From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: f849b,b8d52151b7b306d2
X-Google-Attributes: gidf849b,public
X-Google-Thread: 103376,a00006d3c4735d70
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2003-12-27 08:50:05 PST
Path: 
 archiver1.google.com!news2.google.com!news.maxwell.syr.edu!kibo.news.demon.net!news.demon.co.uk!demon!not-for-mail
From: Simon Wright <simon@pushface.org>
Newsgroups: comp.arch.embedded,comp.lang.ada
Subject: Re: Certified C compilers for safety-critical embedded systems
Date: 27 Dec 2003 16:47:07 +0000
Organization: Pushface
Sender: simon@smaug.pushface.org
Message-ID: <x7vekuq6wdw.fsf@smaug.pushface.org>
References: <3fe00b82.90228601@News.CIS.DFN.DE> <3FE026A8.3CD6A3A@yahoo.com>
 <$km9afA3DB7$EAYO@phaedsys.demon.co.uk>
 <bcEFNEK9esyI@eisner.encompasserve.org>
 <p$OIcVFWHL7$EA6t@phaedsys.demon.co.uk>
 <wccekur4151.fsf@shell01.TheWorld.com>
 <Xns945DE49836882jimmaureenrogers@204.127.36.1>
 <3feda44e_3@mk-nntp-1.news.uk.worldonline.com>
NNTP-Posting-Host: pogner.demon.co.uk
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: news.demon.co.uk 1072543804 11851 62.49.19.209 (27 Dec 2003 16:50:04
 GMT)
X-Complaints-To: abuse@demon.net
NNTP-Posting-Date: Sat, 27 Dec 2003 16:50:04 +0000 (UTC)
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.1
Xref: archiver1.google.com comp.arch.embedded:6161 comp.lang.ada:3851
Date: 2003-12-27T16:47:07+00:00
List-Id: <comp.lang.ada>

Ian Bell <ian@ruffrecordsDOTworldonline.co.uk> writes:

> James Rogers wrote:
> 
> snip
> > 
> > type my_index is range 0..9;
> > type My_Array_Type is array(my_index) of integer;
> > 
> > foo : My_Array_Type;
> > 
> > for num in 0..99 loop
> >    foo(num) := num;
> > end loop;
> > 
> > All Ada compilers will correctly identify the error in the for
> > loop.  The type of "num" is not the same as the type of the index,
> > because the range of values defined for "num" are not all within
> > the range of values in my_index. This detection will happen
> > properly no matter how far the definition is separated from the
> > "for" loop.
> 
> I know nothing about ada so this is a genuine query rather than a
> ctiticism.  The above example is fine as long as literals are used -
> even a C compiler could be devised to make this check - but what
> happens when the array index is computed?

You mean as in

  type my_index is range 0 .. some_variable;

-- yes, Ada compilers will perform the check.

Actually the code wasn't actually compiled by whoever posted it, a
crime on c.l.a: you either have to say

  for Num in 0 .. 99 loop
     Foo (My_Index (Num)) := Num;
  end loop;

(which GNAT doesn't see as a problem until execution time) or 

   for Num in My_Index range 0 .. 99 loop
      Foo (Num) := Integer (Num);
   end loop;

to which GNAT says

constraints.adb:10:35: warning: static value out of range of type "My_Index" defined at line 3
constraints.adb:10:35: warning: "Constraint_Error" will be raised at run time

(this is the "99").