From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.4 required=5.0 tests=AC_FROM_MANY_DOTS,BAYES_00 autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,a00006d3c4735d70 X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2004-01-08 06:32:04 PST Path: archiver1.google.com!news2.google.com!newsfeed2.dallas1.level3.net!news.level3.com!crtntx1-snh1.gtei.net!news.gtei.net!newsfeed1.easynews.com!easynews.com!easynews!cyclone1.gnilink.net!spamkiller2.gnilink.net!nwrdny01.gnilink.net.POSTED!0f19ed38!not-for-mail From: "Frank J. Lhota" Newsgroups: comp.lang.ada References: <3fe00b82.90228601@News.CIS.DFN.DE> <5802069.JsgInS3tXa@linux1.krischik.com> <1072464162.325936@master.nyc.kbcfp.com> <1563361.SfB03k3vvC@linux1.krischik.com> <11LvOkBBXw7$EAJw@phaedsys.demon.co.uk> <3ff0687f.528387944@News.CIS.DFN.DE> <1086072.fFeiH4ICbz@linux1.krischik.com> <3ff18d4d.603356952@News.CIS.DFN.DE> <1731094.1f7Irsyk1h@linux1.krischik.com> <3ff1b8ef.614528516@News.CIS.DFN.DE> <3FF1E06D.A351CCB4@yahoo.com> <3ff20cc8.635997032@News.CIS.DFN.DE> <3ff9df16.30249104@News.CIS.DFN.DE> <3FFC0201.6020303@noplace.com> Subject: Re: Certified C compilers for safety-critical embedded systems X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Message-ID: Date: Thu, 08 Jan 2004 14:32:02 GMT NNTP-Posting-Host: 141.154.249.88 X-Complaints-To: abuse@verizon.net X-Trace: nwrdny01.gnilink.net 1073572322 141.154.249.88 (Thu, 08 Jan 2004 09:32:02 EST) NNTP-Posting-Date: Thu, 08 Jan 2004 09:32:02 EST Xref: archiver1.google.com comp.lang.ada:4205 Date: 2004-01-08T14:32:02+00:00 List-Id: "Robert A Duff" wrote in message news:wcc65fn9vtb.fsf@shell01.TheWorld.com... > During the Ada 9X project, some folks suggested making it a procedure. > This was considered a non-starter, primarily because Fortran uses a > function, and that's what people expect. It is rather strange that > (some of) the same language designers who choked at the idea of making > Random a procedure were adamant about forbidding 'in out' params. Was there any discussion of using access types, i.e. function Random (Gen : access Generator) return Result_Subtype; This would require that each generator is aliased, and that 'Access attributes be used, but at least this would give some recognition to the fact that the generator is changed by the call. > There are all kinds of advantages to using functions over procedures. > One is that you can use a function to initialize an object, right at > the point of declaration. Using a procedure is error prone, because > the initialization is far-separated from the declaration, and because > it requires making constants into variables. Furthermore, some > kinds of subtypes *cannot* be initialized by procedures -- String, > for example. > > Limiting the applicability of functions by forbidding 'in out' > is poor language design. The programmer should be the one > to decide when side effects are appropriate. > > The mistake is in thinking that Ada "functions" are the same thing as > maths "functions" -- they are not. Ada functions are simply a procedure > with a different calling syntax. IMHO, both kinds of subprograms should > have been called "procedures". > > >... Also "obviously", it needs to modify the state of the generator. > > Not so obviously, that state needs to be stored in the parameter, so I > > can call Random from several different threads. > > It is also possible to implement the generator as a private type that > has a pointer into the heap. But then you need to horse around with > finalization in order to manage the memory. And note that the generator > type cannot simply *be* a limited controlled type, because of the > accessibility rules -- more horsing around. > > - Bob