From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00
	autolearn=unavailable autolearn_force=no version=3.4.4
Path: 
 eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!mx02.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Simon Wright <simon@pushface.org>
Newsgroups: comp.lang.ada
Subject: Generic formals and Aspects
Date: Fri, 17 Oct 2014 14:17:35 +0100
Organization: A noiseless patient Spider
Message-ID: <lya94ultsg.fsf@pushface.org>
Mime-Version: 1.0
Content-Type: text/plain
Injection-Info: mx02.eternal-september.org;
 posting-host="110351425d23d895aa4e17b47c8a8886";
	logging-data="7227"; mail-complaints-to="abuse@eternal-september.org";
	posting-account="U2FsdGVkX18IxoYYhdt2uIUDIyzYFIFFRfxxa9Rnv7A="
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (darwin)
Cancel-Lock: sha1:jwyzhACyUxZ/iFmfYygSwMFPBc0=
	sha1:H26qyIKHbNVCcbUFmVSzCUtW0Uw=
Xref: news.eternal-september.org comp.lang.ada:22547
Date: 2014-10-17T14:17:35+01:00
List-Id: <comp.lang.ada>

Recently on StackOverflow there was a question[1] about clamping a value
to a range.

The answer, so far, suggests a generic:

   generic
      type Source_Type is range <>;
      type Destination_Type is range <>;
   function Saturate (X : Source_Type) return Destination_Type;

with discussion about what happens if Destination_Type'Range is not a
subset of Source_Type'Range.

I see in AARM 13.1.1(4.b)[2] that a formal_type_declaration is allowed to
include an aspect specification, so tried

   generic
      type Source_Type is range <>
        with Static_Predicate =>
          Long_Long_Integer (Destination_Type'First)
            >= Long_Long_Integer (Source_Type'First)
          and Long_Long_Integer (Destination_Type'Last)
            <= Long_Long_Integer (Source_Type'Last);
      type Destination_Type is range <>;
   function Saturate (X : Source_Type) return Destination_Type;

but GNAT (4.9.1, GPL 2014) said that Static_Predicate wasn't allowed
(nor was Dynamic_Predicate).

Predicate (GNAT-special?) was allowed, but had no effect: I was able to
instantiate with

   type Source is new Integer range 10 .. 20;
   type Destination is new Integer range 30 .. 40;


(a) what aspects are/should be allowed in a formal_type_declaration?

(b) how to write the generic to prevent this sort of mistake at compile
    time? (easy enough to get a runtime CE).

[1] http://stackoverflow.com/questions/26390135/can-i-clamp-a-value-into-a-range-in-ada
[2] http://www.ada-auth.org/standards/12aarm/html/AA-13-1-1.html#p4.b