From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,e8c8d1c63ffacf0d X-Google-Attributes: gid103376,public From: Keith Thompson Subject: Re: Constraint checking of actuals passed to Attributes Date: 2000/05/09 Message-ID: #1/1 X-Deja-AN: 621397574 Sender: kst@king.cts.com References: <391250A8.99D1585C@hotmail.com> <39171B69.2F983487@averstar.com> <8f93lm$1es$1@nnrp1.deja.com> <8f9snr$vbr$1@nnrp1.deja.com> X-Trace: thoth.cts.com 957927500 77501 205.163.0.22 (10 May 2000 02:58:20 GMT) Organization: CTS Network Services Newsgroups: comp.lang.ada X-Complaints-To: newsmaster@cts.com Date: 2000-05-09T00:00:00+00:00 List-Id: Robert A Duff writes: [...] > I suppose I could try expressing the intent by example: > > If you say: > > Uninit: Integer; -- Uninitialized variable! > ... > if Uninit < 10 then > ... > > The condition must be either True or False, or it must raise an > exception. It must not destroy other variable's values. Inside the > if statement, Uninit must evaluate to a value less than 10. > > Obviously that's not a formal definition -- it's just an example of the > intent. If I understand the context of this example correctly, the intent is to make these guarantees if Uninit is merely uninitialized, but not if it's abnormal (say, if an assignment to it was disrupted; see RM95-13.9.1). The standard doesn't require bizarre things to happen under such circumstances, it merely withdraws its usual guarantee that bizarre things won't happen. If the underlying hardware has no abnormal representations for type Integer, Integers will never become abnormal ("Whether or not an object actually becomes abnormal in these cases is not specified.") This kind of thing is more likely to show up (on most systems) for things like composite objects with corrupted descriptors. The most plausible scenario for type Integer that I can think of is a system that represents an integer as a floating-point value with the exponent set to zero (I'm not sure whether Ada allows this); something like a floating-point NaN would then be an abnormal value for type Integer. A less plausible scenario is an integer with the low-order bit set to 0.5. I suppose the real requirement being imposed here is that, if the underlying system has "abnormal" representations for a given type, the Ada implementation must guarantee that an uninitialized variable isn't set to one of those representations. -- Keith Thompson (The_Other_Keith) kst@cts.com San Diego Supercomputer Center <*> Welcome to the last year of the 20th century.