From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00, REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4 Path: border1.nntp.ams3.giganews.com!border1.nntp.ams2.giganews.com!border3.nntp.ams.giganews.com!border1.nntp.ams.giganews.com!nntp.giganews.com!de-l.enfer-du-nord.net!feeder1.enfer-du-nord.net!feeder2.enfer-du-nord.net!gegeweb.org!aioe.org!.POSTED!not-for-mail From: "Dmitry A. Kazakov" Newsgroups: comp.lang.ada Subject: Re: Range check for type 'Integer' Date: Mon, 17 Jun 2013 14:46:01 +0200 Organization: cbb software GmbH Message-ID: <1dluwngkho440.1h1scdl5ues6f$.dlg@40tude.net> References: <7f33982d-3bcf-452e-a3b3-3a0a28505ff1@x20g2000vbe.googlegroups.com> Reply-To: mailbox@dmitry-kazakov.de NNTP-Posting-Host: IenaDxMXK2hi7fvYcb+MlQ.user.speranza.aioe.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Complaints-To: abuse@aioe.org User-Agent: 40tude_Dialog/2.0.15.1 X-Notice: Filtered by postfilter v. 0.8.2 X-Original-Bytes: 2222 Xref: number.nntp.dca.giganews.com comp.lang.ada:181885 Date: 2013-06-17T14:46:01+02:00 List-Id: On Mon, 17 Jun 2013 03:57:26 -0700 (PDT), Peter Brooks wrote: > Exactly the same program, but using type 'Integer' instead for 'fred' > gives: [...] > So the 'Integer' has rolled over to negative and then rolled back to 0 > - but with no run-time error. > > Why is there no range check error on type Integer? Because you didn't compiled it using -gnato. Integer is a build-in type for which GNAT uses raw machine instructions. Possibly the decision not to add checks was motivated by [wrong] premises of optimization for speed. AdaCore was continuously blamed for that. Anyway, when you use a user-defined type, GNAT is forced to add checks because its range is narrower than the range of the machine type. This is why the behavior changes when you use your type vs. Integer WITHOUT -gnato. The same would happen if you used Positive because it is narrower than Integer. A similar case is represented by floating-point numbers. If you want (and you should) to kill IEEE non-numbers on a machine that is natively IEEE, you would use a type like type Sane_Number is new Float range Float'Range; It looks like Float, but it is not. Sane_Number behaves as a proper number (raise exception) where Float would produce garbage (NaN etc). -- Regards, Dmitry A. Kazakov http://www.dmitry-kazakov.de