From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: fac41,f66d11aeda114c52 X-Google-Attributes: gidfac41,public X-Google-Thread: 103376,f66d11aeda114c52 X-Google-Attributes: gid103376,public From: mheaney@ni.net (Matthew Heaney) Subject: Re: Building blocks (Was: Design By Contract) Date: 1997/09/30 Message-ID: X-Deja-AN: 276695746 References: <342A0AC6.2F2F@dynamite.com.au> <199709251320.PAA03585@basement.replay.com> <34316EC3.5B62@dynamite.com.au> Organization: Estormza Software Newsgroups: comp.lang.ada,comp.lang.eiffel Date: 1997-09-30T00:00:00+00:00 List-Id: In article <34316EC3.5B62@dynamite.com.au>, aebrain@dynamite.com.au wrote: >> 2. Using while instead of loop/exit (ref. Ichbiah, Barnes, & Firth, "Ada >> Launch," 1980 Dec 10, videotape, on why while was included in the >> language). > >I'd defend this one on style grounds, and believe the matter is >religious. I have no access to this video. Any other sources? BTW >perfectly willing to believe I'm wrong, I just want to know why... Yes, it's quite wrong to use a flag to terminate a while loop, instead of just using exit with a loop. The idiom is, use an exit when the termination depends on what you read, eg loop exit when end loop; The classic example is, read some integers until the user types in the value 0: loop Read (N); exit when N = 0; end loop; Scannars are written this way: you leave the current state when you've read something outside what you're scanning right now: Scan_Integer: loop Read (C); exit when C not in '0' .. '9'; end loop Scan_Integer; No, this is not a moral issue. It is a simple fact about what problem-solving strategies are best for human programmers. That the exit technique is a better "cognitive fit" was demonstrated empirically in Cognitive Strategies and Looping Constructs: An Empirical Study Elliot Soloway et al CACM Nov 83 Vol 26 Number 11, p. 853-860. >From the abstract: ...Our results indicate that subjects overwhelmingly prefered a READ/PROCESS strategy over a PROCESS/READ strategy. When writing a simple looping program, those using the loop .. leave .. again construct were more often correct than those using the standard Pascal loop constructs. Here's another excerpt from an older textbook: -- from An Introduction to Programming, Richard Conway and David Gries In a recent thread on this list, we debated why Ada requires you for declare something before its use. The design philosophy of Ada - as explained in the video and to me privately by Jean Ichbiah - is that the programmer's understanding of something should only depend on what has come before. He shouldn't have to read ahead. What he needs to know to apprehend the program text only depends on the text he's already read. Your example is a classic example of how NOT to write loop, by setting a flag to false to force a while loop to terminate. The problem is that the reader of your code has to read THE ENTIRE BODY OF THE LOOP, after you've set the flag to false, to determine whether you set the flag because you want to terminate the loop right now, and whether there's more work to be done, prior to the actual end of the loop. The flag is AMBIGUOUS. If you reach a point where you need to terminate the loop, then terminate the loop, right now. Don't set a flag, execute the rest of the body, test the flag, to terminate the loop. Just terminate the loop. If you want to go from point A to point B, then go directly from point A to point B. Why go from A to C to D then to B? Especially as that may confuse the person trying to follow you. You can make the argument "this is just my style," but the whole underlying philosophy of Ada is that program text gets read by other human programmers, not just by the human who wrote it originally, and we should do as much to facilitate their understanding as possible. This means presenting information in a manner best suited for the human reader, not just the compiler. So your "style" may be the source of obfuscation and ambiguity that CONFUSE human readers of your programs. You don't live on an island. We all need to always think about the programmer playing detective who's trying to figure out what we've written. Always ask yourself as you're writing code, What can I do to make it easy for someone reading this? This is especially true when you have a choice about how to do something, and either way will work; it's called the Principle of Least Astonishment. When you reach a loop termination point, tell the human programmer reading your code, directly and unambiguously, that you want to terminate the loop, by using an exit. A loop exit is a big huge sign that tells the person reading your code that THE LOOP IS TERMINATING NOW. Nothing unambiguous about that. No more text to try to figure out. All very simple, which is precisely what we want. One more point. Among the colorful landscape of programming languages, Ada is a very conservative language. If a construct were so pernicious that it made writing correct programs difficult, or made the apprehension of program text difficult, then it wouldn't be in the language, now would it? A bunch of guys with PhDs in computer science from all over the planet voted unaminously to make Ada an international programming language standard. And _they_ all decided that exiting from a loop was OK. There's nothing extra to you need to do to make Ada programming safe, because it comes that way right out of the box. -------------------------------------------------------------------- Matthew Heaney Software Development Consultant (818) 985-1271