Re: Why no constraint error?

[smize@news.imagin.net (Samuel Mize)]

In article <5gs20s$2g11@prime.imagin.net>,
Samuel Mize <smize@imagin.net> wrote:
>The question is, why doesn't this code raise an exception when run
>under GNAT?
>
>    pragma Normalize_Scalars;
>    with Ada.Text_Io;
>    procedure Test_Subrange_Checks is
>        type T_Source  is new Integer range 7 .. 10;
>        type T_Target is new Integer range 7 .. 10; -- identical ranges
>
>        Source: T_Source; -- initialized out of range by Normalize_Scalars
>        Target: T_Target := 10;
>    begin
>        Target := T_Target (Source);  -- no range check occurs!!!!!!!!!!
>        Ada.Text_Io.Put_Line (T_Target'Image (Target));
>    end Test_Subrange_Checks;


It turns out GNAT is right.  (No big surprise.)

I think I've found it.  13.9.1(9) defines invalid representations;
it also states "The rules of the language outside this subclause
assume that all objects have valid representations."

So, the compiler can omit the range checks by assuming that
the data is valid.

Note that, in a similar case, an array reference can point to
any arbitrary memory location (uninitialized scalar used as
an array index).

While I understand this from an efficiency point of view, I'd
like it to be different.  Whine, whine.  One project I'm on is
auto-converting a huge base of occam code to Ada, and a number
of uninitialized integers are biting us in the tail.
(don't start, we DON'T HAVE occam on our target machine)

However, I now see how this optimization is allowed by the
formal rules, so I'll live with it.

One useful compiler option, it seems to me, would tell the
compiler to NOT omit such checks in such cases -- to do
explicitly all range checks.  I'd love to be able to test
some of this auto-generated garbage under such an option.

Samuel Mize

-- 
Samuel Mize -- smize@imagin.net -- Team Ada
(personal net account)