From: "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de>
Subject: Re: Press Release - Ada 2012 Language Standard Approved by ISO
Date: Thu, 27 Dec 2012 11:05:39 +0100
Date: 2012-12-27T11:05:39+01:00 [thread overview]
Message-ID: <18vzcd215zy19.4p37h9105lca$.dlg@40tude.net> (raw)
In-Reply-To: e9f91590-75b2-4cb4-b897-e8f06d0128e6@googlegroups.com
On Wed, 26 Dec 2012 17:00:47 -0800 (PST), sbelmont700@gmail.com wrote:
> Consider the static case, where a subprogram has to specify a superset of
> all the specifications of subprograms it calls.
Not really. It specifies a conditional contract: "I rase E and whatever P
raises." I presume that P is explicitly stated, e.g. a callback or an
object passed.
> This will be of limited value, since you almost always end up being
> coupled to an API that you don't have control over (gtkAda, Claw, etc),
Ada API will certainly enjoy exception contracts. One of the nastiest
problems when using GtkAda is exceptions propagating into Gtk. Since GtkAda
is almost 100% user-defined Ada callbacks done from C, you *do* want to be
able to contract them not to raise anything.
> Secondly, the point is moot for OOP since the goal is to use classwide
> types. Putting an exception specification on a parent type automatically
> restricts all the child types (which may not even be thought of yet, much
> less written) to following that same model, which is often not the case.
Exception contract must be inherited. It is governed by the LSP. Conditions
may be weakened, promises strengthened. Note that this does not mean that
the contract remains exactly same. For example, stream write might have the
contract "may raise Ada I/O exceptions." An implementation of a blocking
stream could exclude End_Error.
> Finally, IMHO, exceptions are NOT a property of the interface but of the
> implementation (we will likely have to agree to disagree on this).
This is evidently wrong because you can write an exception handler and make
the program's behavior dependent on whether the exception propagated.
> You can take a subprogram that works one certain way (and potentially
> raises one set of exceptions), and then rework the guts to work an
> entirely different way but produce the same output with the same inputs,
> and raises a whole new set of exceptions;
That would be another subprogram with another interface.
> e.g. if you allocate and free your variables instead of declaring them,
> that changes the subprograms interface because now you might raise
> STORAGE_ERROR?
Both interfaces have Storage_Error in the contract. No difference, also.
Regarding Storage_Error. The contract model should support conditional
exceptions. This is the case "I raise if you do" and for Storage_Error it
is "I don't raise if there is X free storage elements of stack and Y
elements of pool Z." The estimations would be very conservative of course
if you wanted it more portable. It is thinkable that some other measurement
unit could be deployed to make less architecture dependent. Though
Storage_Error handling is more interesting for embedded and RT
applications, which are natively less portable than others. Most users
would probably never contract Storage_Error anyway.
For recursive subprograms and other programs where memory consumption is
undecidable yet might be known from other sources (e.g. tests), the
programmer should be able to instruct the compiler using a pragma, that the
implementation satisfies the contract.
> I'm of the school of thought that says every subprogram has just one
> inherent contract when it comes to exceptions: as long as all the
> parameters and pre/post conditions are met, the subprogram will *never
> raise anything*.
Why not to state that contract, especially for those who belong to other
schools?
> Or, to put it another way, an exception is an indication that the
> contract with the interface has NOT been met.
See, there was a contract then. You are in a contradiction.
> You don't need to know which ones may or may not be raised, since as long
> as you meet the pre-conditions they won't ever happen anyway.
Yes. But you cannot put undecidable stuff into a precondition. This is the
backdoor through which End_Error and all other exceptions come in and make
themselves comfortable, at our expense of course.
--
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de
next prev parent reply other threads:[~2012-12-27 10:05 UTC|newest]
Thread overview: 66+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-12-18 7:45 Press Release - Ada 2012 Language Standard Approved by ISO Dirk Craeynest
2012-12-18 16:57 ` Robert A Duff
2012-12-18 21:12 ` Bill Findlay
2012-12-18 21:36 ` Jeffrey Carter
2012-12-18 21:57 ` Bill Findlay
2012-12-19 8:33 ` Dmitry A. Kazakov
2012-12-19 9:00 ` Georg Bauhaus
2012-12-19 9:19 ` Dmitry A. Kazakov
2012-12-19 9:21 ` Georg Bauhaus
2012-12-19 9:38 ` Dmitry A. Kazakov
2012-12-19 12:23 ` Georg Bauhaus
2012-12-19 14:34 ` Bill Findlay
2012-12-20 1:52 ` Randy Brukardt
2012-12-21 9:01 ` Dmitry A. Kazakov
2012-12-21 10:13 ` Georg Bauhaus
2012-12-21 10:34 ` Georg Bauhaus
2012-12-21 13:38 ` Dmitry A. Kazakov
2012-12-22 1:40 ` Randy Brukardt
2012-12-22 9:02 ` Dmitry A. Kazakov
2012-12-22 22:38 ` Georg Bauhaus
2012-12-23 8:08 ` Dmitry A. Kazakov
2012-12-23 23:38 ` Shark8
2012-12-24 2:44 ` sbelmont700
2012-12-24 5:29 ` Shark8
2012-12-25 21:51 ` Florian Weimer
2012-12-27 1:00 ` sbelmont700
2012-12-27 1:47 ` Randy Brukardt
2012-12-27 14:29 ` sbelmont700
2012-12-27 15:30 ` Dmitry A. Kazakov
2012-12-27 18:48 ` Jeffrey Carter
2012-12-27 21:54 ` Randy Brukardt
2012-12-27 22:09 ` J-P. Rosen
2013-01-11 11:41 ` Yannick Duchêne (Hibou57)
2013-01-11 11:35 ` Yannick Duchêne (Hibou57)
2013-01-11 16:13 ` Jacob Sparre Andersen
2013-01-12 2:06 ` Randy Brukardt
2013-01-11 11:33 ` Yannick Duchêne (Hibou57)
2013-01-11 14:15 ` Dmitry A. Kazakov
2013-01-11 16:19 ` File_Exists (Was: Press Release - Ada 2012 Language Standard Approved by ISO) Jacob Sparre Andersen
2013-01-11 19:36 ` Yannick Duchêne (Hibou57)
2013-01-14 5:09 ` File_Exists Jacob Sparre Andersen
2013-01-12 7:55 ` File_Exists (Was: Press Release - Ada 2012 Language Standard Approved by ISO) Georg Bauhaus
2012-12-27 20:12 ` compilers, was Re: Press Release - Ada 2012 Language Standard Approved by ISO tmoran
2012-12-27 20:54 ` Shark8
2012-12-27 22:00 ` Randy Brukardt
2012-12-27 10:05 ` Dmitry A. Kazakov [this message]
2013-01-11 11:28 ` Yannick Duchêne (Hibou57)
2013-01-11 14:21 ` Dmitry A. Kazakov
2013-01-11 14:23 ` Yannick Duchêne (Hibou57)
2012-12-24 6:44 ` Yannick Duchêne (Hibou57)
2012-12-24 9:02 ` Dmitry A. Kazakov
2012-12-24 11:13 ` Yannick Duchêne (Hibou57)
2012-12-24 15:49 ` Exception contracts for Ada? Was: " Peter C. Chapin
2012-12-24 16:34 ` Dmitry A. Kazakov
2012-12-24 19:45 ` Exception contracts for Ada? Peter C. Chapin
2012-12-25 11:09 ` Dmitry A. Kazakov
2012-12-27 2:38 ` Randy Brukardt
2012-12-27 2:16 ` Exception contracts for Ada? Was: Re: Press Release - Ada 2012 Language Standard Approved by ISO Randy Brukardt
2012-12-27 15:03 ` Peter C. Chapin
2012-12-27 1:17 ` Randy Brukardt
2013-01-11 17:10 ` Marius Amado-Alves
2012-12-20 21:55 ` Anh Vo
2012-12-21 1:04 ` Bill Findlay
2012-12-18 23:24 ` Randy Brukardt
2012-12-19 8:35 ` Georg Bauhaus
2012-12-19 9:03 ` Dmitry A. Kazakov
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox