Re: [Spark] Using defered constants

[Lutz Donnerhacke <lutz@iks-jena.de>]

* Peter Amey wrote:
> Lutz's question has caused me to reconsider all this and the next release
> of the Examiner will relax these rules so that after the point that Ada
> requires that the deferred constant to be complete it can be used even if
> the SPARK Examiner has not seen it (because it is hidden).

Thank you very much.

> The worst consequence for the Examiner will be the ability to construct
> programs with hidden pakcage private parts that will examine cleanly but
> not compile because soemthing in the hidden part makes them illegal Ada;
> at least this is "safe".

Of course. You can't check hidden areas. If you would do so, you would not
need the argument of #hide, because then you can determine the closure of
the hidden region yourself.

> As with all these things, it is feedback from active users that drive
> things forward!

I'm not an active user. I'm just playing with Spark and Ada.

Back to the original problem. A simple workaround is to replace the constant
by a parameterless (inlined) function.

package t is
   type x is private;
   function cx return x;
   procedure copy(o : out x; i : Integer);
   --# derives o from i;
private
   --# hide t;
   type x is new Integer;
end t;

package body t is
   function cx return x is
      --# hide cx;
   begin
      return 0;
   end cx;

   procedure doupdate(o : in out x; i : Integer)
     --# derives o from i, o;
     is
      --# hide doupdate;
   begin
      o := o + x(i);
   end doupdate;

   procedure copy(o : out x; i : Integer) is
   begin
      o := cx;
      doupdate(o, i);
   end copy;
end t;