From: Antti Sykari <jsykari@gamma.hut.fi>
Subject: Ada style of passing 'in' parameters considered dangerous?
Date: Sat, 08 Feb 2003 22:24:03 GMT
Date: 2003-02-08T22:24:03+00:00 [thread overview]
Message-ID: <86isvuzabx.fsf@hoastest1-8c.hoasnet.inet.fi> (raw)
Hello,
I recently asked in comp.compilers advice about implementing a
parameter passing policy for a rather close-to-machine language. My
suggestion for the method of passing 'in' parameters to procedures
was: Pass everything as readonly by default, and leave the
by-reference/by-copy decision to the compiler.
It was pointed out that Ada already has this kind of policy. In one
reply (<03-01-169@comp.compilers>), it was mentioned that it is a
time-bomb in Ada, since it permits the programmer to write code that
is erroneous but the compiler cannot detect this. Indeed, the
standard ([1]) says that if an object has been passed via an
unspecified parameter passing mechanism, is written via one access
path and read via another, "possible consequences are that
Program_Error is raised, or the newly assigned value is read, or some
old value of the object is read".
For example, in the simplest case, a procedure can take a readonly
'in' argument "arg1" of type X, and an "in out" argument of the same
type. Then, if it writes in arg2 and after that reads arg1, this might
cause a run-time error or other implementation-defined behavior -- but
only if the procedure is called with two identical arguments.
Of course, the erroneous behavior might occur in a more subtle way,
which is not expected to happen. I just can't think of any realistic
example where this undefinedness would really hurt.
My concerns here are:
- Is this generally considered a dangerous thing in Ada (or in
general)?
- Have you encountered a non-trivial real-life case where the
programmer has shot himself in the foot in the form of
implementation-defined behavior because of the error mentioned above?
I'd be interested to hear of any such cases.
- If there are such cases, could it have been prevented by having
different policy in the language? Do you think it would've been
better to force the programmer to specify the parameter passing
mechanism, for example?
Thanks in advance,
Antti Syk�ri
[1] http://www.adaic.org/standards/95aarm/html/AA-6-2.html#I3062
next reply other threads:[~2003-02-08 22:24 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-02-08 22:24 Antti Sykari [this message]
2003-02-09 0:41 ` Ada style of passing 'in' parameters considered dangerous? James S. Rogers
2003-02-09 2:11 ` Robert A Duff
2003-02-09 2:25 ` Jeffrey Carter
2003-02-11 8:39 ` Gautier
2003-02-09 2:01 ` Robert A Duff
2003-02-09 2:33 ` Vinzent Hoefler
2003-02-09 6:07 ` Richard Riehle
2003-02-09 7:13 ` Robert I. Eachus
2003-02-10 4:40 ` Martin Dowie
2003-02-09 2:08 ` Jeffrey Carter
2003-02-10 0:13 ` Leif Holmgren
2003-02-10 9:49 ` Rod Chapman
2003-02-11 9:14 ` Gautier
2003-02-11 13:49 ` Antti Sykari
2003-02-11 17:18 ` Gautier
2003-02-11 17:29 ` Vinzent Hoefler
2003-02-12 1:09 ` Richard Riehle
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox