From: Simon Wright <simon@pushface.org>
Subject: Re: Unconstrained base subtype questions
Date: Thu, 31 Mar 2011 22:18:29 +0100
Date: 2011-03-31T22:18:29+01:00 [thread overview]
Message-ID: <m2y63vng4a.fsf@pushface.org> (raw)
In-Reply-To: in2nv8$v3e$1@dont-email.me
"Alex Mentis" <foo@invalid.invalid> writes:
> The following does not cause a constraint error in my version of GNAT
> on my system:
>
> ...
>
> Integer_Result := (Integer'Last + Integer'Last) / 2;
>
> ...
>
>
> If I understand correctly, this is because the Integer operators are
> defined for operands of type Integer'Base, which is an unconstrained
> subtype and allows the operands to be stored in extended-length
> registers so that intermediate values in calculations do not overflow.
>
> My questions are:
>
> 1) Do I understand correctly what's going on?
>
> 2) Does the language make any guarantees about preventing spurious
> overflow, or am I just getting lucky with my compiler/architecture? If
> guarantees are made by the language, what are they?
That's a compile-time calculation, and any Ada compiler should work it
out using infinite-precision arithmetic.
with Ada.Text_IO; use Ada.Text_IO;
procedure Very_Large is
Integer_Result : Integer;
begin
Integer_Result := 10**128 / 10**127;
Put_Line (Integer'Image (Integer_Result));
end Very_Large;
$ gnatmake very_large.adb
gcc -c very_large.adb
gnatbind -x very_large.ali
gnatlink very_large.ali
$ ./very_large
10
As against
with Ada.Text_IO; use Ada.Text_IO;
procedure Very_Large is
Integer_Result : Integer;
begin
Integer_Result := Integer'Last;
Integer_Result := Integer_Result + Integer'Last;
Integer_Result := Integer_Result / 2;
Put_Line (Integer'Image (Integer_Result));
end Very_Large;
$ gnatmake very_large.adb
gcc -c very_large.adb
very_large.adb:6:37: warning: value not in range of type "Standard.Integer"
very_large.adb:6:37: warning: "Constraint_Error" will be raised at run time
gnatbind -x very_large.ali
gnatlink very_large.ali
$ ./very_large
raised CONSTRAINT_ERROR : very_large.adb:6 overflow check failed
Note that the compiler knew that was going to happen. If the overflow
wasn't visible at compile time, you'd have to tell GNAT to perform
run-time integer overflow checks using -gnato. Other compiler writers
may have different views about whether run-time integer overflow checks
should be off by default :-)
next prev parent reply other threads:[~2011-03-31 21:18 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-31 20:25 Unconstrained base subtype questions Alex Mentis
2011-03-31 21:09 ` Ludovic Brenta
2011-03-31 21:26 ` Alex Mentis
2011-03-31 21:36 ` Ludovic Brenta
2011-03-31 22:18 ` Adam Beneschan
2011-03-31 21:10 ` Adam Beneschan
2011-03-31 21:18 ` Simon Wright [this message]
2011-03-31 21:24 ` Randy Brukardt
2011-03-31 21:51 ` Alex Mentis
2011-04-01 8:20 ` Dmitry A. Kazakov
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox