From: Georg Bauhaus <rm.dash-bauhaus@futureapps.de>
Subject: Re: Operation can be dispatching in only one type
Date: Tue, 01 Dec 2009 18:52:15 +0100
Date: 2009-12-01T18:52:16+01:00 [thread overview]
Message-ID: <4b1557d0$0$7623$9b4e6d93@newsspool1.arcor-online.net> (raw)
In-Reply-To: <19nhib6rmun1x$.13vgcbhlh0og9$.dlg@40tude.net>
Dmitry A. Kazakov schrieb:
> On Tue, 01 Dec 2009 16:02:21 +0100, Georg Bauhaus wrote:
>
>> Dmitry A. Kazakov schrieb:
>>> On Tue, 01 Dec 2009 13:13:29 +0100, Georg Bauhaus wrote:
>>>
>>>> Then we could rely on the language: compilers will detect
>>>> uninitialized variables provided these do not have a pragma/keyword/...
>>>> to say that uninitialized is what the programmer wants.
>>>> Some fancy means to tell the compiler that this variable
>>>> does indeed have a good first value like pragma Import.
>>>>
>>>> X : [constant] Car; -- default init,
>>> The error is here!
>>>> -- undefined,
>>>> -- junk bits. Doesn't matter
>>>> -- *no* pragma Import (Ada, X);
>>>>
>>>> begin
>>>>
>>>> Spare := X.Tire (5); -- would become illegal,
>>> Not here!
>> Why?
>
> Because X is illegal right after begin:
>
> IF accessing X is illegal THEN the corresponding operation does not belong
> to the type of X THEN the type of X is not Car. q.e.d.
But the implications of this proof are purely formal,
and not relevant before X is used.
There is no way to perform an operation involving X in
its own declaration.
The difference in views would be that your laws say Don't
create objects that could be used illegally if there
were uses that can't be there, though, but for formal reasons.
Whereas Java's ruling says (at compile time) Your program
cannot be accepted because this object cannot be in
a legal state here. The variable may not have been assigned
a value.
> (Provided, we are talking about a typed language)
I think there is more in what you say than what is covered
by the words "typed language"?
>>> -------------------------
>>> Anyway, you cannot do that because:
>>>
>>> if HALT (P) then
>>> X := Z;
>>> end if;
>>> Y := X; -- Is this legal?
>> (HALT is a run-time issue that has no impact here.)
>
> If you cannot decide if X is "initialized",
But I can decide whether (and when!) X is "initialized"!
The compiler does not need to run HALT in order
to see that X may not have been initialized when the condition
is not true. The program is not accepted because it may lack
an assignment to X before Y := X for much simpler reasons.
In fact, SPARK marks it as error. I made a simple example,
a procedure that does or does not assign depending
on an unknown Boolean Condition parameter:
1 package body Asgn is
2
3 procedure Exmpl (Condition: Boolean; Result : out Integer) is
4 X : Integer;
5 begin
6 if Condition then
7 X := 42;
8 end if;
9
10 Result := X / 2;
^1
??? ( 1) Flow Error :501: Expression contains reference(s) to
variable X,
which may have an undefined value.
11 end Exmpl;
??? ( 2) Flow Error :602: The undefined initial value of X may be
used in
the derivation of Result.
12
13 end Asgn;
What the new rule would do is merge the two messages into one
message about X that may not have a value yet: An "undefined
initial value" MUST not be used like it is used on line 10.
The (different) Ada language rule will forbid.
>> While this snippet would not be legal as is (on purpose!),
>> Ada's case coverage rules can make the programmer write a
>> legal program easily: write an else branch!
>
> And this one:
>
> procedure Foo (X : in out Car);
> ...
> begin
> Foo (X);
> Y := X; -- Is this legal?
Yes, this is legal, because Foo is called with X having been
assigned a value. It cannot be otherwise, the recursion has to
start somewhere. It can only start with an actual parameter
that has a value (again, the compiler can check this).
> And if Foo were declared as
>
> procedure Foo (X : out Car);
We'd have roughly the same as this:
X : Car;
begin
X := Foo_as_function; -- now X can be used
I see no operational problem. Is there one?
>>>> Does the phrase "first value" make sense?
>>> An object shall not have invalid values. All values are valid if the
>>> language is typed. Enforcing user-defined construction including
>>> prohibition of certain kinds of construction (e.g. per default constructor)
>>> is a different story.
>> If you feed this to a Java compiler you will see how it is done.
>> The Java compiler will not accept a reference to a variable's
>> component when the variable may not have been initialized.
>
> I consider this model wrong. It is better not to introduce inappropriate
> values rather than trying to catch them later.
