* Curiosity about rage checking
@ 2008-02-07 8:17 framefritti
2008-02-07 8:45 ` Maciej Sobczak
` (3 more replies)
0 siblings, 4 replies; 8+ messages in thread
From: framefritti @ 2008-02-07 8:17 UTC (permalink / raw)
Dear *,
this morning, while I was shaving myself, a curiosity about array
access checking in Ada came to my mind...
Consider the following piece of code
for I in A..B loop --
<--------------------+
Put_Line("Assigning entry for I=" & Integer'Image(I));
-- |
-- |
X(I) := 0; -- <== Access checking for this assignement could
be moved here--+
end loop
As explained in the fancy comment (I hope you are seeing it with a
fixed-size font :-) the check for
index overflow in the access to X could be done _outside_ the for
loop, saving some computational
effort.
My question is: is an Ada compiler allowed to move the check outside
the loop?
Let me raise few objections myself
1. The saving is not very important
But it comes for free (it seems to me). Moreover, the type
of array access used above is (in my
opinion) very common.
2. Moving the check outside the loop changes the program behaviour
if, for example, X index ranges from 1 to 5, A=3 and B=6,
with the check inside the loop 3
iterations are done (and 3 lines are printed), while with the check
outside the loop no iteration is
done. Therefore, the program behaves differently. However, the
program is buggy anyway, and
maybe we are not so interested in preserving the behaviour of wrong
programs....
3. It make debugging harder
This is a good objection since the exception is raised _before_
(and sometimes much before) the
error actually happens. Maybe one could use usual access checking
during the debug phase, while
keeping "optimized" checking in the production phase.
Thank you 2#10_0000_0000#
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Curiosity about rage checking
2008-02-07 8:17 Curiosity about rage checking framefritti
@ 2008-02-07 8:45 ` Maciej Sobczak
2008-02-07 9:55 ` Jean-Pierre Rosen
` (2 subsequent siblings)
3 siblings, 0 replies; 8+ messages in thread
From: Maciej Sobczak @ 2008-02-07 8:45 UTC (permalink / raw)
On 7 Lut, 09:17, "framefri...@gmail.com" <framefri...@gmail.com>
wrote:
> Consider the following piece of code
>
> for I in A..B loop --
> <--------------------+
> Put_Line("Assigning entry for I=" & Integer'Image(I));
> -- |
>
> -- |
> X(I) := 0; -- <== Access checking for this assignement could
> be moved here--+
> end loop
>
> As explained in the fancy comment (I hope you are seeing it with a
> fixed-size font :-)
Fixed-size font is one thing, the fixed-length display system is
another. :-)
> the check for
> index overflow in the access to X could be done _outside_ the for
> loop, saving some computational
> effort.
Yes, but see below.
> My question is: is an Ada compiler allowed to move the check outside
> the loop?
It allowed to do so if it can prove that the check will never fail
inside the loop, in which case the programmer cannot tell the
difference.
> 1. The saving is not very important
It is!
> 2. Moving the check outside the loop changes the program behaviour
In which case it should not be done.
If the compiler can prove statically that A and B are withing the
range of X's index type, then the behaviour does *not* change (all
checks are OK anyway). Otherwise the compiler cannot do any
optimization.
> However, the
> program is buggy anyway
Why? Exceptions are language events that not necessarily indicate
errors in the sense of not meeting the specification of the system.
Progammer might actually *expect* the exception to be risen.
In this context, optimizations can be reasonably applied only when the
compiler can prove that the visible behaviour (except performance)
will not change. [*]
There are, however, some places where it makes sense to optimize with
changing the visible behaviour - for example eliminating the
intermediate object that is used in the assignment of controlled types
makes sense even though it can lead to different behaviour.
--
Maciej Sobczak * www.msobczak.com * www.inspirel.com
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Curiosity about rage checking
2008-02-07 8:17 Curiosity about rage checking framefritti
2008-02-07 8:45 ` Maciej Sobczak
@ 2008-02-07 9:55 ` Jean-Pierre Rosen
2008-02-07 10:36 ` framefritti
2008-02-07 15:57 ` Adam Beneschan
2008-02-07 16:45 ` Robert A Duff
2008-02-07 16:54 ` Adam Beneschan
3 siblings, 2 replies; 8+ messages in thread
From: Jean-Pierre Rosen @ 2008-02-07 9:55 UTC (permalink / raw)
framefritti@gmail.com a �crit :
> [..]
>
> My question is: is an Ada compiler allowed to move the check outside
> the loop?
This question is addressed in the (in)famous paragraph 11.6. If you
don't understand exactly what it says, don't worry, you are not alone...
But the important issue is that compilers are unlikely to perform that
optimization. Why? Because optimization is a matter of improving what's
normally used. And any decent Ada programmer should write that loop as:
for I in X'range loop...
Where the optimization becomes trivial
--
---------------------------------------------------------
J-P. Rosen (rosen@adalog.fr)
Visit Adalog's web site at http://www.adalog.fr
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Curiosity about rage checking
2008-02-07 9:55 ` Jean-Pierre Rosen
@ 2008-02-07 10:36 ` framefritti
2008-02-07 11:21 ` Dmitry A. Kazakov
2008-02-07 15:57 ` Adam Beneschan
1 sibling, 1 reply; 8+ messages in thread
From: framefritti @ 2008-02-07 10:36 UTC (permalink / raw)
Jean-Pierre Rosen ha scritto:
> framefritti@gmail.com a �crit :
> > [..]
> >
> > My question is: is an Ada compiler allowed to move the check outside
> > the loop?
>
> This question is addressed in the (in)famous paragraph 11.6. If you
> don't understand exactly what it says, don't worry, you are not alone...
>
> But the important issue is that compilers are unlikely to perform that
> optimization. Why? Because optimization is a matter of improving what's
> normally used. And any decent Ada programmer should write that loop as:
>
> for I in X'range loop...
>
> Where the optimization becomes trivial
I agree, and that is what I usually do, but there are times when you
want to loop
over a limited part of X or not in the usual order (e.g., transposing
a matrix stored (for whatever
reason) as a one-dimensional array)
> --
> ---------------------------------------------------------
> J-P. Rosen (rosen@adalog.fr)
> Visit Adalog's web site at http://www.adalog.fr
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Curiosity about rage checking
2008-02-07 10:36 ` framefritti
@ 2008-02-07 11:21 ` Dmitry A. Kazakov
0 siblings, 0 replies; 8+ messages in thread
From: Dmitry A. Kazakov @ 2008-02-07 11:21 UTC (permalink / raw)
On Thu, 7 Feb 2008 02:36:01 -0800 (PST), framefritti@gmail.com wrote:
> Jean-Pierre Rosen ha scritto:
>
>> framefritti@gmail.com a �crit :
>>> [..]
>>>
>>> My question is: is an Ada compiler allowed to move the check outside
>>> the loop?
>>
>> This question is addressed in the (in)famous paragraph 11.6. If you
>> don't understand exactly what it says, don't worry, you are not alone...
>>
>> But the important issue is that compilers are unlikely to perform that
>> optimization. Why? Because optimization is a matter of improving what's
>> normally used. And any decent Ada programmer should write that loop as:
>>
>> for I in X'range loop...
>>
>> Where the optimization becomes trivial
>
> I agree, and that is what I usually do, but there are times when you
> want to loop
> over a limited part of X or not in the usual order (e.g., transposing
> a matrix stored (for whatever
> reason) as a one-dimensional array)
You still can follow that path:
Assuming that X is array (Integer range <>) of something real (:-)):
subtype Domain is Integer range X'Range;
subtype Subdomain is Domain range Domain'First + 1..Domain'Last - 1;
begin
for I in Subdomain loop
X (I) := 0.0; -- The compiler should know that I is from X'Range
end loop;
--
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Curiosity about rage checking
2008-02-07 9:55 ` Jean-Pierre Rosen
2008-02-07 10:36 ` framefritti
@ 2008-02-07 15:57 ` Adam Beneschan
1 sibling, 0 replies; 8+ messages in thread
From: Adam Beneschan @ 2008-02-07 15:57 UTC (permalink / raw)
On Feb 7, 1:55 am, Jean-Pierre Rosen <ro...@adalog.fr> wrote:
> And any decent Ada programmer should write that loop as:
>
> for I in X'range loop...
If X'First /= A or X'Last /= B, then I think you'd have to be a pretty
*indecent* Ada programmer to write the loop the way you just did.
-- Adam
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Curiosity about rage checking
2008-02-07 8:17 Curiosity about rage checking framefritti
2008-02-07 8:45 ` Maciej Sobczak
2008-02-07 9:55 ` Jean-Pierre Rosen
@ 2008-02-07 16:45 ` Robert A Duff
2008-02-07 16:54 ` Adam Beneschan
3 siblings, 0 replies; 8+ messages in thread
From: Robert A Duff @ 2008-02-07 16:45 UTC (permalink / raw)
"framefritti@gmail.com" <framefritti@gmail.com> writes:
> My question is: is an Ada compiler allowed to move the check outside
> the loop?
Yes. However, if A > B (i.e. the loop will go around zero times), then
the compiler must make sure the exception is not raised.
> 2. Moving the check outside the loop changes the program behaviour
RM-11.6 allows certain behavior changes. Exceptions can be moved
around, for example, so long as the right handler applies.
See AARM-1.1.2(39.c) for the difference between "behavior" and
"semantics".
> 3. It make debugging harder
The RM says almost nothing about debugging. But Ada compilers typically
have a no-optimize switch that suppresses optimizations that would harm
debugging.
- Bob
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Curiosity about rage checking
2008-02-07 8:17 Curiosity about rage checking framefritti
` (2 preceding siblings ...)
2008-02-07 16:45 ` Robert A Duff
@ 2008-02-07 16:54 ` Adam Beneschan
3 siblings, 0 replies; 8+ messages in thread
From: Adam Beneschan @ 2008-02-07 16:54 UTC (permalink / raw)
On Feb 7, 12:17 am, "framefri...@gmail.com" <framefri...@gmail.com>
wrote:
> Dear *,
> this morning, while I was shaving myself, a curiosity about array
> access checking in Ada came to my mind...
>
> Consider the following piece of code
>
> for I in A..B loop --
> <--------------------+
> Put_Line("Assigning entry for I=" & Integer'Image(I));
> -- |
>
> -- |
> X(I) := 0; -- <== Access checking for this assignement could
> be moved here--+
> end loop
>
> As explained in the fancy comment (I hope you are seeing it with a
> fixed-size font :-)
I am, but it doesn't help; I use Google Groups to read Usenet, and it
is wrapping at an inconvenient place. Your example is just too wide---
sorry. I guess that's what happens when you try to post a question
and shave at the same time. (On the other hand, if you're having
problems with "rage checking", I really should be very careful about
what I say to you :) :) :) :) :)
-- Adam
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2008-02-07 16:54 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2008-02-07 8:17 Curiosity about rage checking framefritti
2008-02-07 8:45 ` Maciej Sobczak
2008-02-07 9:55 ` Jean-Pierre Rosen
2008-02-07 10:36 ` framefritti
2008-02-07 11:21 ` Dmitry A. Kazakov
2008-02-07 15:57 ` Adam Beneschan
2008-02-07 16:45 ` Robert A Duff
2008-02-07 16:54 ` Adam Beneschan
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox