From: Adam Beneschan <adam@irvine.com>
Subject: Re: GNAT 4.4.5 order of conditional processing?
Date: Wed, 16 Nov 2011 14:40:33 -0800 (PST)
Date: 2011-11-16T14:40:33-08:00 [thread overview]
Message-ID: <a25b0eac-9dae-437d-b4bb-a501cf92572c@o11g2000prg.googlegroups.com> (raw)
In-Reply-To: 8b60c7a5-8b9e-4573-9470-0c3aca099dbc@r9g2000vbw.googlegroups.com
On Nov 16, 1:31 pm, Gautier write-only <gautier_niou...@hotmail.com>
wrote:
> On 15 nov, 22:49, awdorrin <awdor...@gmail.com> wrote:
>
> > Figured that was is, sloppy programming that just managed to work (for
> > 20 years) due to a compiler implementation... ;-)
>
> Waw, so there was an Ada compiler doing (erroneously of course) a
> silent short-circuit ?...
Not necessarily... Later on, the poster said that the issue was with
uninitialized variables. In an expression like this:
if Expression-1 and Expression-2 then...
where Expression-1=FALSE means that some variables in Expression-2 are
uninitialized. The fact is, though, that even if Expression-2
involves variables that contain unpredictable garbage, using them is
unlikely to cause any harm in most situations. For instance:
subtype Index_Subtype is Integer range 1 .. 10;
Arr : array (Index_Subtype) of Float;
Curr_Index : Index_Subtype;
if Curr_Index_Initialized and Arr(Curr_Index) < -1.0 then ...
Suppose Curr_Index_Initialized is FALSE and Curr_Index has never been
initialized to anything. The result is that if the right side is
evaluated, Curr_Index's uninitialized value may be a value outside the
range 1..10, and then the code will read an element of Arr that is
outside the bounds of Arr. Big deal. That's not likely to make a
program fail. (Unless the bit pattern it reads happens to be a
Signaling NaN, maybe!!)
But I also want to point out that a "silent short-circuit" is NOT
necessarily erroneous. In fact, it's probably not erroneous in most
cases. The compiler doesn't have to evaluate both operands of "X and
Y" if X is false and evaluating Y cannot have any effect on anything.
Also, if the only possible effect of evaluating Y is to fail a
language check, then I think Y doesn't have to be evaluated by 11.6.
Thus, if you write:
if (N in My_Array'Range) and (My_Array(N) = 0) then ...
If N is out of range, the language says this should raise
Constraint_Error when My_Array(N) is evaluated. So that means that
the above code shouldn't be written like that. But a compiler that
generates code that doesn't raise Constraint_Error is, I think, legal
by 11.6. So a compiler that generates the exact same code for the
above example and for
if (N in My_Array'Range) and then (My_Array(N) = 0) then ...
is OK. Obviously, programmers shouldn't count on it. (And there may
be some differences of opinion as to how 11.6 is to be interpreted.
It's caused arguments in the past.)
I believe the only time the compiler *must* generate code that always
evaluates both operands is if the right-hand side contains a function
call that could have a side-effect, or if it refers to an object where
reading the object could have some external effect (i.e. a memory-
mapped device address or the like).
So there's a couple of reasons why (in a correct implementation) using
"and" instead of "and then" could be erroneous but still not cause the
program to fail.
-- Adam
next prev parent reply other threads:[~2011-11-16 22:56 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-15 20:30 GNAT 4.4.5 order of conditional processing? awdorrin
2011-11-15 20:54 ` Niklas Holsti
2011-11-15 21:07 ` awdorrin
2011-11-15 21:23 ` Vinzent Hoefler
2011-11-15 21:49 ` awdorrin
2011-11-16 21:31 ` Gautier write-only
2011-11-16 22:40 ` Adam Beneschan [this message]
2011-11-17 0:00 ` Adam Beneschan
2011-11-15 23:08 ` Jeffrey Carter
2011-11-16 1:18 ` Adam Beneschan
2011-11-16 5:33 ` tmoran
2011-11-16 17:52 ` awdorrin
2011-11-16 20:01 ` Simon Wright
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox