From: Peter Chapin <PChapin@vtc.vsc.edu>
Subject: Re: Preconditions which anyway would be caught?
Date: Sat, 09 Aug 2014 18:57:23 -0400
Date: 2014-08-09T18:57:23-04:00 [thread overview]
Message-ID: <a9KdnWwppJzJOnvORVn_vwA@giganews.com> (raw)
In-Reply-To: <c4nglvFm5o1U1@mid.individual.net>
On 2014-08-09 17:04, Niklas Holsti wrote:
> Just to be a pedant: shouldn't that have some decimals on the literals:
>
> function Inverse(X : Float) return Float
> with Pre => (X /= 0.0) is
> begin
> return 1.0/X;
> end;
>
> In addition, is it really true that all Float numbers /= 0.0 can be
> inverted without error? What if X is a denormalized number which has
> suffered gradual underflow... won't its inverse overflow, because there
> is no concept of "gradual overflow" in IEEE floats?
I wondered about that also, in fact.
I just tried it with your corrections so it actually *does* compile.
Without any precondition SPARK 2014 complains that
overflow check might fail
divide by zero check might fail
With the precondition of X /= 0.0 SPARK says
overflow check might fail
However, this proves fine:
function Inverse(X : Float) return Float
with Pre => not(-1.0E-35 < X and X < +1.0E-35) is
begin
return 1.0/X;
end;
I didn't experiment to see how close to zero I could make the bounds in
the precondition but clearly your concern is a valid one.
Peter
next prev parent reply other threads:[~2014-08-09 22:57 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-09 15:35 Preconditions which anyway would be caught? Victor Porton
2014-08-09 15:40 ` mockturtle
2014-08-09 16:08 ` Jeffrey Carter
2014-08-09 19:21 ` Peter Chapin
2014-08-09 19:24 ` Peter Chapin
2014-08-09 21:04 ` Niklas Holsti
2014-08-09 22:57 ` Peter Chapin [this message]
2014-08-10 20:58 ` Niklas Holsti
2014-08-10 7:24 ` Dmitry A. Kazakov
2014-08-11 0:00 ` Shark8
2014-08-11 7:31 ` Dmitry A. Kazakov
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox