Re: Beware: Rep spec on an enumeration type clause

[mheaney@ni.net (Matthew Heaney)]

In article <34912418.13716044@news.geccs.gecm.com>,
brian.orpin@gecm.dot.com wrote:


>>with Ada.Text_IO; use Ada.Text_IO;
>>procedure Main is
>>   type T is (AA, BB, CC);
>>   for T use (AA => -1, BB => 10, CC => 20);
>>   I:T;                -- not initialised

[snip]

>In 83 I would have simply checked to see if it was valid by 
>
>Valid := I in T'First .. T'Last;
>
>Certainly on the Tartan Compiler for C40 this detects any invalid (not
>represented) values of T.

If this works for your implementation, then it's pure surrendipity.  My
expectation is that a compiler will optimize that Boolean expression to
True, since "of course" I has be in the range of T, because it is of type
T.  This particular optimization is unwanted here, which is precisely why
the Valid attribute was added to the language.

This kind of behavior can be especially pernicious if you're using the
object to index an array.  In Ada 83, you can very easily have problems if
the value is outside the range of the array index subtype.  It's exactly
analogous to dereferencing an uninitialized access object.

In Ada 95, things are better.  The language now requires that, even if the
subtype of the index object is in the array index subtype, you're not
allowed to optimize away the range check unless you can prove the index
object has a "sensible" value.  If you try to dereference an array with a
"bad" index, then you might get Constraint_Error, or you might update the
wrong element of the array, but you can't accidently touch "components"
outside the array object.

--------------------------------------------------------------------
Matthew Heaney
Software Development Consultant
<mailto:matthew_heaney@acm.org>
(818) 985-1271