconcerting. In
those languages, I rely on unit testing, static checkers, AND runtime
checking to insure that I get it right.
Keith

Berger, Daniel wrote:
> That's a very old school philosophy. It just isn't so.
>
<snip>
> You'll get a warning if you run with -w. Also, those unit tests (that I
> know you wrote) should catch that.
>
> Regards,
>
> Dan

I don't know why anyone would consider having tools (like compilers) help
catch errors as "old school".

because they don't catch that many serious errors

   harp:~ > cat a.c
   #include <stdlib.h>
   #include <stdio.h>
   #include <limits.h>
   int
   main ()
   {
       fprintf (stdout, "%lu : %lu\n", ULONG_MAX,
                  ULONG_MAX + (random () > 42 ? 1 : 0));
         (void) fgets (NULL, (signed long) ULONG_MAX, NULL);
           while (1)
                 malloc (42);
   }

   harp:~ > gcc -Wall a.c

   harp:~ > echo $?
   0

line one is an error. line two core dumps. line three will hang your machine.

all compile perfectly with all warnings on. we all know runtime errors are,
by far, the most difficult and time consuming to detect anyhow - and the
compiler doesn't save you from any of those other than the most trivial.
also, it's a known fact that bugs are linearly proportional to tloc - and
compiled languages tend to be more verbose to a degree of 10 times or more so
letting even 1 in 10 errors through puts you right back at square one.

Personally, I want every tool I use to help me catch my goofs.

me too. in particular

   - garbage collection
   - powerful object introspection
   - compile time as runtime
   - no pointers
   - powerful and easy to use exception handling
   - ability to express code in fewest lines possible : abstraction
   - strong typing and dynamic typing. ruby is both
       Type system - Wikipedia
       Strong and weak typing - Wikipedia
       Strong and weak typing - Wikipedia
       http://www.mindview.net/WebLog/log-0066
   - uniform object model
   - easy and quick testing framework
   - easy to use logging

I've just started using Ruby, and while I am jazzed with the language and
really excited about Rails in particular, the relative lack of support for
static code checking and runtime debugging as compared to C#/Java/etc. is a
little disconcerting. In those languages, I rely on unit testing, static
checkers, AND runtime checking to insure that I get it right.

a valid concern, but i'd urge you to write some large ruby programs before
weighing it too heavily. i've been writing pretty much nothing but ruby for 5
years now and have never, like never, required a debugger or spent more that
an hour debugging my code. i have many, many systems running 24x7 that are
more than 5000 lines of code (that's probably around 25,000 lines of java) and
none, like none, of them have ever crashed. i'm the kind of guy that doesn't
even run c or c-- code out of the debugger and who always fully qualifies and
c functions with as many consts as i can and i will say this to you - i can
produce large bodies of useful robust code in ruby at a minimum of 10 times
faster than i can in c, c--, or java and i've written large near-realtime
systems in all of them. it boils down to this: everything in the world is a
tradeoff and, though you do give some things up in ruby, you gain many more.
my experience, and the experience of every single programmer i know that has
made the leap is that your productivity of __robust__ code will increase
dramatically using a strong and dynamically typed real object oriented
language.

2 cts.

-a

···

On Thu, 22 Sep 2005, klancaster1957@gmail.com wrote:
--

email :: ara [dot] t [dot] howard [at] noaa [dot] gov
phone :: 303.497.6469
Your life dwells amoung the causes of death
Like a lamp standing in a strong breeze. --Nagarjuna

===============================================================================

It seems to me that typed variables and compilers give programmers a false
sense of security about their code. Once you get the darn thing to compile,
you feel like you've accomplished something, where all you've really done is
satisfy the compiler - the semantics of what you've actually done are a
whole 'nother can of worms (type conversion usually has a part in this).

Once you start coding in Ruby, you'll find it's pretty easy to catch those
spelling/type mismatching mistakes. If you add a string and an integer, you
get an error (unlike JavaScript, where "2" + 2 = "22"), so you still have to
explicitly convert data (using #to_s) if the behavior is undefined (you
could also define the behavior if you like). You skip the entire compilation
step, so you are evaluating both proper syntax and semantics at the same
time.

Bottom line: Not having typed variables or static checking really isn't that
bad, and the dynamic nature of Ruby is really that good.

Rob

···

On 9/22/05, klancaster1957@gmail.com <klancaster1957@gmail.com> wrote:

I don't know why anyone would consider having tools (like compilers)
help catch errors as "old school". Personally, I want every tool I use
to help me catch my goofs. I've just started using Ruby, and while I am
jazzed with the language and really excited about Rails in particular,
the relative lack of support for static code checking and runtime
debugging as compared to C#/Java/etc. is a little disconcerting. In
those languages, I rely on unit testing, static checkers, AND runtime
checking to insure that I get it right.

klancaster1957@gmail.com wrote:

I don't know why anyone would consider having tools (like compilers)
help catch errors as "old school". Personally, I want every tool I use
to help me catch my goofs.

Yes.

Type-check well-tested in-production applications (written in a
dynamically type checked language) and expect to find errors:

Detecting Software Defects in Telecom Applications Through Lightweight
Static Analysis: A War Story

Use static analysis on well-tested in-production applications (written
in C) and expect to find errors:

An Empirical Study of Operating System Errors
http://www.stanford.edu/~engler/metrics-sosp-01.ps

Use type recovery tools...
- SmallTyper http://www.neolis.fr/smalltyper/smalltyper.htm
- The Analysis Browser
http://www.cincomsmalltalk.com/CincomSmalltalkWiki/The+Analysis+Browser

···

I've just started using Ruby, and while I am
jazzed with the language and really excited about Rails in particular,
the relative lack of support for static code checking and runtime
debugging as compared to C#/Java/etc. is a little disconcerting. In
those languages, I rely on unit testing, static checkers, AND runtime
checking to insure that I get it right.
Keith

Berger, Daniel wrote:
> That's a very old school philosophy. It just isn't so.
>
<snip>
> You'll get a warning if you run with -w. Also, those unit tests (that I
> know you wrote) should catch that.
>
> Regards,
>
> Dan

klancaster1957@gmail.com wrote:

I don't know why anyone would consider having tools (like compilers)
help catch errors as "old school". Personally, I want every tool I use
to help me catch my goofs. I've just started using Ruby, and while I am
jazzed with the language and really excited about Rails in particular,
the relative lack of support for static code checking and runtime
debugging as compared to C#/Java/etc. is a little disconcerting. In
those languages, I rely on unit testing, static checkers, AND runtime
checking to insure that I get it right.
Keith

On a similar thread to Ara's, the ability for an IDE to do IntelliSense / static checking / etc. comes at the cost of requiring a pretty boring* programming language. Any language in which you can do this:

        # execute the request simulating a specific http method and set/volley the response
        %w( get post put delete head ).each do |method|
          class_eval <<-EOV
            def #{method}(action, parameters = nil, session = nil, flash = nil)
              @request.env['REQUEST_METHOD'] = "#{method.upcase}"
              process(action, parameters, session, flash)
            end
          EOV
        end

is not going to be IntelliSensed properly.

Devin

*You know what I mean.

I use Unit Tests almost exclusively when writing Rails apps, and I only ever reload the page for styling. Unit Tests let me declare exactly the behaviors I want and are much faster than switching to the web browser, reloading, finding I made a typo, switching back, correcting, repeat. Even more so for changes that affect multiple pages, because I can be sure that every page I touch only has the changes I want in it and no more.

···

On 21 Sep 2005, at 15:35, James Edward Gray II wrote:

On Sep 21, 2005, at 5:23 PM, Warren Seltzer wrote:

Oh, yes, the Unit Tests, they're right, um, well, over here, um, lemme look ... Uh, I'll
get back to you on that...

We make jokes, but Unit Tests are a very real option. The myth is that they slow you down, but it's simply not true. I code at almost the exact same speed when doing Test Driven Development, because it shaves off so much debugging time. On top of that, I end up trusting the code so much more. Finally, it forces me to get the interface right, since I'm always using it to write the tests. That's a LOT of gain for something that's very easy to do.

--
Eric Hodel - drbrain@segment7.net - http://segment7.net
FEC2 57F1 D465 EB15 5D6E 7C11 332A 551C 796C 9F04

Ara.T.Howard wrote:
-snip-

line one is an error.
line two core dumps.
line three will hang your machine.

Humbly suggest that C is not the poster child for static type checking
:slight_smile:
iirc C is not even considered to be type safe.

-snip-

a valid concern, but i'd urge you to write some large ruby programs before
weighing it too heavily. i've been writing pretty much nothing but ruby for 5
years now and have never, like never, required a debugger or spent more that
an hour debugging my code. i have many, many systems running 24x7 that are
more than 5000 lines of code (that's probably around 25,000 lines of java)
and none, like none, of them have ever crashed.

The OP was unhelpfully vague about what he considered to be large
programs but imo 25,000 lines of java equivalent doesn't seem at all
large.

The OP also mentioned "programming in the large" which perhaps implies
co-ordinating multi-person development.

Humbly suggest that the same applies to Java (java.lang.Object,
anyone?), C++, and even C#. The only type safe statically checked
language that I've used is Ada.

C is statically checked and weakly typed. Ara's point remains the same
-- the compiler doesn't complain about these very *obvious*
programming errors.

-austin

···

On 9/22/05, Isaac Gouy <igouy@yahoo.com> wrote:

Ara.T.Howard wrote:
-snip-
> line one is an error.
> line two core dumps.
> line three will hang your machine.

Humbly suggest that C is not the poster child for static type checking
:slight_smile:
iirc C is not even considered to be type safe.

--
Austin Ziegler * halostatue@gmail.com
               * Alternate: austin@halostatue.ca

Hello Isaac,

The OP was unhelpfully vague about what he considered to be large
programs but imo 25,000 lines of java equivalent doesn't seem at all
large.

The OP also mentioned "programming in the large" which perhaps implies
co-ordinating multi-person development.

I agree, fore me programming in the large begins with 250.000 lines of
code and multiple persons is normally necessary to get this.

So from the current situation i would say there is no large ruby app.
The focus is also on application here, and not on large on a script collection
of 200000 lines that does not more then bundle unrelated test cases.
This isn't programming in the large, even if it has a lot of LOC's
(i'm talking about some ruby code that exist at BMW Munich).

···

--
Best regards, emailto: scholz at scriptolutions dot com
Lothar Scholz http://www.ruby-ide.com
CTO Scriptolutions Ruby, PHP, Python IDE 's

Ara.T.Howard wrote:
-snip-

line one is an error.
line two core dumps.
line three will hang your machine.

Humbly suggest that C is not the poster child for static type checking
:slight_smile:
iirc C is not even considered to be type safe.

c is 100% staticly typed. no exception. static typing means types are know
at compile type are cannot be changed via that execution path. note that this
is not the same as weak typing. c is also weakly typed - meaning that the
programmer can change the type of an expression (cast). note that doing so is
a __compile_time__ operation and cannot be done at run time so, even though
you can write this

   fprintf ("%s", (char *) 42);

and abuse the absence of string typing (arguments to methods cannot be given
the wrong type) the compiler still knows this __before__ your code execute and
is, therefore know statically.

c is not a poster child for strong typing - while, ironically, ruby is.

   c : static/weak type
   c++ : static/weak type
   ocaml : static/strong type
   java : static/strong type
   perl : dynamic/weak type
   ruby : dynamic/strong type
   python : dynamic/strong type

only the combination of static and strong typing can allow a compiler to ensure
program correctness. note, however, that it's impossible to do any generic
programming without also having a type inference system (a la ocaml) or code
generation system (a la c++). eg, if c were static and strongly typed you
could not write

   int pthread_create (pthread_t * thread, pthread_attr_t * attr,
                       void *(*start_routine) (void *), void *arg);
and i c++ you could not write

   int foo (BaseClass *obj);

unless you did so using templates.

