From: "Randy Brukardt" <randy@rrsoftware.com>
Subject: Re: Allocators and the requirement to raise `Storage_Error`
Date: Fri, 3 May 2013 18:17:02 -0500
Date: 2013-05-03T18:17:02-05:00 [thread overview]
Message-ID: <km1ghf$k0s$1@munin.nbi.dk> (raw)
In-Reply-To: op.wwh16wl5ule2fv@cardamome
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain, Size: 1010 bytes --]
"Yannick Duch�ne (Hibou57)" <yannick_duchene@yahoo.fr> wrote in message
news:op.wwh16wl5ule2fv@cardamome...
...
>I still wonder why there is no provision for an allocator to return `null`
>instead of raising an exception, when a custom function of a constrained
>subtype/type, which would provide the same functionality, does not get
>imposed this obligation.
This seems like a bizarre question. Ada doesn't allow returning the wrong
answer from an operation; it's required to return the right answer or an
exception. The operation "new" returns an allocated object. Period. If that
can't be done, then an exception is raised immediately.
Not doing this would hide storage exhaustion and would make it look like an
ordinary bug. That would make it a lot harder to reason about programs (its
very hard to reason about storage exhaustion, it formally can happen
anywhere, even "null;"). Keeping them separate helps both debugging and
formal tools.
Randy.
prev parent reply other threads:[~2013-05-03 23:17 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-03 5:35 Allocators and the requirement to raise `Storage_Error` Yannick Duchêne (Hibou57)
2013-05-03 7:31 ` egilhh
2013-05-03 8:36 ` Yannick Duchêne (Hibou57)
2013-05-03 9:33 ` Yannick Duchêne (Hibou57)
2013-05-03 23:17 ` Randy Brukardt [this message]
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox