From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: *
X-Spam-Status: No, score=1.3 required=5.0 tests=BAYES_00,INVALID_MSGID,
	MSGID_RANDY autolearn=no autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,74b55538385b7366
X-Google-Attributes: gid103376,public
From: Robert Dewar <robert_dewar@my-deja.com>
Subject: Re: Ada safety road Was: Which is right ...
Date: 1999/06/09
Message-ID: <7jmddh$rv6$1@nnrp1.deja.com>#1/1
X-Deja-AN: 487580226
References: <928083159.436.79@news.remarQ.com>
 <m33e0el4vr.fsf@deneb.cygnus.stuttgart.netsurf.de>
 <928174549.336.98@news.remarQ.com> <7iuqkc$ln6$1@nnrp1.deja.com>
 <928529202.956.79@news.remarQ.com> <928569312.951.42@news.remarQ.com>
 <7jb1l9$694$1@nnrp1.deja.com> <928703068.617.98@news.remarQ.com>
 <1999Jun6.181633.1@eisner> <yecwvxfrb96.fsf@king.cts.com>
 <t7k8tfn2nm.fsf@calumny.jyacc.com> <wcc674yh8ut.fsf@world.std.com>
 <yeclndu44z8.fsf@king.cts.com> <7jlg6l$g6d$1@nnrp1.deja.com>
 <375E9592.32DA0709@averstar.com>
X-Http-Proxy: 1.0 x30.deja.com:80 (Squid/1.1.22) for client 205.232.38.14
Organization: Deja.com - Share what you know. Learn what you don't.
X-Article-Creation-Date: Wed Jun 09 18:56:56 1999 GMT
Newsgroups: comp.lang.ada
X-Http-User-Agent: Mozilla/4.04 [en] (OS/2; I)
Date: 1999-06-09T00:00:00+00:00
List-Id: <comp.lang.ada>

In article <375E9592.32DA0709@averstar.com>,
  Tucker Taft <stt@averstar.com> wrote:
> Robert Dewar wrote:
> Using an uninitialized variable is *not* erroneous in Ada 95.

OK, pedagogically correct, but let's see what the RM says

   11  If the representation of the object does not represent a
       value of
       the object's type, the semantics of operations on such
       representations is implementation-defined, but does not
       by itself lead to erroneous or unpredictable execution,
       or to other objects becoming abnormal.

OK, suppose that I have an implementation for the Alpha, where
the normal code for division by a small constant uses a jump
table depending on the constant value, and I do not feel like
doing a constraint check, e.g.

   subtype q is range 1 .. 5;
   qv : q;
   x : integer := ...
   r : integer := x / qv;

Now in my compiler documentation, the effect is implementation
defined, so let me define it. When the division operation is
executed, a four byte address is computed by loading the value
from a table ..... control is then passed to the code at this
four byte address. If the value is valid, the code will do the
required division, if the value is invalid, you must inspect the
generated object code to determine the actual code that will be
executed.

Very well defined! Completely predictable! Not erroneous!
Completely RM compliant! But not very helpful :-(

I perfectly well understand the attempt in the RM to cut back
on erroneousness here, but I am afraid it is a bit bogus in
this case.


Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.