From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,9e499c74312ed3f0
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2001-05-18 06:39:44 PST
Newsgroups: comp.lang.ada
Path: 
 archiver1.sj.google.com!newsfeed.google.com!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!newspeer1.nac.net!netnews.com!newsfeed.skycache.com!Cidera!news-reader.ntrnet.net!uunet!ash.uu.net!world!bobduff
From: Robert A Duff <bobduff@world.std.com>
Subject: Re: Static assertions
Sender: bobduff@world.std.com (Robert A Duff)
Message-ID: <wcc7kzeu69k.fsf@world.std.com>
Date: Fri, 18 May 2001 13:38:15 GMT
References: <mailman.990164357.8926.comp.lang.ada@ada.eu.org>
Organization: The World Public Access UNIX, Brookline, MA
X-Newsreader: Gnus v5.3/Emacs 19.34
Xref: archiver1.sj.google.com comp.lang.ada:7634
Date: 2001-05-18T13:38:15+00:00
List-Id: <comp.lang.ada>

Christoph Grein <christoph.grein@eurocopter.com> writes:

> Robert A Duff wrote:
> 
> > Interesting.  But shouldn't it be Assert'(...)?
> >                                         ^ ie a qualified expression

What I meant was that it's better style to use a qualfied expression
than a type conversion, in cases where both work, because a qual exp is
less powerful.  That is, why say "Warning Will Robinson: I'm converting
types" when you're *not* converting types?

(IMHO a type conversion that converts from a type to itself should cause
at least a warning.)

>   package Verifier is
>     subtype Assert is Boolean range True .. True;
> 
>     Assert_1 : constant := Boolean'Pos (Assert (Integer'Size = 16));
>     Assert_2 : constant := Boolean'Pos
> 				  (Assert (Integer'Size = 2 * Character'Size));
>   end Verifier;
> 
> With a type conversion this compiles on my Apex Ada 95 Compiler 3.0.0b on 

Sounds like a compiler bug, which you should report.  The above code is
illegal (as desired).  The AverCom Ada front end gives two error
messages for the above.

> It seems like the type conversion is ignored.
[... RM exegesis snipped]

You missed 4.6(51), which says that the subtype is checked.  A
type_conversion is really a subtype conversion, despite its name.  That
is, a type_conversion T(X) converts the value of X to the type of
subtype T, and then checks that the value is in the subtype T.

> Thus there is nowhere specified that the subtype range is checked.
>    Put_Line (Integer'Image (Natural (-2.3)));
> compiles just fine and produces -2.

Again, that sounds like a compiler bug.  The AverCom Ada compiler says
it's illegal.

> So thanx to Robert Duff for hinting.

Well, I wasn't hinting at what you thought I was hinting.  ;-)

- Bob