From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00
	autolearn=unavailable autolearn_force=no version=3.4.4
Path: 
 eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Simon Wright <simon@pushface.org>
Newsgroups: comp.lang.ada
Subject: Re: Ada Annoyances
Date: Sat, 24 Jun 2017 20:55:03 +0100
Organization: A noiseless patient Spider
Message-ID: <ly4lv540vc.fsf@pushface.org>
References: <1ac5a44b-4423-443a-a7bb-2864d9abe78f@googlegroups.com>
	<d6b02354-93b5-4364-9fe5-3d22b47156e9@googlegroups.com>
	<be1619b4-2220-4287-8e67-1af32377d3f7@googlegroups.com>
	<oijkah$mnh$1@franka.jacob-sparre.dk>
	<4921bd4e-3827-a7ac-7f2d-d60edbc514a3@tidorum.invalid>
Mime-Version: 1.0
Content-Type: text/plain
Injection-Info: mx02.eternal-september.org;
 posting-host="23d7bd7e7b7db663868d1c379abd5f1a";
	logging-data="27973"; mail-complaints-to="abuse@eternal-september.org";
	posting-account="U2FsdGVkX194qn0XNZyiEkLRJQMSpHXDaV2D4fdk+YA="
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (darwin)
Cancel-Lock: sha1:+TG8+l7vGc5wPYWoumn0fOAw69w=
	sha1:oXygEK8m3wJSfXdrUKpmwwv7l7Q=
Xref: news.eternal-september.org comp.lang.ada:47102
Date: 2017-06-24T20:55:03+01:00
List-Id: <comp.lang.ada>

Niklas Holsti <niklas.holsti@tidorum.invalid> writes:

> For some time, I have had in mind a possible Ada extension to solve
> point (b): an attribute/aspect that would let the programmer set a
> static upper bound on the size of any object in T'Class. If we call
> this aspect Maximum_Size (or perhaps Maximum_Size'Class), the
> programmer could use it like this:
>
>    type Root is tagged record ... end record
>    with Maximum_Size => 128;
>
>    type Child is new Root with record ... end record;
>    -- The compiler checks that Child'Size is at most 128 bits, and
>    -- rejects the program otherwise.
>
> It would now be legal to create statically sized data structures using
> Root'Class, without dynamic memory allocation, by allocating 128 bits
> for each value of type Root'Class:

GNAT is happy with

   type Parent is tagged null record
   with Dynamic_Predicate => Size (Parent) < 128;

   function Size (P : Parent'Class) return Integer is (P'Size);

   type Large is array (1 .. 10) of Integer;
   type Child is new Parent with record
      L : Large;
   end record;

Declaring an object of type Child raises Assert_Failure.

Of course you'd much rather have a static compile-time check!