From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,ecc38b3271b36b88 X-Google-NewGroupId: yes X-Google-Attributes: gida07f3367d7,domainid0,public,usenet X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news2.google.com!news4.google.com!news1.google.com!newsfeed2.dallas1.level3.net!news.level3.com!bloom-beacon.mit.edu!newsswitch.lcs.mit.edu!nntp.TheWorld.com!not-for-mail From: Robert A Duff Newsgroups: comp.lang.ada Subject: Re: What is the warning about builtin-function on gcc-4.6.0 ? Date: Sun, 27 Mar 2011 12:41:31 -0400 Organization: The World Public Access UNIX, Brookline, MA Message-ID: References: <87aagiclte.fsf@mid.deneb.enyo.de> <475d10ca-5d4e-490c-9b88-e12cd3cd3faa@b13g2000prf.googlegroups.com> <87d3lejjyv.fsf@mid.deneb.enyo.de> <6c748f70-7e75-49b4-a467-d1d2d6b24323@w9g2000prg.googlegroups.com> <87k4flhoeg.fsf@mid.deneb.enyo.de> <8762r5hl2u.fsf@mid.deneb.enyo.de> <87vcz5ot5z.fsf@mid.deneb.enyo.de> NNTP-Posting-Host: shell01.theworld.com Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: pcls6.std.com 1301244091 28746 192.74.137.71 (27 Mar 2011 16:41:31 GMT) X-Complaints-To: abuse@TheWorld.com NNTP-Posting-Date: Sun, 27 Mar 2011 16:41:31 +0000 (UTC) User-Agent: Gnus/5.1008 (Gnus v5.10.8) Emacs/21.3 (irix) Cancel-Lock: sha1:6YUN21QcLR0AOQnPn8iNpReViQI= Xref: g2news2.google.com comp.lang.ada:19470 Date: 2011-03-27T12:41:31-04:00 List-Id: Florian Weimer writes: > I'm bothered by this reasoning because it means that Ada compilers > don't have to implement any overflow checks on integer arithmetic. Randy was talking about floating point. I'm not sure why the above follows from what Randy said, but anyway, the rules for integer arithmetic are: If the expression is static, you get the right answer. If the expression is dynamic, and is within the base range, you get the right answer. If the expression is dynamic, and is outside the base range, either you get the right answer, or it raises Constraint_Error. It is never required to raise C_E. > A concrete example: Suppose that A, B are of type Integer, and > Integer'Base has the same range as Integer, and A + B gives a > mathematical result outside this range. The implementation chooses to > produce an "invalid value" for the result. OK so far. >...During actual execution on > real hardware, it is represented as the lower Integer'Size bits of the > result. No, that's not allowed. If integer is 32 bits, it can store the result of A+B in a 64-bit register, and not raise C_E. But it can't just throw away the high-order bits. Suppose A+B >= 2**31. If you say, "if A+B > Integer'Last then...", then it must either raise C_E or be True. It can't be False, because that's a wrong answer. > It's also not clear whether "abnormal" and "not normal" and "invalid" > and "not valid" are equivalent. It's clear to me. ;-) I mean, surely the RM doesn't twist the normal meaning of English THAT badly! >...(You cannot detect values which are > conceptually invalid by inspecting the 'Valid attribute at run time > because it produces false negatives, but this is a different matter.) I'm not sure what you mean. How can 'Valid produce false negatives? >> Data validity is a very complex subject; you can read 13.9.1 10 >> times and get different impressions each time. > > I don't think 13.9.1 comes into play at all. It says what happens > with invalid representations, but doesn't say how they are produced. The main way, which is mentioned in 13.9.1, is to use an uninitialized variable. > (The standard doesn't say much at all about the behavior of Ada > programs if you can invoke 13.9.1 whenever it's convenient.) - Bob