From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID
	autolearn=no autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,45a9122ddf5fcf5
X-Google-Attributes: gid103376,public
From: mheaney@ni.net (Matthew Heaney)
Subject: Re: Rules for Representation of Subtypes
Date: 1996/09/27
Message-ID: <mheaney-ya023180002709960713140001@news.ni.net>#1/1
X-Deja-AN: 185662179
references: <mheaney-ya023080002209961353500001@news.ni.net>
 <Dy78qJ.MDr@world.std.com> <mheaney-ya023080002409960726040001@news.ni.net>
 <DyCF97.7zp@world.std.com>
content-type: text/plain; charset=ISO-8859-1
organization: Estormza Software
mime-version: 1.0
newsgroups: comp.lang.ada
Date: 1996-09-27T00:00:00+00:00
List-Id: <comp.lang.ada>


In article <DyCF97.7zp@world.std.com>, bobduff@world.std.com (Robert A
Duff) wrote:

>But this is all very obscure.  If you're interfacing to hardware, or to
>C, or to something else where the interface is a low-level binary
>interface, the best thing to do is make the types match the hardware, or
>the C, or whatever it is.  Don't use constraints on the Ada side of the
>interface, just because the logical properties would warrant a
>constraint.
>
>For example, suppose you call a C function that takes a pointer to an
>int, and the function updates the pointed-to int.  The documentation
>promises that the value will always be in 1..10.  DO NOT say "type T is
>range 1..10;", or "subtype T is Interfaces.C.int range 1..10;" on the
>Ada side.  Because, if the documentation lies, your program will be
>erroneous.  If, on the other hand, you use Interfaces.C.int, at the
>interface, and *then* assign it into a constrained thing, you will get a
>Constraint_Error for the bad data.  Or, you can write an "if" statement
>to check for bad data.

I agree.  As a matter of fact, this is what I do already, and what I tell
all my clients to do.  Most aren't savvy enough about Ada to realize that
their program (execution) is erroneous if the data they just read off the
interface doesn't match the constraints of their Ada type, and most people
expect (incorrectly) that Ada will just raise Constraint_Error if the data
is out of range.

So the moral of the story is, if you're reading data off an interface, read
it into a an object of a first named subtype without constraints.  Your
progam won't be erroneous (because no range constraints will be violated),
and first named subtypes seem to be the only place where the size of
objects of that type match the value of size specified in the length clause
for the type.  (Readers: holler if this last statement is incorrect.)

>- Bob

-Matt

--------------------------------------------------------------------
Matthew Heaney
Software Development Consultant
mheaney@ni.net
(818) 985-1271