From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on ip-172-31-91-241.ec2.internal X-Spam-Level: * X-Spam-Status: No, score=1.0 required=3.0 tests=XPRIO autolearn=no autolearn_force=no version=3.4.6 Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: "Randy Brukardt" Newsgroups: comp.lang.ada Subject: Re: Valid attribute and input operations Date: Tue, 26 Sep 2023 01:13:53 -0500 Organization: A noiseless patient Spider Message-ID: References: <22930fd1-c7ff-46cf-8c75-892212afa85en@googlegroups.com> Injection-Date: Tue, 26 Sep 2023 06:13:28 -0000 (UTC) Injection-Info: dont-email.me; posting-host="f0a5cbfd923c9b47a54100ea42585311"; logging-data="2507346"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+TSD/jCRP9gq79mekMvs/KUhh72baZV7k=" Cancel-Lock: sha1:3hV/YpMy5WAE/7r1zl0kTtw/bCY= X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.7246 X-Newsreader: Microsoft Outlook Express 6.00.2900.5931 X-Priority: 3 X-RFC2646: Format=Flowed; Response X-MSMail-Priority: Normal Xref: news.eternal-september.org comp.lang.ada:65727 List-Id: I believe Jeffrey's analysis is correct. Note that there are some special cases for validity that are intended to make it easier to write code like that you have. But they only make sense for base subtypes (and the type you have is not that). Moreover, they are not foolproof -- exceution is not erroneous in these cases, but they still are a bounded error, and it is always correct for a bounded error to be detected and raise Program_Error. This can happen in practice, too. For instance, for Janus/Ada, enumeration types with specified representations operate internally on the position numbers, and thus reading an enumeration variable will convert the representation to a position number with a table lookup. If the lookup fails, Program_Error is raised, and that happens before the value ever can be assigned to a named variable (and thus before any possible test of validity). I believe that we identified other similar cases back in the day. Probably one of them is the signalling NaN. Some bit patterns for float values represent signalling NaNs, which trap instantly if read. That's at the hardware level on most processors, so the only hope is the handle the resulting exception. It's too late by the time you get to 'Valid. Moral: to make truly bulletproof code, you have to handle exceptions AND use 'Valid. You probably can skip the exceptions if everything is typed with integer basetypes, but if any other kinds of types are involved, they are necessary. Randy. "Jeffrey R.Carter" wrote in message news:uenmg1$qctd$1@dont-email.me... > On 2023-09-23 22:22, Maciej Sobczak wrote: >> >> I have checked the above program on several on-line compilers, all of >> them behave according to interpretation 2 above. >> Richard claims to get behavior 1 on his compiler. >> >> What is your take on this? Any language lawyers? > > The important thing is the definition of Ada.Text_IO.Integer_IO.Get [ARM > A.10.8(7-10)]: > > "... skips any leading blanks, line terminators, or page terminators, then > reads a plus sign if present or (for a signed type only) a minus sign if > present, then reads the longest possible sequence of characters matching > the syntax of a numeric literal without a point. ... > > "Returns, in the parameter Item, the value of type Num that corresponds to > the sequence input. > > "The exception Data_Error is propagated if the sequence of characters read > does not form a legal integer literal or if the value obtained is not of > the subtype Num." > > So a call to Get can only return a valid value of type Num (Integer for > your case) or raise Data_Error. > > If Get is reading "500" then that certainly represents a valid value of > type Integer, and Get should copy that back to the actual parameter. > > If you are using Ada (a language with run-time checks), then a check > should be made that the value is in the range of the actual parameter's > subtype, here Integer range 0 .. 200. That should fail and > Constraint_Error should be raised. > > However, if you are not using Ada because that check has been suppressed, > then the actual parameter will be left with the invalid value 500 and > Constraint_Error will not be raised. > > If I build your program with checks enabled, I get Constraint_Error. If I > build it with checks suppressed, I get the not-valid message (GNAT 12.3). > > -- > Jeff Carter > "If you don't get the President of the United States on that > phone, ... you're going to have to answer to the Coca-Cola > Company." > Dr. Strangelove > 32 >