Re: Idea: Array Boundary Checks on Write Access Only

[pfk@schnecke.offl.uni-jena.de (Frank Klemm)]

On 22 Jun 1998 00:44:07 -0400, Robert Dewar <dewar@merv.cs.nyu.edu> wrote:
>Markus said
>
><<The reason for the crash in the end was an unhandled Ada overflow
>exception. There would have been no problem here if this piece of
>navigation system control code had been compiled without exceptions.
>>>
>
>Indeed, and I often use this case as an example of the important fact that
>runtime checking does not necessarily improve safety, and indeed if exceptions
>can be raised, it is vital that VERY careful analysis of all exceptional
>situations take place to make sure they are handled. In the absence of
>such careful analysis, running with checks on can be much more dangerous
>than with checks off. Very often, a locally violated constraint will just
>cause a local wrong value with checks off, which may not be critical,
>especially if the wrong value is in connection with a non-critical function.
>But raising an exception can have disastrous global effects if the exception
>is not properly handled.
>
Do no check for a condition if you're not known how to handle it!

-- 
Frank Klemm

 /------\  /-----------------------------------------------------\
| eMail: || pfk@uni-jena.de | home: pfk@schnecke.offl.uni-jena.de |
| Tel:   ||                 | home: +49 (3641) 390545             |
| sMail: ||  Frank Klemm, Ziegesarstr. 1, D-07747 Jena, Germany   |
 \------/  \-----------------------------------------------------/