From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,1e369abf7da96fac X-Google-NewGroupId: yes X-Google-Attributes: gida07f3367d7,domainid0,public,usenet X-Google-Language: ENGLISH,ASCII-7-bit Received: by 10.68.73.229 with SMTP id o5mr2156146pbv.7.1326499250923; Fri, 13 Jan 2012 16:00:50 -0800 (PST) MIME-Version: 1.0 Path: lh20ni179150pbb.0!nntp.google.com!news2.google.com!eweka.nl!lightspeed.eweka.nl!62.179.104.142.MISMATCH!amsnews11.chello.com!nuzba.szn.dk!news.jacob-sparre.dk!pnx.dk!jacob-sparre.dk!ada-dk.org!.POSTED!not-for-mail From: "Randy Brukardt" Newsgroups: comp.lang.ada Subject: Re: Pure function aspect?... Date: Fri, 13 Jan 2012 18:00:46 -0600 Organization: Jacob Sparre Andersen Research & Innovation Message-ID: References: <1d74a186-2599-4de5-af49-ffca2529ea96@do4g2000vbb.googlegroups.com> NNTP-Posting-Host: static-69-95-181-76.mad.choiceone.net X-Trace: munin.nbi.dk 1326499249 25492 69.95.181.76 (14 Jan 2012 00:00:49 GMT) X-Complaints-To: news@jacob-sparre.dk NNTP-Posting-Date: Sat, 14 Jan 2012 00:00:49 +0000 (UTC) X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.2900.5931 X-RFC2646: Format=Flowed; Original X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157 Date: 2012-01-13T18:00:46-06:00 List-Id: wrote in message news:Pine.LNX.4.64.1201131048370.2287@medsec1.medien.uni-weimar.de... > On Thu, 12 Jan 2012, Randy Brukardt wrote: ... > However, another reason, why the AI became so complex, seems to be the > attempt to rather precisely specify side-effects, instead of providing > just the ability to declare "no side effects". There has been strong opposition to a "checked" pure function declaration (I had floated that first, and it went nowhere), and global in out => null is essentially the same thing. The reason is the "memo function" idea (more sensibly, a function that logs its calls but is otherwise pure) is not allowed. I was trying to do something broader that could get more support. And just declaring "no side-effects" without checking it is actively harmful in my opinion because, perversely, it makes a program less safe. That's because the compiler is going to take advantage of this declaration to remove calls (especially in contracts and assertions), and if the call in fact has side-effects, doing that is not safe (and can easily lead to bugs or even erroneous execution). (And if you aren't going to let the compiler take advantage of this knowledge, declaring it is pointless.) I have some lengthy examples of this problem that are tooo long to present here (and at least get any other work done), but trust me, it is very real. The lack in global in out isn't a deal breaker for Ada 2012, simply because it is also missing exception contracts. And we need (at least) both of those to have enough completeness to really reason formally about Ada programs. Hopefully, future versions of Ada will take up both of these again. Randy.