Re: Concerning subscript bounds checks

[ok@goanna.cs.rmit.EDU.AU (Richard A. O'Keefe)]

I wrote
>    subtype Simplex_Range is Natural range 0 .. Point'Length;
:    P: "array (Simplex_Range) of ..."
:    Y: "array (Simplex_Range) of ..."
:    X: Point;
:    J: Simplex_Range;
:    ...
:    J := 0;            -- at the start, J = Simplex_Range'First
:    for I in X'Range loop
:       ...
:       P(J) := ...
:       Y(J) := ...
:       J := J + 1;
:    end loop;          -- at the end, J = Simplex_Range'Last
:    P(J) := ...
:    Y(J) := ...
:end;
>A reasonably smart compiler should be able to tell that these four
:subscripts are also safe.

joeuser@satcom.whit.org (joeuser) writes:

>You would be better off to use I as your index and not J.  (and it would work 
>too.)  Here is why.

No, it would NOT work.  I and J *HAVE DIFFERENT TYPES*.
J has type Simplex_Range, which is the index range for Simplex.
I has type Point'Range,   which is the index range for Point.
They are simply different types.  For example, in one use of this
function,
	Point'Range is -1 .. +1
	Simplex_Range is 0 .. 3

>What happens the first time through this loop?
>I=0
>J=0

WRONG!  THe first time through the loop, I is Point'First, which
could be *anything*, and in none of my uses of this procedure is
it zero.  Most of the time it's 1, but one example used -1.


>BUT guess what!!!!
>J:=J+1;

>That means that when I=X'Last
>J will become X'Last+1

Completely wrong.  When I = X'Last, J will be Y'Last-1.

>This basically equates to Simplex_Range'Last+1
>                 Hence-----> your constraint error

But I haven't *GOT* any constraint error.

>J is now out of all it's possible ranges (and the ranges for the subscripts 
>for both P and Y.

>Is Point a string????
No it isn't.  It's a point in Euclidean N-space.

>I love to bitch at the compilers too, but they are never wrong.  They cannot 
>be wrong because they meet their standards.  Now WE have to meet theirs.

But I *wasn't* bitching at the compiler,
it *wasn't* making any mistake,
and *neither was I*.


For what it's worth, I had great trouble figuring out how to write that
loop.  This is the simplex construction phase of nelder-mead.  The basic
idea is
	for J from P'First as I in Basis_Vector'Range loop
	    P(J) := Origin + Delta * Basis_Vector(I);
	    Y(J) := Funct(P(J));
	end loop;
	P(P'Last) := Origin;
	Y(P'Last) := F(P(P'Last));

In Algol, Fortran, or PL/I it wouldn't be much of a problem:
if Basis_Vector'Range is L..U, take P'Range to be L..U+1.
However, in Ada, U+1 may not exist.  For example,
	type Coord is (X,Y,Z);
	type Point is array (Coord) of Float;
So Simplex_Range has to be some other type.  The obvious thing was
	subtype Simplex_Range is Natural range 0 .. Point'Length;
(note that not only is the first value of I in this case not zero,
it isn't even a number).  The next obvious thing is

	for I in Point'Range loop
	    let J be Simplex_Range'Val(
		Point'Range'Pos(I) - Point'Range'Pos(Point'Range'First))
	    P(J) := ...
	
However, I couldn't figure out any way to code that conversion from I to J.
(The immediate problem is that Point'Range is a _range_, not a _(sub)type_,
so Point'Range'Pos is inexpressible.)

-- 
Fifty years of programming language research, and we end up with C++ ???
Richard A. O'Keefe; http://www.cs.rmit.edu.au/~ok; RMIT Comp.Sci.