Re: Runtime check : what about you ?

["Randy Brukardt" <randy@rrsoftware.com>]

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain, Size: 1753 bytes --]

"Yannick Duch�ne (Hibou57)" <yannick_duchene@yahoo.fr> wrote in message 
news:op.vw7rxjtgule2fv@douda-yannick...

>Just out of curiosity as much as because this may be worth to discuss it 
>to some (at least because there are some reflex with that) : how many of 
>your typically compile releases with runtime check and how many of you 
>typically compile releases without runtime check ?

Janus/Ada is released with checking off. That was because the compiler with 
checking on was too large for typical machines back in the day, and there 
are various reasons that it is best to keep this the same going forward. 
OTOH, all of the beta releases of Janus/Ada are with checking all.

All of RRS's other programs and my other programs are released/used with 
checking on. Modern Ada compilers do a very good job of removing extra 
checks, and it is very rare that I have seen a case where it is worth the 
effort to suppress them. For things like the AdaIC search engine, it's many 
times better to have the protection of the checks in case there is some bug 
(out-of-range, null pointer deref, etc.) in the code -- with checking on, 
such bugs have no effect than causing a denial-of-service to the caller; 
with checking off, who knows what could happen?

I personally believe in the seatbelt analogy: "turning off checks in 
released software is like using seatbelts in the driveway and then taking 
them off when you reach the highway". For me, this also applies to 
assertions and contracts as well -- I only turn these things off if they are 
tremendously expensive (in which case I usually remove them permanently). I 
know there are others (like Bob Duff) who think this analogy is silly.

                                           Randy.