From: Robert A Duff <bobduff@shell01.TheWorld.com>
Subject: Re: Controlled types and exception safety
Date: 02 Dec 2005 18:21:50 -0500
Date: 2005-12-02T18:21:50-05:00 [thread overview]
Message-ID: <wccy833rsoh.fsf@shell01.TheWorld.com> (raw)
In-Reply-To: Ga2dnUXKGspEVBLenZ2dnUVZ_tGdnZ2d@megapath.net
"Randy Brukardt" <randy@rrsoftware.com> writes:
> Probably not specifically. Obviously it depends on the implementation. I
> just looked at ours, and it does nothing at all to handle memory issues in
> Adjust. That means that the object would fail the invariants after such an
> assignment. (I didn't actually realize that; it would be better to null the
> pointer in that case...) And presumably, it would eventually access through
> a deallocated pointer. But that's all a correct (if unfriendly)
> implementation of Ada, because the object is abnormal, and any access to it
> is erroneous -- see 13.9.1. (Humm, this actually isn't as clear as it ought
> to be; one could argue that Storage_Error isn't a "language-defined check"
> (its not called that in 11.1(6)).
I think 11.5(2) can reasonably be interpreted to mean that Storage_Error
qualifies. Certainly, that is the intent.
11.5(22) also applies, although it incorrectly talks about specific
reasons why S_E might be raised, whereas 11.1(6) says S_E can be raised
by anything at all (not just "new" and procedures and tasks).
>... But surely it is intended to be covered;
Yes, surely.
> it's hard to imagine a case that is more likely to corrupt things than
> running out of memory.
Well, I can imagine "abort", and that's just as bad (except that you can
defer aborts, but you can't defer out-of-memory).
- Bob
next prev parent reply other threads:[~2005-12-02 23:21 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-11-30 13:57 Controlled types and exception safety Maciej Sobczak
2005-11-30 15:06 ` Dmitry A. Kazakov
2005-11-30 16:19 ` Maciej Sobczak
2005-12-01 0:05 ` Stephen Leake
2005-12-01 9:21 ` Dmitry A. Kazakov
2005-12-01 10:46 ` Maciej Sobczak
2005-12-01 15:08 ` Dmitry A. Kazakov
2005-12-02 4:17 ` Randy Brukardt
2005-12-02 9:29 ` Maciej Sobczak
2005-12-02 18:12 ` tmoran
2005-12-02 19:15 ` Robert A Duff
2005-12-02 21:42 ` tmoran
2005-12-06 9:00 ` Maciej Sobczak
2005-12-06 9:50 ` Dmitry A. Kazakov
2005-12-06 18:34 ` Jeffrey R. Carter
2005-12-06 19:34 ` Randy Brukardt
2005-12-06 21:20 ` Dmitry A. Kazakov
2005-12-07 1:57 ` Jeffrey R. Carter
2005-12-08 0:50 ` Randy Brukardt
2005-12-08 19:37 ` Jeffrey R. Carter
2005-12-09 2:36 ` Randy Brukardt
2005-12-09 6:33 ` Jeffrey R. Carter
2005-12-09 20:35 ` Randy Brukardt
2005-12-10 7:53 ` Jeffrey R. Carter
2005-12-06 20:43 ` Dmitry A. Kazakov
2005-12-07 2:00 ` Jeffrey R. Carter
2005-12-07 10:01 ` Dmitry A. Kazakov
2005-12-02 23:21 ` Robert A Duff [this message]
2005-11-30 17:46 ` Jean-Pierre Rosen
2005-11-30 21:02 ` Jeffrey R. Carter
2005-11-30 22:06 ` Björn Persson
2005-11-30 23:52 ` Randy Brukardt
2005-12-01 5:26 ` Jeffrey R. Carter
2005-12-02 23:51 ` Robert A Duff
2005-12-06 11:41 ` Peter C. Chapin
2005-12-06 12:50 ` Jean-Pierre Rosen
2005-12-06 13:06 ` Dmitry A. Kazakov
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox