Re: unsigned type

[Adam Beneschan <adam@irvine.com>]

On Jul 3, 1:53 pm, a...@anon.org (anon) wrote:
> Based on the Ada LRM and the ACATS tests.
>
> Now there is no RM rule that states you check if the Left > Right first,
> before verifying if the bounds are legal.

Yes, there is, and we have already told you what they are.  4.1.2(7)
says that for a slice, "If the slice is not a null slice (a slice
where the discrete_range is a null range), then a check is made that
the bounds... belong...".  Since the check is not made for null
slices, then yes, you do have to check first.  3.5(8) says that a
range is compatible with a subtype if it is a null range or if the
bounds belong, so again you have to check for a null range before
making sure the bounds are in range.  But both of these RM paragraphs
have already been pointed out to you, and you apparently didn't bother
to read them but are still insisting you are right, so I don't know
what the point of my spelling this out for you is since you probably
won't pay any attention to this either.  So I think this will have to
be my last contribution on this subject.  Of course, most of the
people on this newsgroup are wondering why I didn't quit long ago.


> Since the RM does not directly
> give one permission to use an illegal index value, then one should assume
> that all index must be valid before checking for a null array. Actually,
> Ada RM 0 ( 29 ) states that it is illegal and the program shall create
> an exception if the program "access an array component by using an
> incorrect index value".

When you are creating a null array slice you are not accessing *any*
array component, since a null slice has no components.  So how would
that paragraph apply, even if it were a language rule and not just an
example in the Language Summary?


> And actually, a number of ACATS tests, show that both index bounds, that is,
> the Left and the Right side must be within the valid range of the subscript
> type, even for a null array. Now, the RM 3.5 ( 4 ) states that if the Right
> index is less the Left you have a null array, but it does not say rather the
> bounds must be within the legal range of the index type or not.

The parts of the RM which we have pointed out, and that you apparently
have not bothered to read, do say explicitly that the bounds of a null
array don't have to be in range.

> But due to
> other parts of RM you should assume that all index must be valid even in
> creating a null array.
>
> --
> --  An example to prove my point.

No, it doesn't.  This is a special case because the integer type is a
*modular* type.  Yes, the rules for modular types make things very
different.  I could go through the rules and explain exactly why this
is so, but it isn't going to matter since you won't believe me and
you'll just cite some other inapplicable general principle somewhere
else in the RM to argue your point and ignore the specific details of
what the rules actually say.  I'll just say that null strings don't
work with modular index types because the 'First of the string is the
lower bound of the subtype, which is 0, and the 'Last is what you get
by subtracting 1, which is 0-1=4 since this is a modular type, and a
string whose bounds are (0..4) can't be a null string, which is why an
error will result.  Another reason for errors in this test is because
the base range of modular types is defined differently than for signed
integer types.  Actually, you *could* cause a similar problem with a
signed integer type, but not with String because the lower bound is 1;
you'd need to define your own array type whose index range starts with
the smallest possible value in the *base range* of the integer
(something like -2**32 or -2**64), which then gets an error because
you can't subtract one from it.

                                         -- Adam


> --
>
> procedure u is
>
>     -- copied from ACATS "B420001.A"
>
>     type M5 is mod 5 ;
>     type String_5 is array ( M5 range <> ) of Character ;
>     subtype String_5_5 is String_5 ( 4..3 ) ;
>     Null_5    : constant String_5   := "" ; -- ERROR: Would raise C_E.
>     OK_Null_5 :          String_5_5 := "" ; -- OK
>
> -- ------------------------------------------------------------------------ --
> --  Now these "Null array" type statement are Illegal. And will raise C_E.  --
> --  GNAT compiler does flag these statement as ERROR                        --
> -- ------------------------------------------------------------------------ --
>
>     -- both indexes are "out of bounds"
>
>     Check_Null_5_A : String_5 := ( 100 .. -100 => 'A' ) ;
>     subtype String_5_A is String_5 ( 100 .. -100 ) ;
>
>     -- Left index is valid, with right index "out of bounds"
>
>     Check_Null_5_C : String_5 := ( 0 .. -100 => 'C' ) ;
>     subtype String_5_C is String_5 ( 0 .. -100 ) ;
>
>     -- Left index is "out of bounds", with the right index valid
>
>     Check_Null_5_B : String_5 := ( 100 .. 3 => 'B' ) ;
>     subtype String_5_B is String_5 ( 100 .. 3 ) ;
>
> begin
>   null ;
> end u ;
>
> In <bnak2h.o3u...@hunter.axlog.fr>, Jean-Pierre Rosen <ro...@adalog.fr> writes:
>
>
>
> >anon a écrit :
> >> --  Adam.
> >> --    Now, can you please explain the results from this program.
> >Please don't try to make things more complicated than they are.
>
> >The rule is simple: no bounds checking on null arrays. Full stop.
> >Or if you prefer, here is how the check happens:
>
> >if S'Last >= S'First then
> >   if S'Last not in S'Range
> >      or S'First not in S'Range
> >   then
> >      raise Constraint_Error;
> >   end if;
> >end if;
> >--
> >---------------------------------------------------------
> >           J-P. Rosen (ro...@adalog.fr)
> >Visit Adalog's web site athttp://www.adalog.fr- Hide quoted text -
>
> - Show quoted text -