From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=0.2 required=5.0 tests=BAYES_00,INVALID_MSGID, REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 109fba,b87849933931bc93 X-Google-Attributes: gid109fba,public X-Google-Thread: f43e6,b87849933931bc93 X-Google-Attributes: gidf43e6,public X-Google-Thread: fac41,b87849933931bc93 X-Google-Attributes: gidfac41,public X-Google-Thread: 1108a1,b87849933931bc93 X-Google-Attributes: gid1108a1,public X-Google-Thread: 103376,b87849933931bc93 X-Google-Attributes: gid103376,public X-Google-Thread: 114809,b87849933931bc93 X-Google-Attributes: gid114809,public From: "Norman H. Cohen" Subject: Re: OO, C++, and something much better! Date: 1997/01/17 Message-ID: <32DF9011.482B@watson.ibm.com>#1/1 X-Deja-AN: 210516320 references: <32DB90DC.41C67EA6@innocon.com> content-type: text/plain; charset=us-ascii organization: IBM Thomas J. Watson Research Center mime-version: 1.0 reply-to: ncohen@watson.ibm.com newsgroups: comp.lang.c++,comp.lang.smalltalk,comp.lang.eiffel,comp.lang.ada,comp.object,comp.software-eng x-mailer: Mozilla 3.0 (Win95; I) Date: 1997-01-17T00:00:00+00:00 List-Id: Don Harrison, referring to the fact that Ada subtype constraints are checked at run time, wrote: > ... it shows that Ada is not typesafe. Wrong. It shows that Ada is not subtype-safe. Anyone who expects otherwise does not understand how the term "subtype" is used in Ada. Long before Luca Cardelli used the term "subtype" to mean a type bearing a certain relationship to some other type, Ada used the term to mean a subset of the values of a given type, consisting of those values of the type obeying a particular constraint. In Ada, a subtype is not a kind of type, and distinctions between subtypes are qualitatively different from distinctions between types. It can be determined at compile time that the value of an expression belongs to a particular type, but it cannot in general be determined until run time whether the value of an expression obeys the constraint of a particular subtype. (Indeed, the answer may be different for different evaluations of the expression.) One cannot, in general, deduce from the fact that A and B belong to a particular subtype that A+B will as well. Ada subtypes are specifically meant to express assertions beyond those implicit in the type of an expression. These are assertions about values, assertions that cannot, in general, be checked until those values are generated. -- Norman H. Cohen mailto:ncohen@watson.ibm.com http://www.research.ibm.com/people/n/ncohen