From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID
	autolearn=no autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,c1131ea1fcd630a
X-Google-Attributes: gid103376,public
From: bobduff@world.std.com (Robert A Duff)
Subject: Re: To Initialise or not
Date: 1996/05/11
Message-ID: <Dr7upv.59v@world.std.com>#1/1
X-Deja-AN: 154217106
references: <318508FE.204B@sanders.lockheed.com>
 <31933B50.687D@lmtas.lmco.com> <Dr7G5r.GCH@world.std.com>
 <31937B57.5B0@lmtas.lmco.com>
organization: The World Public Access UNIX, Brookline, MA
newsgroups: comp.lang.ada
Date: 1996-05-11T00:00:00+00:00
List-Id: <comp.lang.ada>


In article <31937B57.5B0@lmtas.lmco.com>,
Ken Garlington  <garlingtonke@lmtas.lmco.com> wrote:
>I think there's something subtle here. In my mind, saying "I don't want to
>_use_ the literal null, since I want to reserve that to mean 'uninitialized'"
>makes some sense.

That's probably a better idea.  With tagged types, this becomes
convenient -- you have an "access to T'Class", and you have a special
derivative of T that means "None" or whatever, and point to that.
Reserve null to mean "Bad".  Use access parameters whenever possible
(since access parameters do a run-time check that the thing isn't null.)

>Well, if you do the former, you still might have to visit each unitialized
>case to ensure that a valid out-of-range value exists (although in this
>example, it's a pretty sure bet.) You would also have to add 'Valid to get
>reliable checking, so I'm not sure I see the advantage of just adding the
>pragma.

You don't have to use 'Valid to get usefulness out of pragma
Normalize_Scalars.  *Most* uses of a scalar variable will involve some
sort of constraint check, and Normalize_Scalars will ensure that these
checks fail for uninit vars.  Sad that it's not *all* uses, but that's
for efficiency.

The 'Valid attribute is for checking data that comes in from the outside
world.  You isolate this code, and use 'Valid before dealing with the
data.  'Valid is *not* for detecting uninitialized vars -- those happen
by accident, and are potentially scattered throughout the code.  So any
mechanism that requires the programmer to do something explicit (like
ask whether 'Valid) misses the point.

>I'm not sure that the tool has to do a particularly thorough job, just to
>find out the information you're attempting to convey with the literal null.
>However, we can agree to disagree on this.

OK.  :-)

- Bob