From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-0.9 required=5.0 tests=BAYES_00,FORGED_GMAIL_RCVD,
	FREEMAIL_FROM autolearn=no autolearn_force=no version=3.4.4
X-Google-Thread: 103376,834610f4f567e94b
X-Google-NewGroupId: yes
X-Google-Attributes: gida07f3367d7,domainid0,public,usenet
X-Google-Language: ENGLISH,ASCII-7-bit
Received: by 10.66.89.163 with SMTP id bp3mr3595644pab.6.1346793892415;
        Tue, 04 Sep 2012 14:24:52 -0700 (PDT)
Received: by 10.68.189.202 with SMTP id gk10mr1196282pbc.11.1346793892399;
 Tue, 04 Sep 2012 14:24:52 -0700 (PDT)
Path: 
 a8ni19134537pbd.1!nntp.google.com!r4no7026222pbs.0!postnews.google.com!glegroupsg2000goo.googlegroups.com!not-for-mail
Newsgroups: comp.lang.ada
Date: Tue, 4 Sep 2012 14:24:52 -0700 (PDT)
In-Reply-To: <878vcplet2.fsf@mid.deneb.enyo.de>
Complaints-To: groups-abuse@google.com
Injection-Info: glegroupsg2000goo.googlegroups.com;
 posting-host=69.20.190.126;
 posting-account=lJ3JNwoAAAAQfH3VV9vttJLkThaxtTfC
NNTP-Posting-Host: 69.20.190.126
References: <5045278b$0$6576$9b4e6d93@newsspool3.arcor-online.net>
 <878vcplet2.fsf@mid.deneb.enyo.de>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <75dd01c2-0b05-4df0-8425-c4848733d819@googlegroups.com>
Subject: Re: Hi-Lite high integrity showcase and overflow errors
From: Shark8 <onewingedshark@gmail.com>
Injection-Date: Tue, 04 Sep 2012 21:24:52 +0000
Content-Type: text/plain; charset=ISO-8859-1
Date: 2012-09-04T14:24:52-07:00
List-Id: <comp.lang.ada>

On Tuesday, September 4, 2012 2:21:30 PM UTC-6, Florian Weimer wrote:
> * Georg Bauhaus:
> 
> > Or am I just incorrectly assuming thing and X * Y will make the tools
> > complain fiercely about possible overflow?
> 
> The base range of My_Int could be sufficiently large so that the
> multiplication wouldn't overflow, ever.  In this regard, integer types
> aren't very portable.
> 
> On your architecture, you might see different behavior if My_Int is
> defined like this:
> 
>    type My_Int is range 0 .. 40_000;
> And the check is performed against 40_000 as well.

Right; both checks are needed.

> Eventually, you'll have to accept that a lot of Ada marketing material
> is poorly prepared at best, and downright intellectually dishonest at
> worst.  This is rather sad.

It is. Of course I think it'd be a lot nicer if the material were commented 'like' my presented code (i.e. problem and solution described) -- simply describing what's happening can reveal a lot of problems that you never thought about initially.