From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00
	autolearn=unavailable autolearn_force=no version=3.4.4
Path: 
 eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!mx02.eternal-september.org!feeder.eternal-september.org!aioe.org!.POSTED!not-for-mail
From: "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de>
Newsgroups: comp.lang.ada
Subject: Re: Instantiating package problems
Date: Mon, 4 Jan 2016 22:10:54 +0100
Organization: Aioe.org NNTP Server
Message-ID: <n6en12$5jn$2@gioia.aioe.org>
References: <7dcd49f3-b04f-4ea3-b431-5c27f73b9afe@googlegroups.com>
 <87poxixqmy.fsf@theworld.com>
 <b5dcba43-8652-40f0-8115-a235c6c83544@googlegroups.com>
 <f2fabc7b-a6a4-49db-85ac-d0fedf6cf95e@googlegroups.com>
NNTP-Posting-Host: LNA1TkTuMxfwTHzeJdi6nA.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101
 Thunderbird/38.5.0
X-Notice: Filtered by postfilter v. 0.8.2
Xref: news.eternal-september.org comp.lang.ada:29013
Date: 2016-01-04T22:10:54+01:00
List-Id: <comp.lang.ada>

On 2016-01-04 21:49, Anh Vo wrote:
> On Sunday, January 3, 2016 at 4:07:30 PM UTC-8, Andrew Shvets wrote:
>> Hi Bob,
>>
>> Thanks for writing back.  This is the entire example:
>> http://pastebin.com/GEJT3WzL
>
> Just recommend to add a precondition to function Division as shown below.
 > By the way, this feature is part of latest Ada (Ada 2012). In addition,
 > you should think about adding precondition to other operations such as
 > Addition where Input1 + Input2 <= Integer'Last and Input1 + Input2 >= 
Integer'Last.
>
>    function Division(
>      Input1 : in Integer;
>      Input2 : in Integer)
>        return Integer
>     with pre => Input2 /= 0;

The correct precondition of integer division is

    Input1/Input2 in Integer'Range

Note that it precludes zero divide, provided Ada 2012 can understand it, 
according to 3.5.4 (8) it must, but I am not a language lawer.

For a 2's complement machine the offending case is

    Input1 = Integer'First
    Input2 = -1

-- 
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de