Return to the
comp.compilers page.
Search the
comp.compilers archives again.
| From: | "Rodney M. Bates" <rodney.bates@wichita.edu> |
| Newsgroups: | comp.compilers |
| Date: | 5 Feb 2003 23:54:50 -0500 |
| Organization: | EarthLink Inc. -- http://www.EarthLink.net |
| References: | 03-01-065 03-01-070 03-01-126 03-01-164 03-01-169 03-01-172 |
| Keywords: | design |
| Posted-Date: | 05 Feb 2003 23:54:50 EST |
"John R. Strohm" wrote:
>
> "Rodney M. Bates" wrote:
> > Actually, this is somewhat of a time-bomb in Ada. On some cases, the
> > language specifies the actual parameter transmission mechanism. But in
> > some combinations of types and transmission modes, the language leaves
> > it up to the compiler writer whether to use reference or some
> > variation of copy in/out, etc. In the presence of non-local variable
> > references, aliasing, etc., this can affect program semantics.
>
> True. On the other hand, it is generally understood by now, thirty years
> after the Structured Programming Revolution, that non-local variable
> references and aliasing are Bad Things To Do.
>
> > If you write an Ada program that depends on which mechanism the
> > compiler chooses, the language defines your program as "erroneous",
> > which means you will not get any error message and whatever happens
> > is entirely your fault. I'm sure erroneousness is undecidable.
>
> One you allow non-local variable references in the presence of
> interrupts, for example, you are in a world of hurt, because it is
> impossible to say from one instant to the next what value a non-local
> variable might actually have, without examining EVERY line of code in
> the system that MIGHT touch that variable. You may write it in one
> line, and test it in the next, but in between the two an interrupt
> occurred and the interrupt handler had to change the state variable.
> (This may not be directly do-able in Ada, but the principle applies.)
>
> Observe that this makes it impossible to say that a procedure actually
> does what it claims to do, if one of the variables it uses can be
> trashed by someone else.
>
> The Gypsy language at UT Austin in the late 1970s (Ambler, Good, et
> al) was designed specifically to be formally verifiable. They did it
> the easy way, and outlawed aliasing and non-local references
> altogether. Every variable was local to some task, and tasks could
> only send messages through message buffers (FIFO queues protected by
> semaphores). The message buffers were built-in to the language, with
> semantics carefully defined.
All true. But the situation I was complaining about
1) Happens even in the absence of interrupts, other threads, etc., and
2) Can be fixed without outlawing aliasing or non-local references,
by just specifying in the langauge, what the parameter transmission
mechanism is.
--
Rodney M. Bates
Return to the
comp.compilers page.
Search the
comp.compilers archives again.