From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,b2923d60cb81694b X-Google-Attributes: gid103376,public X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news4.google.com!border1.nntp.dca.giganews.com!nntp.giganews.com!newsfeed00.sul.t-online.de!t-online.de!newsfeed.freenet.de!news.albasani.net!news.ecp.fr!news.jacob-sparre.dk!pnx.dk!not-for-mail From: "Randy Brukardt" Newsgroups: comp.lang.ada Subject: Re: Unsigned Integer Restraint Errors Date: Mon, 12 Mar 2007 22:00:23 -0500 Organization: Jacob's private Usenet server Message-ID: References: <1173712032.183064.264340@8g2000cwh.googlegroups.com> <1173726806.656979.305660@8g2000cwh.googlegroups.com> NNTP-Posting-Host: static-69-95-181-76.mad.choiceone.net X-Trace: jacob-sparre.dk 1173758328 11894 69.95.181.76 (13 Mar 2007 03:58:48 GMT) X-Complaints-To: news@jacob-sparre.dk NNTP-Posting-Date: Tue, 13 Mar 2007 03:58:48 +0000 (UTC) X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.2800.1807 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1807 Xref: g2news1.google.com comp.lang.ada:14504 Date: 2007-03-12T22:00:23-05:00 List-Id: "Jeffrey R. Carter" wrote in message news:BFoJh.14542$PF.8157@attbi_s21... > Randy Brukardt wrote: > > > > Ada has signed, checked integers, and unsigned, unchecked integers. It > > doesn't have unsigned, checked integers. That omission is only a problem if > > you need checked, maximum range unsigned integers; usually, you should just > > use an appropriate signed integer type: > > From one point of view, Ada has signed, checked integers: > > type Signed_Checked_Byte is range -128 .. 127; Yes. > unsigned, checked integers: > > type Unsigned_Checked_Byte is range 0 .. 255; > for Unsigned_Checked_Byte'Size use 8; > > (with the limitation that the upper bound can't exceed System.Max_Int, > which is generally < System.Max_Binary_Modulus - 1); Yes; I explained this. System.Max_Int is usually approximately System.Max_Binary_Modulus/2, which means that there may be some programs that can't use this technique. (Doesn't seem that likely, though.) > signed, unchecked integers: > > type Signed_Unchecked_Byte is range -128 .. 127; > pragma Suppress (Overflow_Check, On => Signed_Unchecked_Byte); These aren't unchecked in any useful sense: (1) The On parameter to Suppress is an obsolescent feature in Ada (*); it was so poorly defined that we gave up on it. (2) In any case, Suppress is a suggestion to the compiler; there is no requirement that checks are actually suppressed. A lot of compilers ignore some or all "On" parameters. (3) A violation of a suppressed check makes a program erroneous; whereas a modular type has defined behavior. Thus any program that has correctness concerns can't really use this technique (you can't verify a program that includes erroneous execution, because *anything* can happen). The only time this is legitimate is if there are known (or proved) to be no checking failures in the program: but then there is by definition no difference between checked and unchecked numbers. > and unsigned, unchecked integers: > > type Unsigned_Unchecked_Byte is mod 256; > > It seems odd that we use a different syntax for 1 of the 4 (yes, I > understand that the implications of modular types go beyond the lack of > overflow checks). And the supposedly unchecked signed type is not unchecked in any useful way...the only difference might be to remove code generated to make checks, and that isn't even guaranteed. Randy. (*) ISO published the Amendment on March 9th. So Ada 95 is now obsolete...and "Ada" includes the Amendment.