Re: Typing in Ada

["Robert I. Eachus" <rieachus@comcast.net>]

Wes Groleau wrote:

> In a way, you are correct.  But why must we put
> so much effort into preventing behavior that is
> not prohibited just because it is not required?
> 
> Does the specification say ... ?
>   "The program shall not tolerate apple counts higher than 100"
> 
> Did some domain expert persuade the programmers that 101 apples
> was not reasonable?
> 
> In other words, when a specification says
> "A count of 100 must be supported,"  the
> programmers should NOT mentally rewrite it
> to "Counts larger than 100 must not be supported."

There are two issues here.  The first I just posted about.  If the 
requirements document is meaningful and maintained, the question about 
101 Apples needs to get asked, and answered.

Second, when the answer is that it should be read as "Count at least 100 
Apples," then the following coding "trick" is very useful:

type Required_Apples is range 0..100; -- 1..100 was pretty dodgy too...
type Apple is range 0..Required_Apples'Base'Last;

That allows software range checking to be omitted at least on the upper 
bound, and the real upper bound is set to whatever the hardware supports 
for the type chosen by the compiler for Required_Apples.

It also makes clear what the requirement being satisfied is.

Incidently you can vary this technique and make either Required_Apples a 
subtype of some integer type, or make Apples a subtype of 
Required_Apples.  There are cases when one or the other is more appropriate.


-- 

                                           Robert I. Eachus

"The terrorists rejoice in the killing of the innocent, and have 
promised similar violence against Americans, against all free peoples, 
and against any Muslims who reject their ideology of murder. Their 
barbarism cannot be appeased, and their hatred cannot be satisfied. 
There's only one way to deal with terror: We must confront the enemy and 
stay on the offensive until these killers are defeated." -- George W. Bush