From: Shark8 <onewingedshark@gmail.com>
Subject: Re: Problems with SPARK 2015 and XMLAda
Date: Thu, 20 Aug 2015 16:21:19 -0700 (PDT)
Date: 2015-08-20T16:21:19-07:00 [thread overview]
Message-ID: <9c4e49e0-732b-42f6-b52f-f0b379572889@googlegroups.com> (raw)
In-Reply-To: <mr5dnn$ce9$1@loke.gir.dk>
On Thursday, August 20, 2015 at 2:36:09 PM UTC-6, Randy Brukardt wrote:
> "Shark8" wrote in message
> news:9d3dc132-4e1a-4e9c-bcd4-82a42a73745f...
> ...
> > As others have said, SPARK is about avoiding exceptions completely
> > (because
> > the relevant properties are proved) and therefore having exceptions in
> > your SPARK
> > code is not allowed.
>
> One use of exceptions is to signal errors with the parameters of a
> routine -- essentially the failure of a precondition. Clearly, it is better
> that such things are proved impossible, and thus such exceptions are not
> needed in SPARK.
This sort of exception is what I was thinking of.
>
> But another use of exceptions is to signal things that cannot be known at
> compile time. How can you tell in advance whether the file Foobar.Txt exists
> on your disk? Even a pretesting it is unreliable (it could be deleted
> between the test and the usage); one has to report the error at runtime.
>
> SPARK forces such errors to be reported as error codes, and that's pure
> evil. The problems with using error codes rather than exceptions to report
> unlikely but possible errors are well-known, and forcing one to use that is
> essentially junking decades of programming experience.
I *really* despise error-codes -- Though with Ada you can make it a bit nicer by having an actual enumeration, throwing the function-call into a case-statement, and letting the compiler smack you when you forget to cover one of the codes.
>
> The lack of access types is similar; one has to emulate them using arrays in
> SPARK, which is a 1950s programming technique. It's the sort of thing that
> one uses Ada to get way from.
Yes, it is.
I wasn't aware of this 'feature' of SPARK.
>
> At least the SPARK team is aware of these limitations and considering ways
> to mitigate them in future versions of SPARK. What I hate is people spinning
> these as "features" rather than just a limitation of prover technology (and
> to me, an indication that SPARK tries to do too much).
I am hoping the SPARK team fixes some of those and it looks like they have been doing so -- just look at type-predicates: http://www.spark-2014.org/entries/detail/spark-2014-rationale-type-predicates
next prev parent reply other threads:[~2015-08-20 23:21 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-08-19 15:58 Problems with SPARK 2015 and XMLAda Serge Robyns
2015-08-19 20:21 ` Simon Wright
2015-08-19 21:22 ` Serge Robyns
2015-08-20 7:10 ` Jacob Sparre Andersen
2015-08-20 10:06 ` Mark Lorenzen
2015-08-20 16:38 ` Shark8
2015-08-20 18:42 ` Peter Chapin
2015-08-20 19:13 ` Jeffrey R. Carter
2015-08-20 20:00 ` Serge Robyns
2015-08-20 20:36 ` Randy Brukardt
2015-08-20 23:21 ` Shark8 [this message]
2015-08-21 6:26 ` Stefan.Lucks
2015-08-21 7:30 ` Dmitry A. Kazakov
2015-08-21 8:19 ` Stefan.Lucks
2015-08-21 9:37 ` Dmitry A. Kazakov
2015-08-21 10:09 ` G.B.
2015-08-21 11:56 ` Dmitry A. Kazakov
2015-08-21 13:46 ` G.B.
2015-08-21 14:45 ` brbarkstrom
2015-08-21 15:34 ` Dmitry A. Kazakov
2015-08-21 23:44 ` Bob Duff
2015-08-22 6:22 ` Dmitry A. Kazakov
2015-08-21 10:43 ` Stefan.Lucks
2015-08-21 12:35 ` Dmitry A. Kazakov
2015-08-24 21:32 ` Randy Brukardt
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox