From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=0.2 required=5.0 tests=BAYES_00,INVALID_MSGID, REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,113cbde0422b98e8,start X-Google-Attributes: gid103376,public From: smize@news.imagin.net (Samuel Mize) Subject: Re: Why no constraint error? Date: 1997/03/20 Message-ID: <5gs81q$114r@prime.imagin.net>#1/1 X-Deja-AN: 227103330 References: <5gs20s$2g11@prime.imagin.net> Organization: ImagiNet Communications Ltd, Arlington, Texas Reply-To: smize@imagin.net (Samuel Mize) Newsgroups: comp.lang.ada Date: 1997-03-20T00:00:00+00:00 List-Id: In article <5gs20s$2g11@prime.imagin.net>, Samuel Mize wrote: >The question is, why doesn't this code raise an exception when run >under GNAT? > > pragma Normalize_Scalars; > with Ada.Text_Io; > procedure Test_Subrange_Checks is > type T_Source is new Integer range 7 .. 10; > type T_Target is new Integer range 7 .. 10; -- identical ranges > > Source: T_Source; -- initialized out of range by Normalize_Scalars > Target: T_Target := 10; > begin > Target := T_Target (Source); -- no range check occurs!!!!!!!!!! > Ada.Text_Io.Put_Line (T_Target'Image (Target)); > end Test_Subrange_Checks; It turns out GNAT is right. (No big surprise.) I think I've found it. 13.9.1(9) defines invalid representations; it also states "The rules of the language outside this subclause assume that all objects have valid representations." So, the compiler can omit the range checks by assuming that the data is valid. Note that, in a similar case, an array reference can point to any arbitrary memory location (uninitialized scalar used as an array index). While I understand this from an efficiency point of view, I'd like it to be different. Whine, whine. One project I'm on is auto-converting a huge base of occam code to Ada, and a number of uninitialized integers are biting us in the tail. (don't start, we DON'T HAVE occam on our target machine) However, I now see how this optimization is allowed by the formal rules, so I'll live with it. One useful compiler option, it seems to me, would tell the compiler to NOT omit such checks in such cases -- to do explicitly all range checks. I'd love to be able to test some of this auto-generated garbage under such an option. Samuel Mize -- Samuel Mize -- smize@imagin.net -- Team Ada (personal net account)