From: Maciej Sobczak <see.my.homepage@gmail.com>
Subject: Re: Reconsidering assignment
Date: Thu, 07 Jun 2007 00:32:02 -0700
Date: 2007-06-07T00:32:02-07:00 [thread overview]
Message-ID: <1181201522.974849.163960@o5g2000hsb.googlegroups.com> (raw)
In-Reply-To: <Pine.LNX.4.64.0706070852030.1993@th.informatik.uni-mannheim.de>
On 7 Cze, 09:10, Stefan Lucks <l...@th.informatik.uni-mannheim.de>
wrote:
> > 1. Integer and its subtypes (like Positive).
> > An Integer object has some value - and only that. Any subtype of
> > Integer is defined within the same space, which means that this only
> > thing that Integer has is also subject for the constraint check. In
> > other words, *every* modification of the Integer (or subtype of)
> > object is potentially violating the constraint.
>
> Yes, that is what subtypes are for. And if a subprogram delivers you a
> value in the types range, but outside the subtype's range, a
> Constraint_Error is IMHO the right thing.
Yes, but my motivation was to exclude it if the code looks "innocent":
function Make_Integer return Integer;
function Make_Positive return Positive;
declare
I : Integer;
P : Positive;
begin
I := Make_Positive; -- OK, looks "innocent", cannot raise
P := Make_Integer; -- should be error ("innocent" lies)
P := (Positive)Make_Integer; -- OK, beware potential errors
end;
> > 2. String.
> The difference is that the exceptions are raised
> inside the subprogram
But the rules will then apply inside this subprogram.
The rule is simple: "innocent" code should not lie.
> so the caller would need the details of the
> subprograms implementation to predict if an exception will be raised.
In other words, the call-site looks innocent, even though the body of
subprogram contains evil code raising exceptions.
function Innocent_Looking return Positive is
begin
return (Positive)Make_Integer;
end;
declare
P : Positive;
begin
P := Innocent_Looking; -- ?
end;
This is good point. Maybe introducing exception specifications to
subprogram signatures would help (like in Java).
Things get interesting...
> I like your suggestion, but i would prefer a simpler syntax. Use some
> attribute Type in this case. Thus, I would prefer
>
> procedure Swap (X: in out String; Y: in out X'Type);
I don't like it because it introduces artificial assymetry in code (it
looks like there is a restriction on Y only, whereas in fact the
restriction binds both parameters).
But the idea is OK.
> > procedure Safe_Swap(X, Y : in out String) with X'Length = Y'Length;
>
> (BTW, your clause ensures that the lengths of the two strings are
> identical, the semantic of X'Type would even ensure X'First = Y'First and
> X'Last = Y'Last ...
Yes, except that these additional restrictions might not be needed in
a given context. But I think it would be good to have this possibility
as well, see also Ray's variant with X'Subtype = Y'Subtype.
--
Maciej Sobczak
http://www.msobczak.com/
next prev parent reply other threads:[~2007-06-07 7:32 UTC|newest]
Thread overview: 69+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-06-06 21:33 Reconsidering assignment Maciej Sobczak
2007-06-06 22:52 ` Ray Blaak
2007-06-07 7:15 ` Maciej Sobczak
2007-06-07 16:34 ` Ray Blaak
2007-06-07 7:10 ` Stefan Lucks
2007-06-07 7:32 ` Maciej Sobczak [this message]
2007-06-07 11:11 ` Stefan Lucks
2007-06-07 16:28 ` Ray Blaak
2007-06-07 9:27 ` Dmitry A. Kazakov
2007-06-07 16:54 ` contracted exceptions (was Re: Reconsidering assignment) Ray Blaak
2007-06-07 20:04 ` contracted exceptions Robert A Duff
2007-06-07 21:11 ` Ray Blaak
2007-06-07 23:44 ` Robert A Duff
2007-06-08 2:19 ` Randy Brukardt
2007-06-08 7:39 ` Dmitry A. Kazakov
2007-06-08 8:53 ` Ray Blaak
2007-06-08 12:08 ` Dmitry A. Kazakov
2007-06-08 17:31 ` Ray Blaak
2007-06-08 18:00 ` Dmitry A. Kazakov
2007-06-08 18:20 ` Georg Bauhaus
2007-06-08 18:56 ` Dmitry A. Kazakov
2007-06-08 19:15 ` Simon Wright
2007-06-09 0:14 ` Randy Brukardt
2007-06-09 2:44 ` Larry Kilgallen
2007-06-09 8:21 ` Dmitry A. Kazakov
2007-06-09 12:32 ` Simon Wright
2007-06-09 18:38 ` Dmitry A. Kazakov
2007-06-09 21:04 ` Simon Wright
2007-06-10 9:21 ` Dmitry A. Kazakov
2007-06-10 11:49 ` Simon Wright
2007-06-10 15:20 ` Dmitry A. Kazakov
2007-06-11 4:13 ` Ray Blaak
2007-06-11 7:58 ` Dmitry A. Kazakov
2007-06-11 17:06 ` Ray Blaak
2007-06-11 19:57 ` Dmitry A. Kazakov
2007-06-10 18:14 ` Georg Bauhaus
2007-06-10 18:12 ` Georg Bauhaus
2007-06-11 7:55 ` Dmitry A. Kazakov
2007-06-11 14:15 ` Bob Spooner
2007-06-11 15:14 ` Georg Bauhaus
2007-06-11 15:20 ` (see below)
2007-06-11 16:39 ` Georg Bauhaus
2007-06-11 19:50 ` Simon Wright
2007-06-08 11:26 ` Martin Krischik
2007-06-08 12:02 ` Robert A Duff
2007-06-08 11:22 ` contracted exceptions (was Re: Reconsidering assignment) Martin Krischik
2007-06-08 17:44 ` Ray Blaak
2007-06-08 12:10 ` contracted exceptions Robert A Duff
2007-06-08 15:56 ` Stefan Lucks
2007-06-08 20:27 ` Pascal Obry
2007-06-09 0:19 ` Randy Brukardt
2007-06-09 18:04 ` Robert A Duff
2007-06-09 18:37 ` Dmitry A. Kazakov
2007-06-09 20:43 ` Robert A Duff
2007-06-10 9:21 ` Dmitry A. Kazakov
2007-06-11 19:18 ` Randy Brukardt
2007-06-12 6:55 ` Jean-Pierre Rosen
2007-06-08 17:40 ` Ray Blaak
2007-06-09 18:14 ` Robert A Duff
2007-06-08 19:18 ` Simon Wright
2007-06-09 22:37 ` Reconsidering assignment Maciej Sobczak
2007-06-10 9:21 ` Dmitry A. Kazakov
2007-06-11 9:04 ` Maciej Sobczak
2007-06-11 13:09 ` Dmitry A. Kazakov
2007-06-11 18:57 ` Randy Brukardt
2007-06-11 21:12 ` Maciej Sobczak
2007-06-12 8:31 ` Dmitry A. Kazakov
2007-06-12 9:31 ` Georg Bauhaus
2007-06-12 10:03 ` Dmitry A. Kazakov
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox