From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: a07f3367d7,a568c3c1e0be03bf X-Google-Attributes: gida07f3367d7,public,usenet X-Google-NewGroupId: yes X-Google-Language: ENGLISH,ASCII-7-bit Received: by 10.205.134.138 with SMTP id ic10mr473122bkc.8.1339703158854; Thu, 14 Jun 2012 12:45:58 -0700 (PDT) Path: e27ni48464bkw.0!nntp.google.com!news1.google.com!news3.google.com!feeder1.cambriumusenet.nl!feed.tweaknews.nl!195.62.100.242.MISMATCH!newsfeed.kamp.net!newsfeed.kamp.net!eternal-september.org!feeder.eternal-september.org!mx04.eternal-september.org!.POSTED!not-for-mail From: Simon Wright Newsgroups: comp.lang.ada Subject: Re: Streams and abnormality Date: Tue, 12 Jun 2012 18:32:00 +0100 Organization: A noiseless patient Spider Message-ID: References: <9cd8589d-e8c1-402e-822e-d57aac39948e@googlegroups.com> Mime-Version: 1.0 Injection-Info: mx04.eternal-september.org; posting-host="VkRmmmXzMj956AdxXtqrqg"; logging-data="21856"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18D8QIY2P99K74jVoSy7LF38c0t/nqjdpM=" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.4 (darwin) Cancel-Lock: sha1:EaYX7OjGQLRJ9FukGvUyyzNU2wI= sha1:VyeSSYZO8pKhXsIXGRypYL4wGNc= Content-Type: text/plain; charset=us-ascii Date: 2012-06-12T18:32:00+01:00 List-Id: Adam Beneschan writes: > On Tuesday, June 12, 2012 2:31:17 AM UTC-7, Simon Wright wrote: >> Using this code with GCC 4.6, 4.7 and GNAT GPL 2011, >> >> Str : aliased {a child of Root_Stream_Type}; >> subtype Short_Int is Integer range 0 .. 42; >> S : Short_Int; >> begin >> Integer'Output (Str'Access, -1); >> S := Short_Int'Input (Str'Access); >> Put_Line (S'Img & " " & S'Valid'Img); >> >> I get the output " 63 FALSE". >> >> My reading of AARM05 13.9.1(4..6) [1] is that - because S is a scalar >> object - S should not have been allowed to become abnormal; I think >> that, instead, some exception (Constraint_Error? Data_Error?) should >> have been raised. >> >> [1] http://www.adaic.org/resources/add_content/standards/05aarm/html/AA-13-9-1.html > > You're right; it should have raised Constraint_Error, but I think it > has nothing to do with 13.9.1, because Short_Int'Input is defined to > return a value of type Short_Int'Base, not Short_Int (13.13.2(23), > which actually says Short_Int'Input returns the *type* T of which > Short_Int is a subtype, but I think that's the same thing). Thus, in > a normal situation, the result of Short_Int'Input *cannot* be an > invalid value, because (if Integer'Size = 16) then 16 bits will be > read from the stream, and all possible 16-bit bit patterns are valid > values of Short_Int'Base. I don't see anything in 13.13.2 that says > the function result of ST'Input is checked against the constraints > defined for subtype ST. The Constraint_Error should occur during the > assignment, when the value of the expression (of type S'Base) needs to > be constraint-checked before assigning into S, just as it would if > *any* function returning Integer appeared on the right side of the > assignment. > > After rereading 13.9.1, though, I think it's wrong to suppose that > there's a dichotomy between "abnormal" and "must raise an exception". > 13.9.1 appears to define two different concepts, abnormal objects and > objects with invalid representation. A scalar object can have invalid > representation without being abnormal, and this condition could be > produced by stream operations, such as T'Input where T is an > enumeration type. It looks like the main difference between "abnormal > objects" and "scalars with invalid representation" is that the latter > is a "bounded error" and there is more definition about what programs > are required to do with scalars to ensure they don't make a huge mess. > But raising an exception isn't required. Thanks, Dennis & Adam. I think Dennis is right; there's no explicit statement of what checks are made for a bare scalar, but AARM05 13.13.2(35)[1] says that scalar *components* are only checked if they are discriminants or if the component_declaration has a default_expression. Looking at the AI[2], I must say I don't see quite where the "discriminants or if the component_declaration has a default_expression" comes from. It looks to me as though this should have read "discriminants whose component_declaration has a default_expression" (see !summary 7). With GNAT, -gnatVc (turn on validity checking for copies) catches the problem in my code. [1] http://www.adaic.org/resources/add_content/standards/05aarm/html/AA-13-13-2.html [2] http://www.ada-auth.org/cgi-bin/cvsweb.cgi/ais/ai-00195.txt?rev=1.33