From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM
	autolearn=ham autolearn_force=no version=3.4.4
X-Google-Thread: a07f3367d7,c91e482ae6ca8d4b
X-Google-Attributes: gida07f3367d7,public,usenet
X-Google-NewGroupId: yes
X-Google-Language: ENGLISH,ASCII
Path: 
 g2news2.google.com!postnews.google.com!s16g2000vbp.googlegroups.com!not-for-mail
From: Phil Thornley <phil.jpthornley@googlemail.com>
Newsgroups: comp.lang.ada
Subject: Re: Clarification for SPARK postconditions on hidden subprograms.
Date: Fri, 26 Jun 2009 03:32:59 -0700 (PDT)
Organization: http://groups.google.com
Message-ID: 
 <877cb1ea-bf74-4e8b-8bda-83f788f4d5f2@s16g2000vbp.googlegroups.com>
References: <898abcf6-7315-4015-9d73-d9365a870294@v2g2000vbb.googlegroups.com>
	<2bcddeb9-4823-469b-b496-d37f183fd929@s16g2000vbp.googlegroups.com>
	<b5695e1d-8385-4820-a710-94d269f0ddb3@r25g2000vbn.googlegroups.com>
NNTP-Posting-Host: 80.177.171.182
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Trace: posting.google.com 1246012383 1401 127.0.0.1 (26 Jun 2009 10:33:03
 GMT)
X-Complaints-To: groups-abuse@google.com
NNTP-Posting-Date: Fri, 26 Jun 2009 10:33:03 +0000 (UTC)
Complaints-To: groups-abuse@google.com
Injection-Info: s16g2000vbp.googlegroups.com; posting-host=80.177.171.182;
	posting-account=Fz1-yAoAAACc1SDCr-Py2qBj8xQ-qC2q
User-Agent: G2/1.0
X-HTTP-UserAgent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1;
	Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727),gzip(gfe),gzip(gfe)
Xref: g2news2.google.com comp.lang.ada:6637
Date: 2009-06-26T03:32:59-07:00
List-Id: <comp.lang.ada>

On 26 June, 10:29, xorque <xorquew...@googlemail.com> wrote:
[...]
> Moving the annotation has, of course, highlighted an apparent error
> on my part:
>
> =A0 82 =A0 =A0 =A0--# post ((Descriptor =A0=3D -1) -> (Error.Get_Error /=
=3D
> Error.Error_None)) or
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =
=A0 =A0 =A0 =A0^
> *** =A0 =A0 =A0 =A0Semantic Error =A0 =A0: =A03: Incorrect number of actu=
al
> parameters for call
> =A0 =A0 =A0 =A0 =A0 =A0of subprogram Get_Error.
>
> =A0 83 =A0 =A0 =A0--# =A0 =A0 =A0((Descriptor /=3D -1) -> (Error.Get_Erro=
r =A0=3D
> Error.Error_None));
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =
=A0 =A0 =A0 =A0^
> *** =A0 =A0 =A0 =A0Semantic Error =A0 =A0: =A03: Incorrect number of actu=
al
> parameters for call
> =A0 =A0 =A0 =A0 =A0 =A0of subprogram Get_Error.
>
> Does SPARK take issue with parameterless functions? Not unreasonable
> at all if this is the case, as SPARK should probably see them as
> constants.

But this isn't a parameterless function - it must have a global
annotation, something like:
function Error return Error_T;
--# global Stored_Error;

in which case the *proof* function Error has a parameter corresponding
to the global Stored_Error.
(Proof functions are not allowed global access to anything.)

Phil Thornley