Initialization of opaque fields with unknown size

[jklmnn]

Context and Problem Statement

Currently the only way to initialize opaque fields in the spec is to either use a static aggregate or a function. While the static aggregate works well when the size is known sometimes it's required to zero-initialize an opaque field whose size is not known statically. In this case the only way to initialize this field is by using a function.

Use Cases

Zero-initialization of fields with a dynamic size that are modified later (e.g. a signature or hash).

Considered Options

O1

Using others to match whatever size the opaque field has with a static value.

Opaque_Field := [others => 0];

+ Close to Ada syntax + Allows custom values for all bytes − Only allows a single value for all bytes

O2

Using a range assignment:

Opaque_Field := [1 .. 8 => 255, 9 .. Opaque_Field_Length => 0];

+ Close to Ada syntax + More flexible in terms of different initial values for different ranges − Always requires the length to be known via a variable − Additional non-overlap checks necessary

O3

Using an reset aspect:

Opaque_Field'Reset (Opaque_Field_Length, 0);

+ Consistent to other Reset aspects such as for messages and sequences − Less flexible as it only allows a single value to be set − Always requires the length to be known via a variable

Decision Outcome

O1

[senier]

@jklmnn Would you allow multiple ranges in O2? If so, could please you add an example for that? In that case, a drawback would also be additional checks necessary to ensure non-overlap.

[jklmnn]

I updated O2.