Re: integers of 1, 2, 4 bytes

[hreba <hreba@terra.com.br>]

On 06/15/2014 04:26 PM, Stefan.Lucks@uni-weimar.de wrote:
> On Sun, 15 Jun 2014, hreba wrote:
>
>> My Ada book says that range checks are applied to constrained subtypes
>> (like that one) but not to unconstrained subtypes, but but overflow
>> checks are applied nevertheless. So I came up with
>>
>>  type Int16 is range -32768 .. 32767;
>>  for Int16'Size use 16;
>>  type INT is new Int16'Base;
>
> If you *want* to get rid of range checks, there are pragmas to disable
> them. (Not that I would consider this a good idea at all ...). And I am
> not a language lawyer, but I claim that the Ada compiler will perform
> exactly the same range checks for INT, as it does for Int16 (see below).
>
> So please just use Int16 as defined in
>
> type Int16 is range -32768 .. 32767;
> for Int16'Size use 16;
>
> and disable range checking when and where you really need aggressively
> optimized codes (e.g., in the innermost loop ...).
>
> So why does Ada perform range checks for INT? The reason is that INT is
> not "unconstrained", but actually in the range INT'First .. INT'Last for
> some INT'First and INT'Last of the compilers choice. INT'First might be
> smaller than Int16'First, and INT'Last might exceed Int16'Last, but
> there are still ranges to be checked. And, given the Size attribute,
> there appears no choice for the compiler anyway: INT'FIRST=Int16'First
> and INT'Last=Int16'Last imply exactly the same range chekcs for INT as
> for Int16.
>
>> as a more efficient definition.
>
> If you have specific performance constraints, you should try to optimize
> specific subprograms or code fragments, e.g., by disabling range checks
> within the innermost loop or so.
>
>> Now it seems the range specification doesn't matter any more and that
>> I could equally write
>>
>>  type Int16 is range -1 .. 1;
>>  for Int16'Size use 16;
>>  type INT is new Int16'Base;
>>
>> Would you really define a 16 bit integer type this way?
>
> Firstly, this makes your program hard to read, so this is poor software
> engineering. Secondly, it does not do what you want it to do -- i.e., it
> does not omit the range checks. And finally, the Ada compiler has a
> great deal of freedom what Int16'Base actually is. While I find it hard
> to imagine that an Ada compiler for any target machine with 2-complement
> arithmetic would not set Int16'Base to the range -2**15 .. +2**15-1, the
> Ada compiler might still surprise you.
>
>> And how about non-negative types? Would the following have the values
>> 0 .. 255?
>
> Now for non-negative integers, there are modular types, which actually
> support arithmetic operations without range checking:
>
>    type Byte is mod 2**8;
>    for Byte'Size use 8;
>
> (And similar for 2- and 4-byte arithmetic ...)
>
>
> ------  I  love  the  taste  of  Cryptanalysis  in  the morning!  ------
>      <http://www.uni-weimar.de/cms/medien/mediensicherheit/home.html>
> --Stefan.Lucks (at) uni-weimar.de, Bauhaus-Universität Weimar, Germany--

In my response to Niklas' answer I explained in some more detail what I 
wanted. Now it is clear to me that my type definition does not do that.

Thanks for your comments about style and compiler freedom.
-- 
Frank Hrebabetzky		+55 / 48 / 3235 1106
Florianopolis, Brazil