From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on ip-172-31-65-14.ec2.internal X-Spam-Level: X-Spam-Status: No, score=-1.9 required=3.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.6 Path: eternal-september.org!reader02.eternal-september.org!aioe.org!esY63sJc+00ALEoUyxrwTg.user.46.165.242.91.POSTED!not-for-mail From: "Dmitry A. Kazakov" Newsgroups: comp.lang.ada Subject: Re: Discriminants or Constructor Function for Limited Types Date: Sun, 8 May 2022 20:00:15 +0200 Organization: Aioe.org NNTP Server Message-ID: References: <0b4ddd38-1f19-44fe-acd9-43a316ec9d29n@googlegroups.com> <7puf7h59k2e2ns66918i95s847na2b8num@4ax.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Injection-Info: gioia.aioe.org; logging-data="3535"; posting-host="esY63sJc+00ALEoUyxrwTg.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org"; User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.9.0 X-Notice: Filtered by postfilter v. 0.9.2 Content-Language: en-US Xref: reader02.eternal-september.org comp.lang.ada:63829 List-Id: On 2022-05-08 19:19, Doctor Who wrote: > On Sun, 8 May 2022 10:37:48 +0200, "Dmitry A. Kazakov" >> Note, that your code is already unsafe because nobody knows if >> Create_or_Open_Output always opens the file and because there is no >> guarantee that the file is closed, while the design >> >> declare >> Output_File : Some_File_Type; >> begin >> Write_Output (Output_File, Data); >> end; >> >> is 100% safe. > > Not in the case that your data space is exhausted, in that case > Write_Output will fail, because you have no checks of free space > before writing. Upon a write error an exception will propagate and Output_File will go out of the scope. The file will be closed and the exception will continue its way. This is a safe behavior. Randy's code is unsafe and requires catching and re-raising I/O exceptions in the client code. This is an illustration why exceptions should be allowed to propagate out of Finalize. When Finalize is used to close a handle this may fail and there is no way to retry inside Finalize. The choice in Ada is between aborting the program or sweeping the problem under the rug ignoring the problem. A more sane approach would be to propagate exception out of Finalize indicating the problem. -- Regards, Dmitry A. Kazakov http://www.dmitry-kazakov.de