From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM
	autolearn=unavailable autolearn_force=no version=3.4.4
X-Received: by 10.140.94.37 with SMTP id f34mr20465266qge.0.1459951748117;
        Wed, 06 Apr 2016 07:09:08 -0700 (PDT)
X-Received: by 10.182.45.163 with SMTP id o3mr472251obm.6.1459951748076; Wed,
 06 Apr 2016 07:09:08 -0700 (PDT)
Path: 
 eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!mx02.eternal-september.org!feeder.eternal-september.org!news.glorb.com!7no82593qgj.0!news-out.google.com!ha2ni207igb.0!nntp.google.com!nt3no8299820igb.0!postnews.google.com!glegroupsg2000goo.googlegroups.com!not-for-mail
Newsgroups: comp.lang.ada
Date: Wed, 6 Apr 2016 07:09:07 -0700 (PDT)
In-Reply-To: <e7ddc5a9-17d7-46f4-838a-994b61380b0b@googlegroups.com>
Complaints-To: groups-abuse@google.com
Injection-Info: glegroupsg2000goo.googlegroups.com;
 posting-host=193.163.1.105;
 posting-account=Srm5lQoAAAAEMX9rv2ilEKR6FDPapmSq
NNTP-Posting-Host: 193.163.1.105
References: <3be79ab3-ebc7-4169-9713-d50349662403@googlegroups.com>
 <a99cbcf8-8a5c-41c4-a62b-519f0d3aec60@googlegroups.com>
 <e7ddc5a9-17d7-46f4-838a-994b61380b0b@googlegroups.com>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <849d62b1-3440-4229-bc52-23ee346fda74@googlegroups.com>
Subject: Re: Uninitialized out parameters.
From: Mark Lorenzen <mark.lorenzen@gmail.com>
Injection-Date: Wed, 06 Apr 2016 14:09:08 +0000
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Xref: news.eternal-september.org comp.lang.ada:30010
Date: 2016-04-06T07:09:07-07:00
List-Id: <comp.lang.ada>

On Wednesday, April 6, 2016 at 3:44:08 PM UTC+2, ah...@marriott.org wrote:
> If there are no null functions because a return value has to be construct=
ed then surely the same applies to null procedures that have out parameters=
. These too should be prohibited because they too require that a value has =
to be constructed. If not prohibited then at least Program_Error should be =
raised and ideally a warning is generated by the compiler warning that call=
ing the null procedure will always raise Program_Error.
> Currently GNAT simply returns "something" - zero or null that sometimes e=
scapes detection. This is NOT desirable.

It would of course be useful if GNAT would issue a warning, but it would on=
ly solve the (somewhat conceived) example of a null procedure with an out p=
arameter. There are more interesting situations where an out parameter or v=
ariable may end up having an undefined value.

If you want to write bullet-proff software you should maybe have a look at =
the SPARK 2014 subset of Ada and the related tools (GNATprove).

Anyway, you can suggest to AdaCore that GNAT should issue a warning in your=
 example.

Regards,
Mark L