Re: Constraint checking of actuals passed to Attributes

[Ted Dennison <dennison@telepath.com>]

In article <391C543F.83B2A408@averstar.com>,
  Tucker Taft <stt@averstar.com> wrote:
 versus "abnormal" distinction.  Imagine the following:
>
>     Y : Very_Long_Integer range -5..5 := 4;
>    ...
>     Y := -5;  -- imagine abort or other "disruption" happens in middle
>            -- of this multi-word assignment, and Y ends up with a
weird value
>            -- like -4 billion (due to setting the high 32 bits to -1,
>            -- while leaving the low 32 bits as +4).
>            -- If then in finalization code or an exception handler
>            -- we write "A(Y) := 36".  Y might be abnormal and the
>            -- implementation is free to trash random memory.
>
> In other words, abnormal means out of range due to disruption, or
> "bad" binary input or unchecked conversion,
> whereas invalid means out of range due to lack of initialization or
> other "normal" behavior.  The implementation is supposed to "survive"

Thanks for the explanation. That distinction was exactly what I was
wondering about.

But I still don't understand the logic behind making misuse of an
overlay an "invalid" case rather than an "abonormal" (and thus
erronious) case. Couldn't it cause the same -4 billion value to get
placed into Y? The compiler would have no easy way to detect that the
state has changed to "invalid". How do you enforce that the program
"survives" this?

--
T.E.D.

http://www.telepath.com/~dennison/Ted/TED.html


Sent via Deja.com http://www.deja.com/
Before you buy.