Subtypes boundaries
in [ADA]
|
From: Nobody on 14 Jun 2010 16:25 Hi All, I am new to Ada and found the following declaration in my text book: type ASTERIX is range -5_000..+10_000; subtype IDEFIX is range 1..20_000; How can it be that the subtype IDEFIX can exceed the boundaries (20_000 compared to 10_000) of the superordinated type ASTERIX? If it is a subtype its boundaries should be within the boundaries of the type it is derived from. Did I get something wrong? Regards Nobody
From: Nobody on 14 Jun 2010 16:43 On Mon, 14 Jun 2010 20:25:48 +0000 Nobody wrote: I am sorry, I have to correct the statements. type ASTERIX is range -5_000..+10_000; subtype IDEFIX is ASTERIX range 1..20_000; Regards Nobody
From: Gautier write-only on 14 Jun 2010 17:01 > type ASTERIX is range -5_000..+10_000; > subtype IDEFIX is ASTERIX range 1..20_000; If it is what is in your text book, then it is a mistake - at least from a didactic perspective... To my surprise, it looks legal Ada. One (old) compiler compiles without a complaint; another one (recent) compiles but issues this warning: obelix.adb:3:38: warning: static value out of range of type "ASTERIX" defined at line 2 obelix.adb:3:38: warning: "Constraint_Error" will be raised at run time And keeps its promise at run-time: Execution terminated by unhandled exception Exception name: CONSTRAINT_ERROR Message: obelix.adb:3 range check failed G.
From: Yannick Duchêne (Hibou57) on 14 Jun 2010 19:31 Le Mon, 14 Jun 2010 23:01:17 +0200, Gautier write-only <gautier_niouzes(a)hotmail.com> a écrit: > To my surprise, it looks legal Ada. The base type of IDEFIX is ASTERIX, by definition. [ARM 2005 3.5(5)] just says: > For a subtype_indication containing a range_constraint, either directly > or as part of some other scalar_constraint, the type of the range shall > resolve to that of the type determined by the subtype_mark of the > subtype_indication. Nowhere in 3.5 I could find something explicitly stating when the error must be detected (compile time or runtime). If the ranges was defined using non-literal, like values of type ASTERIX, and if these was variables, then there would be no other way except a runtime detection of an error. What disturbed me, is that a literal here, match an ASTERIX while it is statically out-of range ? Needs investigation in the RM (or may be the reference lacks something here ?). What is the RM part involved here ? -- There is even better than a pragma Assert: a SPARK --# check. --# check C and WhoKnowWhat and YouKnowWho; --# assert Ada; -- i.e. forget about previous premises which leads to conclusion -- and start with new conclusion as premise.
From: Peter C. Chapin on 14 Jun 2010 20:01
Yannick Duchêne (Hibou57) wrote: > What disturbed me, is that a literal here, match an ASTERIX while it is > statically out-of range ? I think that's accepted because the literal is a Universal Integer. Peter |