|
|
|
|
|
|
by zuzun
3367 days ago
|
|
|
> We have lost Mars climate orbiter due to not using type-safe language. One company creates a closed-source component that produces a float, another company creates a closed-source component that receives a float. Units differ. Crash. No type-safe language will prevent that bug from happening. Let 100 programmers write these programs in your type-safe language of choice and all will be vulnerable to this. "Oh no", I hear you say, "we'll give every unit its own type" and it still won't stop your programmers from deserializing a 4 byte value in English units into the metric value they think it is. "So we'll make all the IO typed as well!" You don't need a type safe language to do that. And why would you do it in the first place? If your API spec says you receive a float in metric units, you write your program accordingly. When you're writing mission critical software, would you really want to replace a > read(sensor, &value, sizeof(float)) with 100k lines of even buggier code to prevent a bug from happening that shouldn't happen in the first place? |
|
|
Some will be, some will define inteface as float_meters and define automatic conversion from yards, avoiding whole issue.