From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00, REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4 X-Google-Thread: 103376,6327f05d4989a68d X-Google-NewGroupId: yes X-Google-Attributes: gida07f3367d7,domainid0,public,usenet X-Google-Language: ENGLISH,ASCII-7-bit X-Received: by 10.68.222.167 with SMTP id qn7mr1993786pbc.1.1356080437685; Fri, 21 Dec 2012 01:00:37 -0800 (PST) Path: 6ni55521pbd.1!nntp.google.com!npeer02.iad.highwinds-media.com!feed-me.highwinds-media.com!cyclone02.ams2.highwinds-media.com!news.highwinds-media.com!voer-me.highwinds-media.com!goblin2!goblin.stu.neva.ru!aioe.org!.POSTED!not-for-mail From: "Dmitry A. Kazakov" Newsgroups: comp.lang.ada Subject: Re: Press Release - Ada 2012 Language Standard Approved by ISO Date: Fri, 21 Dec 2012 10:01:18 +0100 Organization: cbb software GmbH Message-ID: <14oqoq06zhlu2.tcasif3hdyhw.dlg@40tude.net> References: <7wrdmbre6jw9.qww9l0uzj6mg.dlg@40tude.net> Reply-To: mailbox@dmitry-kazakov.de NNTP-Posting-Host: FbOMkhMtVLVmu7IwBnt1tw.user.speranza.aioe.org Mime-Version: 1.0 X-Complaints-To: abuse@aioe.org User-Agent: 40tude_Dialog/2.0.15.1 X-Notice: Filtered by postfilter v. 0.8.2 X-Received-Bytes: 3348 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Date: 2012-12-21T10:01:18+01:00 List-Id: On Wed, 19 Dec 2012 19:52:33 -0600, Randy Brukardt wrote: > "Dmitry A. Kazakov" wrote in message > news:7wrdmbre6jw9.qww9l0uzj6mg.dlg@40tude.net... > ... >> Take an instance of Ada.Numerics.Discrete_Random and do: >> >> subtype More_Fun_Number is Integer with >> Dynamic_Predicate => Random = More_Fun_Number; > > A predicate (or any contract) that can get different answers on successive > calls is *wrong*. Ada 2012 has a permission (11.4.2(27/3)) for > implementations to reject such expressions if they can detect it. (This > isn't required simply because we don't know of any way to characterize what > should not be allowed -- that's a work item for future versions of Ada.) > > One would hope that obvious cases like this take advantage of the permission > and are rejected outright. People will readily misuse predicates, that is for sure. The bugs introduced by dynamic checks are extremely difficult to track down. > Functions in dynamic predicates (and all of the other contract aspects, as > well) ought to be logically pure, returning the same result for the same > parameter values. Well, in my view there are only two purposes for type constraining. Both are closely related: 1. Elimination of checks, that is when T'Class is constrained to specific a S, so that dispatch became static, or when subtype Index is declared with the range A'Range where A is an array etc. ["constant T" and "in T" fall into this category, they disallow mutators eliminating checks that a variable is not updated] 2. Influencing representation, e.g. setting bounds of an unconstrained array, selecting variant of a record. In essence 1 and 2 are about knowing something statically, during compilation. Not necessarily the constraint itself, which may be dynamic, yet allowing to prove something statically, e.g. that array index is always within the bounds. I don't see how predicates might be helpful for either 1 or 2. subtype Even is Positive with Dynamic_Predicate => Even mod 2 = 0; subtype Each_Second_Character is String (Even); won't work. What I see is a yet another way to pack implementations into declarations as Georg promptly suggested, a slippery slope... -- Regards, Dmitry A. Kazakov http://www.dmitry-kazakov.de