From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: a07f3367d7,a97feceab5b57877 X-Google-Attributes: gida07f3367d7,public,usenet X-Google-NewGroupId: yes X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news2.google.com!news1.google.com!news.glorb.com!newsfeed1.swip.net!newsfeed1.funet.fi!newsfeeds.funet.fi!feeder1.news.saunalahti.fi!feeder2.news.saunalahti.fi!fi.sn.net!newsfeed2.tdcnet.fi!news.song.fi!not-for-mail Date: Wed, 29 Jul 2009 22:14:44 +0300 From: Niklas Holsti Organization: Tidorum Ltd User-Agent: Mozilla-Thunderbird 2.0.0.22 (X11/20090706) MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: Re: Saturation arithmetic woes. References: <1a16b458-0201-4320-9787-2836ed58f991@e27g2000yqm.googlegroups.com> In-Reply-To: <1a16b458-0201-4320-9787-2836ed58f991@e27g2000yqm.googlegroups.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Message-ID: <4a709faf$0$6282$4f793bc4@news.tdc.fi> NNTP-Posting-Host: 81.17.205.61 X-Trace: 1248894895 news.tdc.fi 6282 81.17.205.61:42337 X-Complaints-To: abuse@tdcnet.fi Xref: g2news2.google.com comp.lang.ada:7423 Date: 2009-07-29T22:14:44+03:00 List-Id: In addition to the replies from Martin and Dmitry regarding the absence of a "+" operator for Discrete_Type, I would like to comment on the logic of your saturated-"+": xorque wrote: > package body Saturation is > > function "+" > (Left : Saturated_Type; > Right : Saturated_Type) return Saturated_Type > is > Temp_Left : constant Discrete_Type := Discrete_Type (Left); > Temp_Right : constant Discrete_Type := Discrete_Type (Right); > begin > if Temp_Left + Temp_Right > Discrete_Type'Last then Depending on the actual type associated with Discrete_Type (and assuming you use the predefined "+" for that type), you risk getting an overflow on Temp_Left + Temp_Right. If you have overflow checks disabled (as Gnat has by default) the sum may "wrap around" and seem to be less than Discrete_Type'Last, giving you the wrong result. If you have overflow checks enabled, you get a Constraint_Error instead of Discrete_Type'Last. Ditto for underflow and Discrete_Type'First. One option is to have two formal types, one that defines the range for saturation (as Discrete_Type in your code) and another that is wide enough to compute the sum of Left and Right without under- or overflow. If the other type is called Wide_Type, you could then replace Temp_Left and Temp_Right with Sum : constant Wide_Type := Wide_Type (Left) + Wide_Type (Right); which would simplify your code a bit. Or just write one expression: return Discrete_Type ( Wide_Type'Min (Wide_Type (Discrete_Type'Last), Wide_Type'Max (Wide_Type (Discrete_Type'First), Wide_Type (Left) + Wide_Type (Right)))); That assumes that the formal Wide_Type is defined as an integer type, not just as any discrete type. HTH, -- Niklas Holsti Tidorum Ltd niklas holsti tidorum fi . @ .