only with a system that is both strongly typed, statically typed, and uses
type inference could you write something like

     let rec sort = function
       > ->
       > x :: l -> insert x (sort l)

     and insert elem = function
       > -> [elem]
       > x :: l ->
         if elem < x then elem :: x :: l else x :: insert elem l;;

     sort [2; 1; 0];;
     - : int list = [0; 1; 2]

     sort ["yes"; "ok"; "sure"; "ya"; "yep"];;
     - : string list = ["ok"; "sure"; "ya"; "yep"; "yes"]

and have the compiler verify that it is correct and wil not core dump, etc.
without writing, by hand, a duplicate method for all possible type - which is
what c++ templates effectively do, though making a program verifiably correct
would require their use exclusively and removal of type promotion rules, among
other things.

strangely noone suggests that c++ or java are not feasbile for large project
and advocate ocaml instead.

i really think this is more of a paradigm issue that any real issue.

The OP was unhelpfully vague about what he considered to be large
programs but imo 25,000 lines of java equivalent doesn't seem at all
large.

but it makes me sick just thinking about it. no program should be that big -
just like no soda should be 64 ounces.

The OP also mentioned "programming in the large" which perhaps implies
co-ordinating multi-person development.

and weeks of memory leak debugging.

i'm just kidding on those last two. :wink:

cheers.

-a

···

On Thu, 22 Sep 2005, Isaac Gouy wrote:
--

email :: ara [dot] t [dot] howard [at] noaa [dot] gov
phone :: 303.497.6469
Your life dwells amoung the causes of death
Like a lamp standing in a strong breeze. --Nagarjuna

===============================================================================

Ara.T.Howard wrote:
-snip-

line one is an error.
line two core dumps.
line three will hang your machine.

Humbly suggest that C is not the poster child for static type checking
:slight_smile:
iirc C is not even considered to be type safe.

c is 100% staticly typed. no exception. static typing means types are know
at compile type are cannot be changed via that execution path. note that this
is not the same as weak typing. c is also weakly typed - meaning that the
programmer can change the type of an expression (cast). note that doing so is
a __compile_time__ operation and cannot be done at run time so, even though
you can write this

    fprintf ("%s", (char *) 42);

and abuse the absence of string typing (arguments to methods cannot be given
the wrong type) the compiler still knows this __before__ your code execute and
is, therefore know statically.

c is not a poster child for strong typing - while, ironically, ruby is.

    c : static/weak type
    c++ : static/weak type
    ocaml : static/strong type
    java : static/strong type
    perl : dynamic/weak type
    ruby : dynamic/strong type
    python : dynamic/strong type

only the combination of static and strong typing can allow a compiler to ensure
program correctness. note, however, that it's impossible to do any generic
programming without also having a type inference system (a la ocaml) or code
generation system (a la c++). eg, if c were static and strongly typed you
could not write

    int pthread_create (pthread_t * thread, pthread_attr_t * attr,
                        void *(*start_routine) (void *), void *arg);
and i c++ you could not write

    int foo (BaseClass *obj);

unless you did so using templates.

only with a system that is both strongly typed, statically typed, and uses
type inference could you write something like

      let rec sort = function
        > ->
        > x :: l -> insert x (sort l)

      and insert elem = function
        > -> [elem]
        > x :: l ->
          if elem < x then elem :: x :: l else x :: insert elem l;;

      sort [2; 1; 0];;
      - : int list = [0; 1; 2]

      sort ["yes"; "ok"; "sure"; "ya"; "yep"];;
      - : string list = ["ok"; "sure"; "ya"; "yep"; "yes"]

and have the compiler verify that it is correct and wil not core dump, etc.
without writing, by hand, a duplicate method for all possible type - which is
what c++ templates effectively do, though making a program verifiably correct
would require their use exclusively and removal of type promotion rules, among
other things.

strangely noone suggests that c++ or java are not feasbile for large project
and advocate ocaml instead.

i really think this is more of a paradigm issue that any real issue.

