From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,803df5f3f60558d5 X-Google-Attributes: gid103376,public From: bobduff@world.std.com (Robert A Duff) Subject: Re: Uninitialized "out" parameters Date: 1996/07/25 Message-ID: #1/1 X-Deja-AN: 171349814 references: <31EEACDA.64880EEB@sage.inel.gov> <4t4r0s$8te@goanna.cs.rmit.edu.au> <4t7chp$9mk@goanna.cs.rmit.edu.au> organization: The World Public Access UNIX, Brookline, MA newsgroups: comp.lang.ada Date: 1996-07-25T00:00:00+00:00 List-Id: In article <4t7chp$9mk@goanna.cs.rmit.edu.au>, Richard A. O'Keefe wrote: >You are telling this to a programmer who is in the habit of making >sure that every integer division involves a divisor declared to be >Positive rather than Integer, and thinks that this is one good reason >for using Ada instead of C. Yeah, I try to do similar things, when possible. BUT, first of all it doesn't always work. Division is well defined for negatives and positives, but not zero, and Ada has no "non-zero" constraint. Also, you're not detecting divide-by-zero at compile time using this technique. You're detecting it earlier, which is good, but still at run time. "X: Positive := ;" is checked at run time. >Compile time checking of property Z, in a language that permits it, > - forbids some meaningful programs > - ensures that a class of errors is not present > - has lower run-time penalties, and because the compiler knows > more, may permit the generation of better code >Run time checking of property Z, in an implementation that permits it, > - places fewer restrictions on source programs > - ensures that a class of errors will not be *executed* without warning > - has higher run-time penalties. Yes, that's what I meant by "it's a trade-off". - Bob