Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!mhuxr!mhuxn!ihnp4!houxm!whuxl!whuxlm!akgua!gatech!seismo!uwvax!geowhiz!netzer!prairie!dan
From: dan@prairie.UUCP
Newsgroups: net.lang.c,net.lang.c++,net.arch
Subject: Re: oops, corrupted memory again!
Message-ID: <117@prairie.UUCP>
Date: Mon, 28-Apr-86 11:58:11 EDT
Article-I.D.: prairie.117
Posted: Mon Apr 28 11:58:11 1986
Date-Received: Fri, 2-May-86 07:46:40 EDT
References: <4495@cbrma.UUCP> <763@bentley.UUCP>
Reply-To: dan@prairie.UUCP (Daniel M. Frank)
Organization: Prairie Computing, Madison, Wisconsin
Lines: 21
Xref: watmath net.lang.c:8760 net.lang.c++:174 net.arch:3178

-------------

>Now, if only somebody would invent an architecture where all objects,
>including dynamicly allocated objects, are isolated in memory, then any
>subscript error would cause an immediate memory fault.

   If I'm not mistaken, this was done on the iAPX432, using a capability-
based addressing scheme.  Dimmed the lights.  You could probably construct
such an environment on the 80286, but no one does, probably for efficiency
reasons.

   You're probably better off with a language that compiles checks into
the code, and an option to turn off those checks once you're confident
(?!) of the program.  With a capability-based architecture, you pay the
price all the time, whether you want to or not.


-- 
	Dan Frank
	    ... uwvax!geowhiz!netzer!prairie!dan
	    -or- dan@caseus.wisc.edu