From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,b8b8a54001adc4d2 X-Google-Attributes: gid103376,public X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news2.google.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: Nick Roberts Newsgroups: comp.lang.ada Subject: Re: Possible Ada deficiency? Date: Sun, 9 Jan 2005 21:56:13 +0000 Message-ID: References: <1104516913.718856.94090@z14g2000cwz.googlegroups.com> <1104544963.930877.75170@c13g2000cwb.googlegroups.com> <1104595073.731663.180100@c13g2000cwb.googlegroups.com> <2J1Ed.1997$Ii4.1084@newsread3.news.pas.earthlink.net> Content-Type: text/plain; charset=us-ascii X-Trace: individual.net NDKEYHFSC06Oxl5L+TfU1g08rmoJVHFXNA9vthOm884HkXDHI= X-Orig-Path: not-for-mail User-Agent: Gemini/1.45d (Qt/3.3.2) (Windows-XP) Xref: g2news1.google.com comp.lang.ada:7595 Date: 2005-01-09T21:56:13+00:00 List-Id: Robert A Duff wrote: > ... > The main thing I dislike about the Ada rule is that it is possible to > write code by accident that behaves differently because one compiler > chooses pass-by-copy and another one pass-by-reference. And it's not > clear whose responsibility it is to worry about this kind of bug: should > procedures be written so that they work even in the presence of aliasing > among actual parameters? Or should callers avoid that aliasing? And what > can the caller know about data modified in a procedure that raised an > exception in the middle of processing? > > I also think it's kludgy to treat (say) integers differently from strings. > I understand the efficiency reason for this, but I still don't like it. Yes, I think this is one of the nastiest gotchas in Ada. It's even worse that Ada is supposed to be a multitasking-friendly language. > I can think of several solutions, but I'm not sure which is best. One idea > is to define all parameter passing to be nominally by copy, but add some > features that allow the compiler to know enough about global variables and > whatnot, so that it can use by-reference in most cases, having proved it > doesn't make any difference. That wouldn't work in Ada because the > compiler doesn't have enough information to do the proof, in most cases. A couple of facilities would help. One would be a pragma that declared two parameters (of the same type) of a subprogram unaliased. At each call, a static check would be made if possible, otherwise code inserted to make a dynamic check (that the same object had not been passed as the actual for both parameters). I suppose this would be similar to an assertion or pre-condition. The other would be a pragma that declared a subprogram non-reentrant. A flag (global at the level of the declarative region immediately containing the subprogram) would be set upon entry and reset on exit. Just before setting the flag, a test would be made: if the flag is already set, raise an exception. The compiler could catch obvious breaches (such as a recursive call). There could be a couple of checks associated with these pragmas, named Aliasing_Check and Reentrancy_Check perhaps, for use by the Suppress pragma. -- Nick Roberts