From: Stefan.Lucks@uni-weimar.de
Subject: Re: Tests in a software release
Date: Thu, 26 Oct 2017 10:09:11 +0200
Date: 2017-10-26T10:09:11+02:00 [thread overview]
Message-ID: <alpine.DEB.2.20.1710260952460.19771@lucks-pc> (raw)
In-Reply-To: <osqoph$1ves$1@gioia.aioe.org>
[-- Attachment #1: Type: text/plain, Size: 2355 bytes --]
On Wed, 25 Oct 2017, Victor Porton wrote:
> Do you agree that a release (that is software for which debugging was
> finished) should have integer overflow tests but not array out of bounds
> tests (because array out of bounds is always a programming error, but
> integer overflow may happen in an innocent program)?
Firstly, depending on your programming conventions (or style) either
exception can be an error, or both, or none. As a rule of thumb, if the
possibility for the exception is anticipated and the exception is handled,
it is not an error. If you don't anticipate the exception to be raised,
raising it is an error.
Here a simple example for a program where an out-of-bounds access to an
array is not an error, and skipping the check would break the program:
with Ada.Text_IO;
procedure Example is
type Counter_Array is array (Character range <>) of Integer;
Counter: Counter_Array('a' .. 'z') := (others => 0);
begin
while not Ada.Text_IO.End_Of_File loop
declare
C: Character;
begin
Ada.Text_IO.Get(C);
Counter(C) := Counter(C) + 1;
Ada.Text_IO.Put_Line(C & Integer'Image(Counter(C)));
exception
when others => null;
end;
end loop;
for C in Counter'Range loop
Ada.Text_IO.Put(Integer'Image(Counter(C)));
end loop;
end Example;
Secondly, even if raising the exception is an error, why do you want to
skip the check?
Raising the exception gives you at least the chance to shut down your
program cleanly (try to close files you opened ...) and to write some
debugging output.
Of course, if it turns out that your program is too slow, skipping either
check may be an option. Ideally, you only do so after properly profiling
your program and locally, for the parts of the program which are
performance bottlenecks. Generally turning of some checks from scratch is
premature optimization. (BTW, my general experience is that skipping
overflow and out-of-bounds access checks improves the peformance only
marginally.)
-------- I love the taste of Cryptanalysis in the morning! --------
www.uni-weimar.de/de/medien/professuren/mediensicherheit/people/stefan-lucks
----Stefan.Lucks (at) uni-weimar.de, Bauhaus-Universität Weimar, Germany----
next prev parent reply other threads:[~2017-10-26 8:09 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-25 19:30 Tests in a software release Victor Porton
2017-10-26 7:20 ` Dmitry A. Kazakov
2017-10-27 18:06 ` G. B.
2017-10-27 18:54 ` Dmitry A. Kazakov
2017-10-28 6:53 ` G.B.
2017-10-28 7:35 ` Dmitry A. Kazakov
2017-10-30 20:44 ` G. B.
2017-10-30 20:56 ` Dmitry A. Kazakov
2017-10-31 7:17 ` G.B.
2017-10-31 8:32 ` Dmitry A. Kazakov
2017-11-03 7:24 ` G.B.
2017-11-03 8:16 ` Dmitry A. Kazakov
2017-11-03 12:49 ` Shark8
2017-11-04 10:15 ` G.B.
2017-11-15 0:11 ` Randy Brukardt
2017-11-15 17:57 ` G. B.
2017-11-15 20:46 ` Dmitry A. Kazakov
2017-11-17 15:36 ` Shark8
2017-11-15 22:17 ` Randy Brukardt
2017-11-16 21:44 ` G.B.
2017-11-17 0:15 ` Randy Brukardt
2017-11-17 15:45 ` Shark8
2017-11-18 1:07 ` Randy Brukardt
2017-11-15 0:06 ` Randy Brukardt
2017-11-15 8:47 ` Dmitry A. Kazakov
2017-11-15 21:53 ` Randy Brukardt
2017-11-15 16:47 ` Jeffrey R. Carter
2017-11-15 16:59 ` J-P. Rosen
2017-11-15 20:45 ` Dmitry A. Kazakov
2017-11-15 21:58 ` Randy Brukardt
2017-11-16 5:50 ` J-P. Rosen
2017-11-16 23:53 ` Randy Brukardt
2017-11-15 0:01 ` Randy Brukardt
2017-11-16 17:02 ` Robert Eachus
2017-11-17 0:20 ` Randy Brukardt
2017-11-22 20:40 ` Robert Eachus
2017-11-14 23:55 ` Randy Brukardt
2017-10-26 8:09 ` Stefan.Lucks [this message]
2017-10-26 17:30 ` Simon Clubley
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox