From: Ludovic Brenta <ludovic@ludovic-brenta.org>
Subject: Re: and then... (a curiosity)
Date: Tue, 2 Sep 2008 03:33:52 -0700 (PDT)
Date: 2008-09-02T03:33:52-07:00 [thread overview]
Message-ID: <a328076a-5b2e-4e05-8a07-87de6e72cf1d@s50g2000hsb.googlegroups.com> (raw)
In-Reply-To: Pine.LNX.4.64.0809021210200.10279@medsec1.medien.uni-weimar.de
stefan-lu...@see-the.signature wrote:
> True. But, at the logic level, the Ada-statement
>
> if (X >= A'First) and (X <= A'Last) and (A[X]=Y) then
> ...
> else
> ...
> end if;
>
> should *not* raise a Constraint_Error if X < A'First or X > A'Last, but
> instead handle the "else" case.
Except that X may be a function returning a different value for each
call!
> True enough, at the logic level the same should hold for
>
> if (A(x)=Y) and (X >= A'First) and (X <= A'Last) then ... end if;
>
> > It's all about those side effect which make order of evaluation so
> > important. Otherwise it should not matter.
>
> The bad thing is that Constraint_Error counts as a valid side effect here.
And what would be an "invalid" side effect?
> Ideally, the program should check the other branches of the "and"
> expression, and only propagate the exception if none of them evaluates to
> false without raising an exception of its own.
No, because the Constraint_Error (or other exception, or other side
effect such as logging, assignment to a variable, etc.) may be
intentional! The compiler does not and should not try to read your
mind. At least I would find it very disturbing to program in a
language that would try to "do what I mean, not what I say".
> Consider a programm fragment like
>
> if X and Y then
> ...
> end if
>
> Assume Y raises a Constraint_Error if X is false. This appears to be a
> common bug pattern in Ada. I have seen this several times in Ada
> sourcecode, and *never* it was the programmer's intention to raise an
> exception if X is false ... except when an exception was raised
> explicitely in the else branch. Even then, the programmers typically
> expected the exception they raised there, not Constraint_Error.
I have seen this bug a couple of times and always concluded it was
*my* fault and that I should have used "and then" to specify that the
order of evaluation was important. In such situation the mathematical
"and" (where "X and Y" is strictly equivalent to "Y and X") is not
what I want.
I definitely like the fact that Ada gives me the choice (short-circuit
or full evaluation) and the means ("and" vs. "and then") to express my
intent exactly.
--
Ludovic Brenta.
next prev parent reply other threads:[~2008-09-02 10:33 UTC|newest]
Thread overview: 93+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-08-29 21:06 and then... (a curiosity) mockturtle
2008-08-29 21:47 ` Samuel Tardieu
2008-08-30 21:28 ` Maciej Sobczak
2008-08-31 8:28 ` Georg Bauhaus
2008-08-31 23:21 ` Ray Blaak
2008-09-01 8:05 ` Martin Krischik
