Re: Don't we already have a 'Valid? (was Re: Unchecked_Conversion...)

[scifi!hawnews.watson.ibm.com!yktnews.watson.ibm.com!ncohen@uunet.uu.net (Norman H. Cohen)]

Some clarifications: 

1. Thanks to Ben Brosgol has pointed out to me (in private
   correspondence) that I muffed the syntax of the 'Valid attribute: 
   It's not subtype'Valid(object), but object'Valid.

2. The tinkering I claimed was necessary concerned an assertion in the
   ANNOTATED Ada 9X Reference Manual that it is a ramification of rules
   in the 9X Reference Manual itself that an unchecked conversion
   is erroneous if it produces an invalid value of the target type, i.e.,
   that the very act of performing the unchecked conversion can render
   all subsequent execution unpredictable, regardless of how that value
   is used.  I don't believe this is the intent of the Revision Team.
   My guess is that the assertion in the ANNOTATED Reference Manual is
   false, i.e., this unwanted property is NOT really a ramification of
   rules in the Reference Manual.  In this case the only needed tinkering
   would be with the annotations describing the proposed standard, not
   with the proposed standard itself.

3. Like Robert Eachus (if I understand his post correctly), I believe
   that the best solution would have been an attribute like

      target_subtype'Would_Be_Valid(source_object)

   indicating without performing the unchecked conversion of
   source_object to target_subtype whether the bits of source_object are
   a valid representation of a value of target_subtype.  This provides a
   convenient way for the programmer to validate untrustworthy data
   without ever constructing invalid values.  (I'm sure there is a better
   name, but Would_Be_Valid conveys my intent.)

--
Norman H. Cohen    ncohen@watson.ibm.com