From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 Path: eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!news.eternal-september.org!feeder.eternal-september.org!feeder.erje.net!1.eu.feeder.erje.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: Niklas Holsti Newsgroups: comp.lang.ada Subject: Re: Ada Annoyances Date: Sat, 24 Jun 2017 23:56:58 +0300 Organization: Tidorum Ltd Message-ID: References: <1ac5a44b-4423-443a-a7bb-2864d9abe78f@googlegroups.com> <4921bd4e-3827-a7ac-7f2d-d60edbc514a3@tidorum.invalid> Mime-Version: 1.0 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Trace: individual.net 21pHrwr1VzLDaAOl3mgeCA5o0z4CdVN2ZZRhheAIPRVFRKwMFJ Cancel-Lock: sha1:APWH9IIK+ge053niQSRR87OqOKo= User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 In-Reply-To: Xref: news.eternal-september.org comp.lang.ada:47106 Date: 2017-06-24T23:56:58+03:00 List-Id: On 17-06-24 22:55 , Simon Wright wrote: > Niklas Holsti writes: > >> For some time, I have had in mind a possible Ada extension to solve >> point (b): an attribute/aspect that would let the programmer set a >> static upper bound on the size of any object in T'Class. If we call >> this aspect Maximum_Size (or perhaps Maximum_Size'Class), the >> programmer could use it like this: >> >> type Root is tagged record ... end record >> with Maximum_Size => 128; >> >> type Child is new Root with record ... end record; >> -- The compiler checks that Child'Size is at most 128 bits, and >> -- rejects the program otherwise. >> >> It would now be legal to create statically sized data structures using >> Root'Class, without dynamic memory allocation, by allocating 128 bits >> for each value of type Root'Class: > > GNAT is happy with > > type Parent is tagged null record > with Dynamic_Predicate => Size (Parent) < 128; > > function Size (P : Parent'Class) return Integer is (P'Size); > > type Large is array (1 .. 10) of Integer; > type Child is new Parent with record > L : Large; > end record; > > Declaring an object of type Child raises Assert_Failure. As one would expect, based on standard Ada, yes? > Of course you'd much rather have a static compile-time check! Indeed I would. But the check is not the main point in the suggested Maximum_Size aspect: the main point is that it would let the compiler consider the type Root'Class as a definite subtype, and would therefore allow its direct use as a component of arrays or records, instead of forcing an access-classwide to be used as an intermediate. I don't suppose GNAT lets you use Parent'Class as the component type of an array, even with this Dynamic_Predicate? There may however be some other semantic implications of the definite vs indefinite subtype divide, not related to the size of the values, that would make it hard to let the suggested Maximum_Size aspect change the classwide type from indefinite to definite. -- Niklas Holsti Tidorum Ltd niklas holsti tidorum fi . @ .