From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 Path: eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!feeder.eternal-september.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: Niklas Holsti Newsgroups: comp.lang.ada Subject: Re: How to get Ada to ?cross the chasm?? Date: Sat, 12 May 2018 01:04:02 +0300 Organization: Tidorum Ltd Message-ID: References: <1c73f159-eae4-4ae7-a348-03964b007197@googlegroups.com> <87in88m43h.fsf@nightsong.com> <87efiuope8.fsf@nightsong.com> <87lgd1heva.fsf@nightsong.com> <87zi1gz3kl.fsf@nightsong.com> <878t8x7k1j.fsf@nightsong.com> <87fu342q1o.fsf@nightsong.com> <87mux9645j.fsf@nightsong.com> <8736yz18e4.fsf@nightsong.com> <87mux62it0.fsf@nightsong.com> <87k1sat1ie.fsf@nightsong.com> Mime-Version: 1.0 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Trace: individual.net cnp9pjI0z1Jar3QlEh129ATBePnMEF+eU79MDbwBeXCFJ3Vfg6 Cancel-Lock: sha1:4fK4bJx+5m95wQr6kAJ+xl4wacs= User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 In-Reply-To: Xref: reader02.eternal-september.org comp.lang.ada:52299 Date: 2018-05-12T01:04:02+03:00 List-Id: On 18-05-12 00:45 , Randy Brukardt wrote: > "Niklas Holsti" wrote in message > news:flmdbnFbrgaU1@mid.individual.net... >> On 18-05-11 22:50 , Paul Rubin wrote: >>> Niklas Holsti writes: >> >>>> If one uses specific array index types, as good Ada style requires, an >>>> Ada compiler can trivially omit many array bounds checks for which a >>>> bounds-checking C compiler would have to use a global data-flow >>> >>> If you mean the index is in an int range type, then the Ada compiler >>> should have to make a range check every time you modify the index, >>> unless it can statically prove that the new value is in range. >> >> Yes, but often the compiler can do that. >> >>> So you've just moved the check from one place to another. >> >> Sometimes that is so. But sometimes the value is used in many places, or >> frequently, and modified in one place, or rarely, so the number of checks >> is reduced, in the static and/or dynamic measure. > > Also note that in the common special case of loop iteration, no checks are > needed at all, either at the generation of the index or it's use: > > for I in Arr'Range loop > ... Arr(I) ... > end loop; > > I cannot be outside of it's range by construction, so no checks needed there > other than the usual loop termination check, and that being the case, no > checks are needed on the array indexing, either. Yes, but for the analogous C loop, a bounds-checking C compiler would seldom need deep analysis to come to the same conclusion, using perhaps one or two checks on the loop limits against the size of the array (which a bounds-checking C compiler would have to pass around, to simulate the Ada 'Length attribute). > For many of the Ada checks, the existence of a check that can fail indicates > poorly written Ada code and/or a potential bug. I'm working toward having > the compiler (optionally) identify these during compilation, so that one can > improve the code to eliminate the danger *before* testing. I like that idea. -- Niklas Holsti Tidorum Ltd niklas holsti tidorum fi . @ .