The OP was unhelpfully vague about what he considered to be large
programs but imo 25,000 lines of java equivalent doesn't seem at all
large.

but it makes me sick just thinking about it. no program should be that big -
just like no soda should be 64 ounces.

The OP also mentioned "programming in the large" which perhaps implies
co-ordinating multi-person development.

and weeks of memory leak debugging.

i'm just kidding on those last two. :wink:

cheers.

-a

···

On Thu, 22 Sep 2005, Isaac Gouy wrote:
--

email :: ara [dot] t [dot] howard [at] noaa [dot] gov
phone :: 303.497.6469
Your life dwells amoung the causes of death
Like a lamp standing in a strong breeze. --Nagarjuna

===============================================================================

Lothar Scholz wrote:

Hello Isaac,

> The OP was unhelpfully vague about what he considered to be large
> programs but imo 25,000 lines of java equivalent doesn't seem at all
> large.

> The OP also mentioned "programming in the large" which perhaps implies
> co-ordinating multi-person development.

I agree, fore me programming in the large begins with 250.000 lines of
code and multiple persons is normally necessary to get this.

So from the current situation i would say there is no large ruby app.
The focus is also on application here, and not on large on a script collection
of 200000 lines that does not more then bundle unrelated test cases.
This isn't programming in the large, even if it has a lot of LOC's
(i'm talking about some ruby code that exist at BMW Munich).

--
Best regards, emailto: scholz at scriptolutions dot com
Lothar Scholz http://www.ruby-ide.com
CTO Scriptolutions Ruby, PHP, Python IDE 's

And let's quickly state that doesn't mean there are no large
applications written in dynamically type checked languages :slight_smile:

There are Smalltalk applications with (high) tens-of-thousands of
classes.

There are Erlang applications with ~ 1 million LOCs Erlang
"Four-fold Increase in Productivity and Quality"
http://www.erlang.se/publications/Ulf_Wiger.pdf

Austin Ziegler wrote:

> Ara.T.Howard wrote:
> -snip-
> > line one is an error.
> > line two core dumps.
> > line three will hang your machine.
>
> Humbly suggest that C is not the poster child for static type checking
> :slight_smile:
> iirc C is not even considered to be type safe.

Humbly suggest that the same applies to Java (java.lang.Object,
anyone?), C++, and even C#. The only type safe statically checked
language that I've used is Ada.

C is statically checked and weakly typed. Ara's point remains the same
-- the compiler doesn't complain about these very *obvious*
programming errors.

-austin
--
Austin Ziegler * halostatue@gmail.com
               * Alternate: austin@halostatue.ca

I'm not interested in quarreling about the meaning of phrases, so I use
textbook definitions - for "type safety" and "strong typing" see p271
"Programming Languages: Application and Interpretation"
http://www.cs.brown.edu/~sk/Publications/Books/ProgLangs/

Java is considered type safe; C++ (because of the C subset) is not.

Ara make's a good point about C, which doesn't generalize to other
statically type checked languages.

···

On 9/22/05, Isaac Gouy <igouy@yahoo.com> wrote:

> Ara.T.Howard wrote:
> -snip-
>> line one is an error.
>> line two core dumps.
>> line three will hang your machine.
>
> Humbly suggest that C is not the poster child for static type checking
> :slight_smile:
> iirc C is not even considered to be type safe.

c is 100% staticly typed. no exception. static typing means types are know
at compile type are cannot be changed via that execution path. note that this
is not the same as weak typing. c is also weakly typed - meaning that the
programmer can change the type of an expression (cast). note that doing so is
a __compile_time__ operation and cannot be done at run time so, even though
you can write this

   fprintf ("%s", (char *) 42);

and abuse the absence of string typing (arguments to methods cannot be given
the wrong type) the compiler still knows this __before__ your code execute and
is, therefore know statically.

c is not a poster child for strong typing - while, ironically, ruby is.

   c : static/weak type
   c++ : static/weak type
   ocaml : static/strong type
   java : static/strong type
   perl : dynamic/weak type
   ruby : dynamic/strong type
   python : dynamic/strong type

only the combination of static and strong typing can allow a compiler to ensure
program correctness. note, however, that it's impossible to do any generic
programming without also having a type inference system (a la ocaml) or code
generation system (a la c++). eg, if c were static and strongly typed you
could not write

   int pthread_create (pthread_t * thread, pthread_attr_t * attr,
                       void *(*start_routine) (void *), void *arg);
and i c++ you could not write

   int foo (BaseClass *obj);

unless you did so using templates.

only with a system that is both strongly typed, statically typed, and uses
type inference could you write something like

     let rec sort = function
       > ->
       > x :: l -> insert x (sort l)

     and insert elem = function
       > -> [elem]
       > x :: l ->
         if elem < x then elem :: x :: l else x :: insert elem l;;

     sort [2; 1; 0];;
     - : int list = [0; 1; 2]

     sort ["yes"; "ok"; "sure"; "ya"; "yep"];;
     - : string list = ["ok"; "sure"; "ya"; "yep"; "yes"]

and have the compiler verify that it is correct and wil not core dump, etc.
without writing, by hand, a duplicate method for all possible type - which is
what c++ templates effectively do, though making a program verifiably correct
would require their use exclusively and removal of type promotion rules, among
other things.

C is not type safe; Smalltalk is type safe, afaik Ruby is type safe.

"So what is "strong typing"? ... If someone uses this phrase, be
sure to ask them to define it for you. (For amusement, watch them
squirm.)"

p271 "Programming Languages: Application and Interpretation"
http://www.cs.brown.edu/~sk/Publications/Books/ProgLangs/

strangely noone suggests that c++ or java are not feasbile for large project
and advocate ocaml instead.

i really think this is more of a paradigm issue that any real issue.

> The OP was unhelpfully vague about what he considered to be large
> programs but imo 25,000 lines of java equivalent doesn't seem at all
> large.

but it makes me sick just thinking about it. no program should be that big

Should we just ignore big problems? (Do we really need fly-by-wire and
derivatives trading?)

···

Ara.T.Howard@noaa.gov wrote:

On Thu, 22 Sep 2005, Isaac Gouy wrote:

-
just like no soda should be 64 ounces.

> The OP also mentioned "programming in the large" which perhaps implies
> co-ordinating multi-person development.

and weeks of memory leak debugging.

i'm just kidding on those last two. :wink:

cheers.

-a
--

> email :: ara [dot] t [dot] howard [at] noaa [dot] gov
> phone :: 303.497.6469
> Your life dwells amoung the causes of death
> Like a lamp standing in a strong breeze. --Nagarjuna

doing silly pointer tricks?

···

On 9/22/05, Ara.T.Howard@noaa.gov <Ara.T.Howard@noaa.gov> wrote:

c is 100% staticly typed. no exception. static typing means types are know
at compile type are cannot be changed via that execution path. note that
this
is not the same as weak typing. c is also weakly typed - meaning that the
programmer can change the type of an expression (cast). note that doing so
is
a __compile_time__ operation and cannot be done at run time so, even
though
you can write this

fprintf ("%s", (char *) 42);

Don't union types kind of throw this slightly to the wind, as well as

Could you be a bit less lazy and post the relevant text next time,
rather than forcing people go to download a useless text just to discuss
things with you?

      Type safety is the property that no primitive operation is
      ever applied to values of the wrong type.

  By primitive operation we mean not only addition and so forth, but
  also procedure application. In short, a safe language honors the
  abstraction boundaries it erects. Since abstractions are crucial for
  designing and maintaining large systems, safety is a key software
  engineering attribute in a language. (Even most C++ libraries are
  safe, but the problem is you have to be sure no legacy C library isn't
  performing unsafe operations, too.) Using this concept, we can
  construct the following table:

                    statically checked | not statically checked
        type safe | ML, Java | Scheme
      type unsafe | C, C++ | assembly

  The important thing to remember is, due to the Halting Problem, some
  checks simply can never be performed statically; something must always
  be deferred to execution time. The trade-off in type design is to
  minimize the time and space consumed by these objects during execution
  (and, for that matter, how many guarantees a type system can tractably
  give a user)—in particular, in shuffling where the set of checked
  operations lies between static and dynamic checking.

Basically, the author of the text in question is full of shit by placing
Java in the "statically checked type safe" column. A primitive operation
*can* be applied to values of the wrong type because all objects in Java
derive from java.lang.Object. All one needs to do is cast improperly.
It's *harder*, mind you, to break the type protections in Java, but it's
still not enough to call type safe. I refer you to
<http://www.c2.com/cgi/wiki?JavaArraysBreakTypeSafety&gt;\.

  A Java array containing a reference type can be cast to an array of
  the supertype. This breaks type safety, and therefore array accesses
  have to be type checked at runtime.

  For example this code is valid at compile time and fails at run time.

    String strings = new String[1];
    Object objects = strings;
    objects[0] = new Integer(1); // RUN-TIME FAILURE

The author of the text you chose that supports your position also
suggests that "strong typing" is a meaningless phrase, which merely
indicates his own bias. Also on c2, which I consider a bit more rigorous
and authoritative than a random programming language text, see
<http://www.c2.com/cgi/wiki?StaticTypeSafety&gt;\. There's discussion on
there about whether Java is type-safe or not, but someone has also taken
my position:

  A "type-safe" language that includes a cast operator is not type-safe.

Ada doesn't have a cast operator. Indeed, creating a subrange type of
Integer (e.g., WholeNumbers = Integer(0..INFINITY)) makes a type that
cannot be cast to Integer at all and is not compatible with Integer on
any level; conversion is possible, but not casting. On the same page:

  The point is that because type systems are always "optional", the
  alleged benefits of systems based upon them are largely illusory. It's
  been my experience that the loudest advocates of strong type systems
  have been the youngest developers on the team with the least long-term
  support and development experience (based on the number of
  applications dealt with, not length of time coding). I therefore
  associate (perhaps unfairly) stridency in this regard with youthful
  exuberance. -- TomStambaugh.

  [...]

  I realize, on rereading this, that I strongly endorse the underlying
  discipline that results from working in a strongly typed environment.
  I think that my view is that it is the *disciplined thought* that is
  necessary, not the type system. Thus, I find that the Java and C++
  type systems get in the way of the underlying rigor I bring to the
  problem space, where as Lisp and Smalltalk environments let me express
  that rigor in metastructure. I almost never write totally unstructured
  random code. To the contrary, I generally want my code to reflect more
  (or at least different) structure from that enforced by a
  C++/Java-style static type system. -- TomStambaugh

The discussion is definitely up in the air as to whether Java is really
"type safe" or not. I tend to agree with the position on cast operations
-- which are different than *conversion* operations.

-austin

···

On 9/22/05, Isaac Gouy <igouy@yahoo.com> wrote:

Austin Ziegler wrote:

On 9/22/05, Isaac Gouy <igouy@yahoo.com> wrote:

Humbly suggest that C is not the poster child for static type
checking :slight_smile: iirc C is not even considered to be type safe.

Humbly suggest that the same applies to Java (java.lang.Object,
anyone?), C++, and even C#. The only type safe statically checked
language that I've used is Ada.

C is statically checked and weakly typed. Ara's point remains the
same -- the compiler doesn't complain about these very *obvious*
programming errors.

I'm not interested in quarreling about the meaning of phrases, so I
use textbook definitions - for "type safety" and "strong typing" see
p271 "Programming Languages: Application and Interpretation"
Programming Languages: Application and Interpretation by Shriram Krishnamurthi

--
Austin Ziegler * halostatue@gmail.com
               * Alternate: austin@halostatue.ca