From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,FROM_LOCAL_HEX,
	FROM_STARTS_WITH_NUMS autolearn=no autolearn_force=no version=3.4.4
X-Google-Thread: a07f3367d7,146d9a693430fff2
X-Google-Attributes: gida07f3367d7,public,usenet
X-Google-NewGroupId: yes
X-Google-Language: ENGLISH,ASCII-7-bit
Path: 
 g2news1.google.com!news3.google.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: "Vinzent Hoefler" <0439279208b62c95f1880bf0f8776eeb@t-domaingrabbing.de>
Newsgroups: comp.lang.ada
Subject: Re: Ada2012 Invariants and obaque types
Date: Tue, 21 Jun 2011 23:50:04 +0200
Message-ID: <op.vxf39qy3lzeukk@jellix.jlfencey.com>
References: 
 <239a78ad-0937-4a7a-8163-231430fd5ffe@k27g2000yqn.googlegroups.com>
 <17t4afbmsrbm4.7llaajq91zz3.dlg@40tude.net> <op.vxfvc6uxule2fv@douda-yannick>
 <1rxmqjvvd0nk6.1pqiavml8xwzf.dlg@40tude.net>
 <op.vxfxztmglzeukk@jellix.jlfencey.com>
 <h0xxgcuu0jt$.1egpe6nxhiili.dlg@40tude.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes
Content-Transfer-Encoding: 7bit
X-Trace: individual.net YuZumyk1ps9JIUQtIcLv1QtfLjfy2KopqcyqQ0gJRqGbgvpiIo
Cancel-Lock: sha1:3nIQQXL/VTyyRPAVr+Os0tBxlG4=
User-Agent: Opera Mail/11.11 (Win32)
Xref: g2news1.google.com comp.lang.ada:19997
Date: 2011-06-21T23:50:04+02:00
List-Id: <comp.lang.ada>

Dmitry A. Kazakov wrote:

> On Tue, 21 Jun 2011 21:34:31 +0200, Vinzent Hoefler wrote:
>
>> Dmitry A. Kazakov wrote:
>>
>>> 'Valid is a hack around missing value initialization enforcement or some
>>> kludges to support Unchecked_Conversion. It cannot justify anything because
>>> 'Valid itself lacks credibility.
>>
>> How do you properly initialise and/or validate values coming from an untrusted
>> external source (i.e. "bus")? Always using the full bit pattern and write the
>> conversion routine yourself?
>
> Yes, I always do exactly this, at least in order to make my program
> portable.

Hmm. Reading bus values in a particular endianes and being portable... ;)

Example:

     --  type used for clock source and retrigger mode selections
     --  bits [4:2]
     --  RTG  PSC_SEL EXT_CLK   clock mode
     --    0        0       0   Internal, cpu clock, gated
     --    0        0       1   External
     --    0        1       0   Internal, prescaled, gated
     --    0        1       1   N/A (same as 001)
     --    1        0       0   Internal, cpu clock, retriggered
     --    1        0       1   N/A (same as 001)
     --    1        1       0   internal, prescaled, retriggered
     --    1        1       1   N/A (same as 001)
     type Clock_Source is (Internal_Gated,
                           External,
                           Prescaled_Gated,
                           Internal_Retriggered,
                           Prescaled_Retriggered);

     for Clock_Source use (Internal_Gated        => 2#000#,
                           External              => 2#001#,
                           Prescaled_Gated       => 2#010#,
                           Internal_Retriggered  => 2#100#,
                           Prescaled_Retriggered => 2#110#);

     for Clock_Source'Size use 3;

Would you actually do without the type representation here and start masking off the
bits by hand again instead of using 'Valid, just in case of of those "N/A" values
sneak in?


Vinzent.

-- 
f u cn rd ths, u cn gt a gd jb n cmptr prgrmmng.