The Java rule works at compile time. No value is introduced at any
time during compilation. Nothing to catch. A reference to a
variable in source text is permitted if and only if the compiler can show,
by following simple compile time rules, that a value has been assigned
to the variable or constant prior to referencing. It need not evaluate
calls (i.e. run the program) to arrive at a decision.
> Java does not have
> constrained types, so I can understand why they go this way.
Ehm, I don't see the connection here. Which one is it?
When I declare
X : Some_Type(Some_Constraint);
begin
-- X may need further "initilization", and assigments, since
-- Some_Type is an "open minded" type of a varying nature,
-- not a fixed value. Its objects accumulate values.
> I also think that forward uninitialized declarations represent bad
> style, e.g.:
>
> function Foo (...) return Bar is
> Result : Bar;
> begin
> ...
> if ... then
> raise Baz;
> end if;
> ...
> Result := ...;
> ...
> return Result;
> end Foo;
>
> I understand the motivation to declare Result uninitialized (because we
> could leave Foo via an exception), but I don't like this.
>
But assigning the first value when declaring X won't help
when the initialization can raise exceptions. How could this change?
When the body of Foo gradually operates on Result to produce
its final state (in a safe way because no reference can be
made to Result or its parts without prior assignments), why
should I pretend that any valid initial value for Result,
provided by an initialization expression, is
better than its default value? (Assuming that I cannot
refer to "invalid" components of objects because the compiler
will simply reject a program that might try.)
next prev parent reply other threads:[~2009-12-01 17:52 UTC|newest]
Thread overview: 132+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-11-13 20:12 Operation can be dispatching in only one type xorque
2009-11-13 20:34 ` Dmitry A. Kazakov
2009-11-13 20:43 ` xorque
2009-11-13 21:14 ` Dmitry A. Kazakov
2009-11-13 20:44 ` xorque
2009-11-16 17:43 ` Adam Beneschan
2009-11-16 20:28 ` Dmitry A. Kazakov
2009-11-16 20:32 ` Dmitry A. Kazakov
2009-11-16 21:35 ` Adam Beneschan
2009-11-16 22:28 ` Dmitry A. Kazakov
2009-11-17 22:10 ` Adam Beneschan
2009-11-18 9:46 ` Dmitry A. Kazakov
2009-11-18 16:39 ` Adam Beneschan
2009-11-18 19:21 ` Dmitry A. Kazakov
2009-11-19 0:27 ` Randy Brukardt
2009-11-19 2:11 ` Robert A Duff
2009-11-19 15:57 ` Adam Beneschan
2009-11-19 19:39 ` Robert A Duff
2009-11-19 23:43 ` Randy Brukardt
2009-11-19 8:50 ` Dmitry A. Kazakov
2009-11-19 23:54 ` Randy Brukardt
2009-11-20 8:34 ` Dmitry A. Kazakov
2009-11-20 10:58 ` Jean-Pierre Rosen
2009-11-21 6:02 ` Randy Brukardt
2009-11-21 13:07 ` Dmitry A. Kazakov
2009-11-22 5:45 ` xorque
2009-11-22 11:25 ` Georg Bauhaus
2009-11-22 11:30 ` xorque
2009-11-22 16:25 ` Dmitry A. Kazakov
2009-11-22 16:27 ` xorque
2009-11-22 16:42 ` Dmitry A. Kazakov
2009-11-22 16:52 ` xorque
2009-11-22 17:41 ` Dmitry A. Kazakov
2009-11-22 18:03 ` xorque
2009-11-22 18:08 ` xorque
2009-11-22 18:28 ` Dmitry A. Kazakov
2009-11-22 18:41 ` xorque
2009-11-22 21:47 ` Robert A Duff
2009-11-23 3:42 ` stefan-lucks
2009-11-30 20:36 ` Robert A Duff
2009-11-30 23:54 ` (see below)
2009-12-01 12:13 ` Georg Bauhaus
2009-12-01 12:23 ` Georg Bauhaus
2009-12-01 12:44 ` Georg Bauhaus
2009-12-01 13:48 ` Dmitry A. Kazakov
2009-12-01 15:02 ` Georg Bauhaus
2009-12-01 16:18 ` Dmitry A. Kazakov
2009-12-01 17:52 ` Georg Bauhaus [this message]
2009-12-01 18:47 ` Dmitry A. Kazakov
2009-12-01 21:53 ` John B. Matthews
2009-12-02 0:32 ` Georg Bauhaus
2009-12-02 11:18 ` John B. Matthews
2009-12-02 14:29 ` Jean-Pierre Rosen
2009-12-02 15:35 ` Georg Bauhaus
2009-12-02 1:13 ` Georg Bauhaus
2009-12-02 9:07 ` Dmitry A. Kazakov
2009-12-02 12:35 ` John B. Matthews
2009-12-02 13:35 ` Dmitry A. Kazakov
2009-12-03 5:23 ` Randy Brukardt
2009-12-03 20:21 ` John B. Matthews
2009-12-03 5:29 ` Randy Brukardt
2009-12-03 11:24 ` Georg Bauhaus
2009-12-03 23:08 ` Randy Brukardt
2009-12-04 8:52 ` Dmitry A. Kazakov
2009-12-05 2:45 ` Randy Brukardt
2009-12-05 10:32 ` Dmitry A. Kazakov
2009-12-08 0:19 ` Randy Brukardt
2009-12-08 4:30 ` stefan-lucks
2009-12-08 9:12 ` Dmitry A. Kazakov
2009-12-10 4:09 ` Randy Brukardt
2009-12-11 0:10 ` Robert A Duff
2009-12-08 9:22 ` Dmitry A. Kazakov
2009-12-08 10:06 ` Georg Bauhaus
2009-12-08 10:23 ` Dmitry A. Kazakov
2009-12-08 10:33 ` Georg Bauhaus
2009-12-08 10:49 ` Dmitry A. Kazakov
2009-12-01 23:51 ` Randy Brukardt
2009-11-23 8:52 ` Dmitry A. Kazakov
2009-11-30 20:43 ` Robert A Duff
2009-12-01 9:00 ` Dmitry A. Kazakov
2009-12-01 5:45 ` stefan-lucks
2009-12-01 11:12 ` Dmitry A. Kazakov
2009-12-01 8:01 ` stefan-lucks
2009-12-01 13:37 ` Dmitry A. Kazakov
2009-12-15 23:54 ` Robert A Duff
2009-11-23 7:48 ` Georg Bauhaus
2009-11-23 7:58 ` Georg Bauhaus
2009-11-19 16:04 ` Adam Beneschan
2009-11-19 2:23 ` tmoran
2009-11-19 8:32 ` Dmitry A. Kazakov
-- strict thread matches above, loose matches on Subject: below --
2015-11-23 10:23 operation " Serge Robyns
2015-11-23 11:29 ` Dmitry A. Kazakov
2015-11-23 13:05 ` Serge Robyns
2015-11-23 13:48 ` Dmitry A. Kazakov
2015-11-23 14:16 ` Serge Robyns
2015-11-23 14:59 ` G.B.
2015-11-23 15:52 ` Dmitry A. Kazakov
2015-11-23 17:40 ` Jeffrey R. Carter
2015-11-24 9:08 ` Serge Robyns
2015-11-24 16:44 ` AdaMagica
2015-11-24 17:09 ` Jeffrey R. Carter
2015-11-24 18:37 ` Serge Robyns
2015-11-24 20:18 ` Jeffrey R. Carter
2015-11-24 20:40 ` Serge Robyns
2015-11-24 20:25 ` Niklas Holsti
2015-11-24 21:48 ` Jeffrey R. Carter
2015-11-25 8:24 ` Dmitry A. Kazakov
2015-11-25 11:22 ` Serge Robyns
2015-11-25 17:38 ` Dmitry A. Kazakov
2015-11-26 11:30 ` Serge Robyns
2015-11-26 13:14 ` Dmitry A. Kazakov
2015-11-26 14:27 ` Serge Robyns
2015-11-26 15:16 ` J-P. Rosen
2015-11-26 18:27 ` Serge Robyns
2015-11-26 21:20 ` J-P. Rosen
2015-11-27 8:37 ` Dmitry A. Kazakov
2015-11-27 12:58 ` J-P. Rosen
2015-11-27 13:39 ` Dmitry A. Kazakov
2015-11-30 22:22 ` Randy Brukardt
2015-12-01 8:46 ` Dmitry A. Kazakov
2015-12-01 11:19 ` G.B.
2015-12-01 13:56 ` Dmitry A. Kazakov
2015-12-01 16:05 ` G.B.
2015-12-01 17:58 ` Dmitry A. Kazakov
2015-12-02 13:06 ` G.B.
2015-12-02 13:31 ` Dmitry A. Kazakov
2015-12-02 19:33 ` Randy Brukardt
2015-12-02 19:27 ` Randy Brukardt
2015-11-29 17:59 ` Jacob Sparre Andersen
2015-11-30 22:29 ` Randy Brukardt
2015-11-25 12:27 ` G.B.
2015-11-25 17:25 ` Dmitry A. Kazakov
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox