Should be getting a constraint error in this code

Should be getting a constraint error in this code

[Keith Boruff]

Hey all,

Forgive me for posting such a trivial problem here but I couldn't seem 
to find an answer in any of the FAQs I know of nor DejaNews.

Though I'm not a novice programmer, I am a novice Ada programmer.

In my studies this evening, I wrote the following trivial program to 
force a constraint error:

with Ada.Text_Io; use Ada.Text_Io;

procedure Constraint_Tests is

   type Exam_Mark is range 0 .. 100;

   English   : Exam_Mark := 72;
   Math      : Exam_Mark := 68;
   Computing : Exam_Mark := 76;
   Average   : Exam_Mark;

begin

  Put("Average exam mark is ");

  -- I expect a constraint exception in this statement
  -- because English + Math + Computing > 100
  -- NOTE: On my machine, Exam_Mark'Base'Last = 127
  Average := (English + Math + Computing) / 3;
  Put_line(Exam_Mark'Image(Average));

end Constraint_Tests;


Ok, the problem I'm having is that I'm expecting a constraint exception 
to occur because (English + Math + Computing) = 216 and the largest 
value of its base is 127 (on my machine).

However, I'm not getting this at all. I get no constraint errors 
whatsoever and what's worse, Average = 243. First of all, why didn't I 
get a constraint error here (since Average is of type Exam_Mark)? 
Secondly, where in the heck did 243 come from?

Now, if I omit the statement in the code and instead write:
Average := English + Math + Computing;

I get a constraint error as expected. When I use the '/' operator 
though, all bets are off.

Is there something I'm not seeing here? Is there something about the / 
operator I should know about?

Or... could this possibly be a bug in the compiler itself (using GNAT)?

I'm embarrassed to be posting such a trivial program but it really 
bothers me that the behavior is not what I expect.

If anyone has any suggestions, I'd appreciate some info on the matter... 
even if it's to tell me to RTFM (... as long as you provide a link).

Thanks,
Keith Boruff

Re: Should be getting a constraint error in this code

[Robert I. Eachus]

Keith Boruff wrote:

> Hey all,
> 
> Forgive me for posting such a trivial problem here but I couldn't seem 
> to find an answer in any of the FAQs I know of nor DejaNews.
> 
> Though I'm not a novice programmer, I am a novice Ada programmer.

I suspect that the problem is that you are using GNAT, and forgot to 
read the fine manual.  If you expect integer overflow to be detected, 
you need to run gnatmake -gnato

The historical reasons for this are now ancient history.  The 
alternative is to use pragma Unsuppress.  If you insert it here:

> 
> In my studies this evening, I wrote the following trivial program to 
> force a constraint error:
> 
> with Ada.Text_Io; use Ada.Text_Io;
> 
> procedure Constraint_Tests is

pragma Unsuppress(Overflow_Check);
> 
>   type Exam_Mark is range 0 .. 100;
> 
>   English   : Exam_Mark := 72;
>   Math      : Exam_Mark := 68;
>   Computing : Exam_Mark := 76;
>   Average   : Exam_Mark;
> 
> begin
> 
>  Put("Average exam mark is ");
> 
>  -- I expect a constraint exception in this statement
>  -- because English + Math + Computing > 100
>  -- NOTE: On my machine, Exam_Mark'Base'Last = 127
>  Average := (English + Math + Computing) / 3;
>  Put_line(Exam_Mark'Image(Average));
> 
> end Constraint_Tests;
> 
> 
> Ok, the problem I'm having is that I'm expecting a constraint exception 
> to occur because (English + Math + Computing) = 216 and the largest 
> value of its base is 127 (on my machine).

Then you should get the result you expect.  I get:

F:\Ada\Test>constraint_tests
constraint_tests
Average exam mark is

raised CONSTRAINT_ERROR : constraint_tests.adb:21 overflow check failed

with either pragma Unsuppres, or -gnato, and 243 without.

-- 

                                           Robert I. Eachus

"The flames kindled on the Fourth of July, 1776, have spread over too 
much of the globe to be extinguished by the feeble engines of despotism; 
on the contrary, they will consume these engines and all who work them." 
-- Thomas Jefferson, 1821

Re: Should be getting a constraint error in this code

[John B. Matthews]

In article <gTjMc.2800$q9.4134490@news4.srv.hcvlny.cv.net>,
 Keith Boruff <kboruff@optonline.net> wrote:

> Hey all,
> [...]
> In my studies this evening, I wrote the following trivial program to 
> force a constraint error:
> 
> with Ada.Text_Io; use Ada.Text_Io;
> 
> procedure Constraint_Tests is
> 
>    type Exam_Mark is range 0 .. 100;
> 
>    English   : Exam_Mark := 72;
>    Math      : Exam_Mark := 68;
>    Computing : Exam_Mark := 76;
>    Average   : Exam_Mark;
> 
> begin
> 
>   Put("Average exam mark is ");
> 
>   -- I expect a constraint exception in this statement
>   -- because English + Math + Computing > 100
>   -- NOTE: On my machine, Exam_Mark'Base'Last = 127
>   Average := (English + Math + Computing) / 3;
>   Put_line(Exam_Mark'Image(Average));
> 
> end Constraint_Tests;
> 
> Ok, the problem I'm having is that I'm expecting a constraint exception 
> to occur because (English + Math + Computing) = 216 and the largest 
> value of its base is 127 (on my machine).
> 
> However, I'm not getting this at all. I get no constraint errors 
> whatsoever and what's worse, Average = 243. First of all, why didn't I 
> get a constraint error here (since Average is of type Exam_Mark)? 
> Secondly, where in the heck did 243 come from?
> 
> Now, if I omit the statement in the code and instead write:
> Average := English + Math + Computing;
> 
> I get a constraint error as expected. When I use the '/' operator 
> though, all bets are off.
> 
> Is there something I'm not seeing here? Is there something about the / 
> operator I should know about?

By default, GNAT disables overflow checking; you can enable it 
with the compiler switch -gnato. See section 3.2.5, "Run-Time 
Checks," in the "GNAT User's Guide" for more on the distiction 
between overflow and other constraint checks.

[...]
> Thanks,
> Keith Boruff

John
----
jmatthews at wright dot edu
www dot wright dot edu/~john.matthews/

Re: Should be getting a constraint error in this code

[Björn Persson]

Keith Boruff wrote:

> Secondly, where in the heck did 243 come from?

216 interpreted as a signed 8-bit integer is -40, -40 / 3 = -13 (integer 
division), and signed 8-bit -13 interpreted as unsigned is 243.

-- 
Björn Persson                              PGP key A88682FD
                    omb jor ers @sv ge.
                    r o.b n.p son eri nu

Re: Should be getting a constraint error in this code

[Martin Krischik]

Bjï¿œrn Persson wrote:

> Keith Boruff wrote:
> 
>> Secondly, where in the heck did 243 come from?
> 
> 216 interpreted as a signed 8-bit integer is -40, -40 / 3 = -13 (integer
> division), and signed 8-bit -13 interpreted as unsigned is 243.

Well observed!

But since he used a range and not a mod I would consider it a bug within the
GNAT compiler.

With Regards

Martin

-- 
mailto://krischik@users.sourceforge.net
http://www.ada.krischik.com

Re: Should be getting a constraint error in this code

[Nick Roberts]

On Sun, 25 Jul 2004 15:54:09 +0200, Martin Krischik  
<krischik@users.sourceforge.net> wrote:

> Well observed!

Yes!

> But since he used a range and not a mod I would consider it a
> bug within the GNAT compiler.

I was surprised by GNAT's behaviour here, but I think we have to
stop short of calling it a bug for two reasons: (1) since
assigning an invalid value in the scope of pragma
Suppress(Range_Check), as is effectively the case here, is a
bounded error, GNAT's subsequent behaviour is entitled to be
wrong; (2) since the type was declared with a lower bound of 0,
it seems passable (if a bit weird) for T'Image to be implemented
using the same algorithm as for an unsigned byte.

-- 
Nick Roberts

Re: Should be getting a constraint error in this code

[Christoph Karl Walter Grein]

Additionally to everything you've been told before consider RM 4.5(10). This paragraph allows a compiler to return the mathematically correct result for intermediate values even if it is out of range; only the final result must of course be in range.

Thus the sum 216 may be held in a register (which can have a larger base range).

I get the correct result 72 for your program unchanged compiled with and without -gnato; and also with and without pragma Unsuppress.
________________________________________________________________
Verschicken Sie romantische, coole und witzige Bilder per SMS!
Jetzt neu bei WEB.DE FreeMail: http://freemail.web.de/?mc=021193