From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM
	autolearn=ham autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,f039470e8f537101
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2003-07-30 08:04:49 PST
Path: 
 archiver1.google.com!news1.google.com!newsfeed.stanford.edu!headwall.stanford.edu!newsfeed.media.kyoto-u.ac.jp!in.100proofnews.com!in.100proofnews.com!news.maxwell.syr.edu!nntp.abs.net!ash.uu.net!spool.news.uu.net!not-for-mail
Date: Wed, 30 Jul 2003 11:04:47 -0400
From: Hyman Rosen <hyrosen@mail.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US;
 rv:1.5a) Gecko/20030611 Thunderbird/0.1a
X-Accept-Language: en-us, en
MIME-Version: 1.0
Newsgroups: comp.lang.ada
Subject: Re: Ariane5 FAQ
References: <mailman.26.1058753354.24167.comp.lang.ada@ada.eu.org>
 <wqkTa.18742$0F4.18264@nwrdny02.gnilink.net>
 <pan.2003.07.23.00.31.01.14991@mail.utexas.edu>
 <1058968422.225561@master.nyc.kbcfp.com> <3F200AD0.94F79098@adaworks.com>
 <e2e5731a.0307241721.a6eae4e@posting.google.com>
 <7u9Ua.13412$634.10307@nwrdny03.gnilink.net> <3F215120.1040706@attbi.com>
 <1059151910.357790@master.nyc.kbcfp.com>
 <e2e5731a.0307251844.7ea4dab4@posting.google.com>
 <bDTUa.6456$AO6.976@nwrdny02.gnilink.net>
 <e2e5731a.0307271419.4390a02c@posting.google.com> <ud6fvzbzc.fsf@xsol.com>
 <3F248CEE.5050709@attbi.com> <3F25FB81.A81694FA@adaworks.com>
 <K9oVa.12850$AO6.11742@nwrdny02.gnilink.net> <3F27C108.14E7000A@adaworks.com>
In-Reply-To: <3F27C108.14E7000A@adaworks.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Organization: KBC Financial Products
Message-ID: <1059577487.590527@master.nyc.kbcfp.com>
Cache-Post-Path: master.nyc.kbcfp.com!unknown@nightcrawler.nyc.kbcfp.com
X-Cache: nntpcache 3.0.1 (see http://www.nntpcache.org/)
NNTP-Posting-Host: 204.253.250.10
X-Trace: 1059577488  2485 204.253.250.10
Xref: archiver1.google.com comp.lang.ada:41016
Date: 2003-07-30T11:04:47-04:00
List-Id: <comp.lang.ada>

Richard Riehle wrote:
> Yet  they did design the Ariane  4 within those limits.
 > They would have had to anticipate some yet unknown
 > information regarding future projects.

There are two different things here which you are mixing up.

The first is making a program work within the limits specified
for its external inputs. As you say, Ariane 4 was designed that
way, and worked fine.

The second is making a program verify that its external inputs
actually lie within the specified limits. This was not done in
the Ariane 4 case. In general, this is a popular feature to omit,
since in a properly functioning overall system, these checks will
never trigger. But such programming protects the code against
"some yet unknown information regarding future projects" by
noticing when specified constraints on external inputs are violated.

> There is  limit to how much checking one can do in any system.

Sure. If the tradeoff was clearly in favor of one side or the
other, these discussions woudn't arise as much. It's the same
issue as deciding whether to leave range checks turned on in
deployed code.