From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM autolearn=unavailable autolearn_force=no version=3.4.4 X-Received: by 10.31.52.207 with SMTP id b198mr16417283vka.5.1459862265717; Tue, 05 Apr 2016 06:17:45 -0700 (PDT) X-Received: by 10.157.11.167 with SMTP id 36mr381338oth.17.1459862265549; Tue, 05 Apr 2016 06:17:45 -0700 (PDT) Path: eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!mx02.eternal-september.org!feeder.eternal-september.org!news.glorb.com!y89no11125877qge.0!news-out.google.com!ha2ni130igb.0!nntp.google.com!nt3no7974485igb.0!postnews.google.com!glegroupsg2000goo.googlegroups.com!not-for-mail Newsgroups: comp.lang.ada Date: Tue, 5 Apr 2016 06:17:45 -0700 (PDT) In-Reply-To: <3be79ab3-ebc7-4169-9713-d50349662403@googlegroups.com> Complaints-To: groups-abuse@google.com Injection-Info: glegroupsg2000goo.googlegroups.com; posting-host=2601:191:8201:bb5a:5985:2c17:9409:aa9c; posting-account=fdRd8woAAADTIlxCu9FgvDrUK4wPzvy3 NNTP-Posting-Host: 2601:191:8201:bb5a:5985:2c17:9409:aa9c References: <3be79ab3-ebc7-4169-9713-d50349662403@googlegroups.com> User-Agent: G2/1.0 MIME-Version: 1.0 Message-ID: <4b5fb0cb-2dbd-47c1-a5e2-41d4ffcab84e@googlegroups.com> Subject: Re: Uninitialized out parameters. From: rieachus@comcast.net Injection-Date: Tue, 05 Apr 2016 13:17:45 +0000 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Xref: news.eternal-september.org comp.lang.ada:29992 Date: 2016-04-05T06:17:45-07:00 List-Id: On Tuesday, April 5, 2016 at 8:02:51 AM UTC-4, ah...@marriott.org wrote: > Hi, >=20 > Is this a GNAT (GPL-2015) bug or my not understanding Ada? >=20 > I was surprised that I could compile > procedure Test (V : out Positive) is null; >=20 > and even more by the results of calling the procedure=20 >=20 > V : Positive; > begin > Test (V); > Ada.Text_IO.Put_Line ("V:" & V'img); >=20 > The value zero is output, which because V is positive should be impossibl= e. >=20 > I would have thought that null procedures with out parameters would fail = to compile.=20 >=20 > Opinions anyone? >=20 > MfG > Ahlan There are two issues here. One is whether this program is 'legal' Ada. Sho= rt answer, there are many, many more Ada programs than Ada programs that "m= ake sense." This is just another example. The second issue? Are compiler= s allowed to warn you about this code? Sure. But why allow it? Right now= I am working on a generic package where GNAT warns me that some of the cod= e in an instantiation will Constraint_Error if executed. But it can only be= reached if the generic is instantiated with a generic formal such that the= code will not raise an error. I'll add pragma Suppress (Index_Check) befo= re I'm done, but for now, if a fifth warning shows up, I'll know to be conc= erned. ;-) Is it possible to write code which will only raise an error if Fermat's Las= t Theorem is false? Sure, I've done it. I did it just to show that a prop= osal for elaboration order checking was flawed. The ARG navigates a fine l= ine between allowing all useful programs to be written, and requiring compi= lers to do tons of checks for unintended errors. Look for example at 6.5.1= Nonreturning procedures. Is it meaningful for a nonreturning procedure to set an out parameter? Sho= uld a compiler be required to make that check? (Either for or against.) Th= e answer is that Ada is used in many contexts where nonreturning procedures= are meaningful--I normally did so in flight guidance software. For manned= aircraft you certainly want to be sure that the main processing loop never= exits while power is on. But the intersection of a parameter check and no= nreturning procedures (whatever you would expect that check to do) is just = making unnecessary work for the compiler. Similarly a procedure may be cal= led with an out parameter that already has a value. So it is the programme= r's job to deal with the union of these issues in a sensible way. Could GNAT (or any other) compiler provide a warning? Sure, and it does: procedure NoSet is Counter: Positive; procedure Reset (V : out Positive; User_Check: Boolean :=3D True) is function Ask_User return Boolean is begin return True; end; -- TBD begin if User_Check and then Ask_User then return; end if; V :=3D 1; end Reset; begin Reset(Counter); end NoSet; gnatmake -O3 noset.adb gcc -c -O3 noset.adb noset.adb:7:42: warning: "out" parameter "V" not set before return gnatbind -x noset.ali gnatlink noset.ali -O3 Compilation finished at Tue Apr 05 09:13:54