From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: *** X-Spam-Status: No, score=3.8 required=5.0 tests=BAYES_00,INVALID_MSGID, RATWARE_MS_HASH,RATWARE_OUTLOOK_NONAME autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,7fd5a5da28dace78 X-Google-Attributes: gid103376,public From: "Stuart Hutchesson" Subject: Re: Renaming Fixed Point Mutiplicative operator in Ada 95 Date: 1998/05/22 Message-ID: <01bd8589$5fa05a00$440029a1@m00rq900>#1/1 X-Deja-AN: 355540061 References: <3561F32B.2F0B@innotts.co.uk> <01bd84c3$47215d60$440029a1@m00rq900> Newsgroups: comp.lang.ada Date: 1998-05-22T00:00:00+00:00 List-Id: Robert Dewar wrote in article ... > > > Incidentally, in a critical system, I would jolly well hope that EITHER > > a) you prove that division by zero cannot happen > > or > > b) you test for it explicitly > > if z = 0 then > .... > else > a := y /z; > end if; > If you are suggesting that all divisions are guarded by a test for denonimator non-zero - then wouln't the most obvious place for that test be within the division operator itself! Otherwise you have a massive review/verification effort to check that all divisions are guarded! If it is inside the operator then that test is done once. Also there is the question of the code that has to be placed inside the "if" side of the check. Plus you have to consider all the other guards that have to be placed around both multipy and divide operations for overflow of the destination type etc. The neatest and most cost-effective solution is to put them inside an overridden operator. (BTW - the example you gave in your previous posting of surrounding the operation with an exception handler is banned by SPARK Ada.....)