Re: Idea: Array Boundary Checks on Write Access Only

comp.lang.ada
 help / color / mirror / Atom feed

From: eachus@spectre.mitre.org (Robert I. Eachus)
Subject: Re: Idea: Array Boundary Checks on Write Access Only
Date: 1998/06/20
Date: 1998-06-20T00:00:00+00:00	[thread overview]
Message-ID: <EACHUS.98Jun19200052@spectre.mitre.org> (raw)
In-Reply-To: 6me766$l4t$1@xenon.inbe.net

In article <6me766$l4t$1@xenon.inbe.net> Lieven Marchand <mal@bewoner.dma.be> writes:

  > One of the problems in doing this with Ada is that the language spec
  > describes the exact behaviour for errors like this. You have to raise
  > the correct exception after having done all the previous effects. This
  > restricts the freedom of the compiler to rearrange checks. In
  > languages with similar semantics for arrays like Modula-3 the only
  > behaviour prescribed is that it is a checked runtime error with leaves
  > the implementation with much more freedom...

   Sounds like Ada 83, not Ada 95.  From a user point of view, 11.6 is
a lot more strict in Ada 95 about the semantics of programs which do
not raise a predefined exception (in practice, Constraint_Error) and a
lot less strict about programs which do.  The intent is that when
Constraint_Error occurs, the only thing you know in the handler is
that it was raised by code in the scope of the handler.  Basically,
all variables potentially assigned to in that scope can become
"abnormal", and references to them erroneous.

   It does mean that you need to do a lot more work if you actually
intend to recover from a particular arithmetic overflow, but unless
you wrapped every arithmetic operation in the scope in a separate
handler in Ada 83, you were in basically the same boat.

   For example:

     begin
       for I in Some_Range loop
         A(I) := B(I) + C(I);
       end loop;
     exception
       when Constraint_Error => ...;
       -- I and all elements of A should be treated as bogus.
     end;

   To find where the error occurs you need to write:

     begin
       for I in Some_Range loop
         begin
           A(I) := B(I) + C(I);
         exception
           when Constraint_Error => ...;
           -- I can be trusted
         end;    
       end loop;
     exception
       when Constraint_Error => ...;
       -- Absent a raise, A is okay here, but I is not.
     end;
--

					Robert I. Eachus

with Standard_Disclaimer;
use  Standard_Disclaimer;
function Message (Text: in Clever_Ideas) return Better_Ideas is...

next prev parent reply	other threads:[~1998-06-20  0:00 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
1998-06-15  0:00 Idea: Array Boundary Checks on Write Access Only Markus Kuhn
1998-06-15  0:00 ` Peter Amey
1998-06-20  0:00   ` Robert Dewar
1998-06-21  0:00     ` Markus Kuhn
     [not found]       ` <dewar.898490510@merv>
1998-07-09  0:00         ` Frank Klemm
1998-06-17  0:00 ` Stephen Leake
1998-06-17  0:00   ` Markus Kuhn
1998-06-17  0:00     ` Robert A Duff
1998-06-18  0:00     ` Stuart Palin
1998-06-18  0:00     ` Anonymous
     [not found] ` <6m8v02$r2l$1@xenon.inbe.net>
1998-06-18  0:00   ` Markus Kuhn
1998-06-18  0:00     ` Lieven Marchand
1998-06-20  0:00       ` Robert I. Eachus [this message]
1998-06-18  0:00     ` dennison
1998-06-20  0:00       ` Robert Dewar
1998-06-18  0:00     ` Stuart Palin
1998-06-18  0:00     ` dennison

replies disabled

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox