data validation (really a sidebar on implementation)

David Collier-Brown daveb at geac.UUCP
Tue Aug 2 22:50:44 AEST 1988 

> In article <3084 at geac.UUCP> daveb at geac.UUCP (David Collier-Brown) writes:
>>  This is for a machine [Multics] which happily passes descriptors of arrays
>>around, and manages to bounds-check array references in parallell
>>with the fetch. 

>From article <24593 at think.UUCP>, by barmar at think.COM (Barry Margolin):
> Sorry, but this is not true.  None of the hardware architectures that
> Multics was implemented on had parallel array-bounds checking.  There
> was an option to the PL/I compiler that caused it to include
> bounds-checking code before all array references.

  Well, it may not appear to check, but it sure did in practice!  We
lost a (large, scientific-applications) sale because we couldn't get
a benchmark to run due to its addressing a large array out of its
bounds, and therefore could not run the benchmark "as written".
  In fact, it was explained that the array in question was
extremely large and had to be defined as a segment...

> Perhaps David is thinking of segment bounds checking. [...]  it is
> possible to set the maximum length of a segment to the length of the
> array it contains.  This will cause an error if the application
> attempts to reference too far into the segment.  Using this feature
> requires explicit use of segments.  Most applications simply allocate
> arrays from the heap using the PL/I "allocate" statement

 ... for the FORTRAN program in use.  FORTRAN only used a subset of
the standard parameter-passing mechanism, and caused screams of "but
it **can't** be checking the array bounds, FORTRAN doesn't know how
to find that part of the parameter list", which slowed down the
identification of the problem a lot.  Sufficient that they didn't
come up with a work-around in time.



  You can do this on GCOS now, by the way, by "shrinking" a
descriptor around an existing, normally allocated, array.  But that's
a different story entirely...  None of the 'buns will address-check
non-array variables without lots of special incantations, which
sounded like what I was saying.

  'Taint so! And I'm sorry if I made it sound like it was.

--dave 
-- 
 David Collier-Brown.  {mnetor yunexus utgpu}!geac!daveb
 Geac Computers Ltd.,  |  Computer science loses its
 350 Steelcase Road,   |  memory, if not its mind,
 Markham, Ontario.     |  every six months.

More information about the Comp.lang.c mailing list