From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: f849b,b8d52151b7b306d2
X-Google-Attributes: gidf849b,public
X-Google-Thread: 103376,a00006d3c4735d70
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2003-12-28 14:56:30 PST
Message-ID: <3fef5f9b_2@mk-nntp-1.news.uk.worldonline.com>
From: Ian Bell <ian@ruffrecordsDOTworldonline.co.uk>
Subject: Re: Certified C compilers for safety-critical embedded systems
Newsgroups: comp.arch.embedded,comp.lang.ada
Followup-To: comp.arch.embedded
Date: Sun, 28 Dec 2003 22:59:20 +0000
References: <3fe00b82.90228601@News.CIS.DFN.DE> <3FE026A8.3CD6A3A@yahoo.com>
 <$km9afA3DB7$EAYO@phaedsys.demon.co.uk>
 <bcEFNEK9esyI@eisner.encompasserve.org>
 <p$OIcVFWHL7$EA6t@phaedsys.demon.co.uk>
 <wccekur4151.fsf@shell01.TheWorld.com>
 <Xns945DE49836882jimmaureenrogers@204.127.36.1>
 <3feda44e_3@mk-nntp-1.news.uk.worldonline.com>
 <x7vekuq6wdw.fsf@smaug.pushface.org>
 <3fedbbf0_3@mk-nntp-1.news.uk.worldonline.com>
 <bsktoq$id1$1@a1-hrz.uni-duisburg.de>
Organization: REMAP
User-Agent: KNode/0.7.2
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7Bit
NNTP-Posting-Host: dial-62-64-200-181.access.uk.tiscali.com
X-Trace: 28 Dec 2003 22:56:28 GMT, dial-62-64-200-181.access.uk.tiscali.com
Path: 
 archiver1.google.com!news2.google.com!news.maxwell.syr.edu!newsfeed.icl.net!newsfeed.fjserv.net!colt.net!kibo.news.demon.net!demon!mk-nntp-1.news.uk.worldonline.com!dial-62-64-200-181.access.uk.tiscali.com
Xref: archiver1.google.com comp.arch.embedded:6240 comp.lang.ada:3901
Date: 2003-12-28T22:59:20+00:00
List-Id: <comp.lang.ada>

Georg Bauhaus wrote:

> In comp.lang.ada Ian Bell <ian@ruffrecordsdotworldonline.co.uk> wrote:
> :> You mean as in
> :> 
> :>   type my_index is range 0 .. some_variable;
> :> 
> :> -- yes, Ada compilers will perform the check.
> :> 
> : 
> : That was not what I had in mind and seems to me to be rather dodgy code.
> :  i was thinking more of the return value of some function being used as
> : an index to the array.
> 
> That should depend on what the compiler can find out about the
> function.  For example, if there is "type Index is range 0..359;",
> then if a function is specified to return values of a constrained
> subtype of Index ranging from 0..179, and a buffer has been allocated for
> some Index subtype's values ranging from 180..359, the compiler will
> warn if you use the function's values as indices to the array,
> _although_ in C terms the array index values and the function return
> values are indistinguishable (both unsigned shorts for example).

So are you basically saying that Ada requires the function return type to be
bounded and can simply check this against the array bound?

Ian