Re: What would be the Ada solution?

["Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de>]

On Fri, 4 Feb 2011 08:33:57 -0800 (PST), KK6GM wrote:

> A colleague is working on some old code, written in C, that uses an
> "out of range" integer value to indicate no valid value.  Thus, a
> default value (in this case 0x7FFFFFFF) means no value has been
> entered.  All code that uses any values should check for this no-value
> and act accordingly, but of course not all the code actually does
> that, and there are odd cases where the no-value value gets processed
> as a valid value and then Bad Things Happen.
> 
> I'm curious what the Ada approach to this issue would be, the issue
> being to differentiate between valid and invalid values, and to catch
> (compile time or run time) any manipulation of an invalid value as if
> it were a valid value.

Ada solution would be to declare the integer type of the valid range:

   type ADC_16_Bit is range 0..2**16 - 1;

The compiler checks dynamically and, where possible, statically that the
value is always valid.

When values read from the hardware some bit patterns may indicate errors.
In such cases you can declare the full range of possible values and a
subrange of the valid ones:

   type ADC_Word is mod 2**16; -- 2 octets as read from the station
   Conversion_Error : constant ADC_Word := 16#FFFF#;
   Short_Circuit_Error : constant ADC_Word := 16#EFFF#;
   ...
   subtype Voltage is ADC_Word range 0..16#7FFF#; -- 0=-10V, 7FFF=+10V

-- 
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de