2008-09-01 17:56 ` Ray Blaak
2008-09-02 6:53 ` Martin Krischik
2008-09-02 14:56 ` Adam Beneschan
2008-09-02 16:28 ` Ray Blaak
2008-09-02 16:26 ` Ray Blaak
2008-09-02 20:50 ` Robert A Duff
2008-09-03 12:35 ` Brian Drummond
2008-09-03 15:56 ` Robert A Duff
2008-09-04 22:09 ` Brian Drummond
2008-09-03 21:01 ` Vinzent Hoefler
2008-09-02 14:50 ` Adam Beneschan
2008-08-29 22:28 ` Adam Beneschan
2008-08-30 1:06 ` Jeffrey R. Carter
2008-08-30 11:21 ` Dmitry A. Kazakov
2008-08-30 15:35 ` Peter C. Chapin
2008-09-02 15:06 ` Adam Beneschan
2008-09-02 3:41 ` Steve
2008-09-02 7:48 ` stefan-lucks
2008-09-02 8:57 ` Martin Krischik
2008-09-02 10:50 ` stefan-lucks
2008-09-02 10:33 ` Ludovic Brenta [this message]
2008-09-02 13:32 ` stefan-lucks
2008-09-02 12:53 ` Ludovic Brenta
2008-09-02 17:32 ` Georg Bauhaus
2008-09-03 13:14 ` stefan-lucks
2008-09-03 12:44 ` Dmitry A. Kazakov
2008-09-02 13:39 ` stefan-lucks
2008-09-02 13:40 ` stefan-lucks
2008-09-02 16:48 ` Dmitry A. Kazakov
2008-09-02 17:00 ` Keith Thompson
2008-09-02 19:15 ` Simon Wright
2008-09-02 20:37 ` Robert A Duff
2008-09-02 20:58 ` Jeffrey R. Carter
2008-09-02 21:08 ` Robert A Duff
2008-09-03 12:24 ` Pascal Obry
2008-09-02 22:34 ` Santiago Urueña
2008-09-03 5:56 ` Robert A Duff
2008-09-03 6:55 ` Santiago Urueña
2008-09-03 14:14 ` Adam Beneschan
2008-09-03 0:11 ` Randy Brukardt
2008-09-02 17:20 ` Georg Bauhaus
2008-09-04 1:05 ` Stephen Leake
2008-09-04 6:45 ` stefan-lucks
2008-09-04 7:35 ` Dmitry A. Kazakov
2008-09-04 12:04 ` stefan-lucks
2008-09-04 13:00 ` Dmitry A. Kazakov
2008-09-04 19:05 ` stefan-lucks
2008-09-04 20:28 ` Dmitry A. Kazakov
2008-09-05 6:57 ` stefan-lucks
2008-09-05 6:34 ` Ray Blaak
2008-09-05 14:14 ` Robert A Duff
2008-09-05 15:04 ` Dmitry A. Kazakov
2008-09-07 16:45 ` stefan-lucks
2008-09-05 15:14 ` Hyman Rosen
2008-09-05 15:59 ` Adam Beneschan
2008-09-05 16:10 ` Hyman Rosen
2008-09-07 16:36 ` stefan-lucks
2008-09-07 16:08 ` Gautier
2008-09-04 7:39 ` Karel Th�nissen
2008-09-04 12:12 ` stefan-lucks
2008-09-04 15:13 ` Georg Bauhaus
2008-09-04 15:16 ` Karel Th�nissen
2008-09-04 15:42 ` Dmitry A. Kazakov
2008-09-04 19:27 ` stefan-lucks
2008-09-04 19:43 ` stefan-lucks
2008-09-04 19:40 ` Georg Bauhaus
2008-09-05 7:00 ` stefan-lucks
2008-09-05 6:35 ` Ray Blaak
2008-09-04 20:06 ` Karel Th�nissen
2008-09-05 7:44 ` stefan-lucks
2008-09-05 6:41 ` Vinzent Hoefler
2008-09-04 20:09 ` Karel Th�nissen
2008-09-05 7:25 ` stefan-lucks
2008-09-05 6:37 ` Ray Blaak
2008-09-05 8:20 ` stefan-lucks
2008-09-05 13:57 ` Robert A Duff
2008-09-04 16:33 ` Dmitry A. Kazakov
2008-09-04 19:31 ` stefan-lucks
2008-09-04 19:59 ` Karel Th�nissen
2008-09-05 7:27 ` stefan-lucks
2008-09-05 8:38 ` Ludovic Brenta
2008-09-04 20:17 ` Dmitry A. Kazakov
2008-09-05 13:26 ` Robert A Duff
2008-09-05 13:49 ` Robert A Duff
2008-09-03 1:24 ` Stephen Leake
2008-09-03 3:31 ` tmoran
2008-09-03 13:22 ` stefan-lucks
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox