From: bill@valiant (R.A.L Williams)
Subject: Memory overwrite?
Date: 24 Jan 1995 12:47:44 GMT
Date: 1995-01-24T12:47:44+00:00 [thread overview]
Message-ID: <3g2stg$i0u@miranda.gmrc.gecm.com> (raw)
In article <1995Jan18.182039.7324@wdl.loral.com> Mark Biggar wrote:
[original post and a reply deleted]
: Actually the most likely reason for this is an uninitialized variable used
: as an array index. In Ada 83 the following code fragment can write anywhere
: in memory and may well not raise an exception:
: declare
: subtype index is integer range 1..10;
: type table is array (index) of integer;
: a: table;
: i: index;
: begin
: a(i) := 0;
: end;
: An aggressive optimizer will eliminate any checks from the above code.
: Even putting an explisit if statement around it doesn't help:
OK, I can see how an optimiser *could* do that, and, of course, RM9x
section 3.3.1 says that 'There is no implicit initial value defined
for a scalar subtype ... might have a value which does not belong to
that subtype' (para 21). I'm a little suprised, however, that the
compiler isn't expected to perform a simple data flow analysis and
generate a warning about use of uninitialised variables. You're quite
right though, I can't find anything in RM9x which says it should, and
I'm pretty sure there was nothing in the Ada83 LRM.
: if i in index then
: a(i) := 0;
: else
: raise constraint_error;
: end if;
: because an aggressive optimizer will notice that the if test is always true
: (in the absence of uninitialized variables, but uninitialized variables
: are erroneous, which allow any behaviour, so it can ignore the problem)
: and eliminate the test and the else branch completely.
GCC can tell me about the possible use of uninitialised variables. It
produces a warning because the analysis is not sophisticated enough to
follow all the possible paths. Can GNAT do this as well ? Perhaps I'll
try your example out with GNAT and see what it does.
: Ada95 add the 'valid attribute to handle this problem.
Yes, this is a good idea. In another thread I've been gently pushing
the notion that use of Ada does not eliminate the use of good SWE principles.
It looks like you've found another example of where the sort of error
that other languages are always being blamed for can occur in Ada.
: --
: Mark Biggar
: mab@wdl.lroal.com
Bill Williams
next reply other threads:[~1995-01-24 12:47 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
1995-01-24 12:47 R.A.L Williams [this message]
1995-01-25 16:31 ` Memory overwrite? Robert A Duff
1995-01-25 19:01 ` Tucker Taft
1995-01-25 21:24 ` Robert Dewar
1995-01-30 17:06 ` Theodore E. Dennison
1995-02-01 12:25 ` Robert Dewar
-- strict thread matches above, loose matches on Subject: below --
1995-01-26 13:05 R.A.L Williams
1995-01-27 14:01 ` Robert A Duff
1995-01-28 22:49 ` Robert Dewar
1995-01-30 14:16 ` Robert A Duff
1995-02-01 23:00 ` Matt Kennel
1995-01-28 5:54 ` Robert Dewar
1995-01-13 8:35 Rick Wouters
[not found] ` <3fe5cp$fnq@theopolis.orl.mmc.com>
1995-01-18 18:20 ` Mark A Biggar
1995-01-20 5:19 ` Robert Dewar
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox