From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=0.5 required=5.0 tests=BAYES_00,
	PP_MIME_FAKE_ASCII_TEXT,REPLYTO_WITHOUT_TO_CC autolearn=no
	autolearn_force=no version=3.4.4
X-Google-Thread: a07f3367d7,caabf5265fad78e5
X-Google-Attributes: gida07f3367d7,public,usenet
X-Google-NewGroupId: yes
X-Google-Language: ENGLISH,ASCII
Path: 
 g2news2.google.com!news2.google.com!news.glorb.com!wn14feed!worldnet.att.net!bgtnsc04-news.ops.worldnet.att.net.POSTED!53ab2750!not-for-mail
Newsgroups: comp.lang.ada
From: anon@anon.org (anon)
Subject: Re: unsigned type
Reply-To: anon@anon.org (anon)
References: <MJS1m.405325$4m1.207186@bgtnsc05-news.ops.worldnet.att.net>
  <273dedb7-8d68-42d2-8602-aa44c79f3708@b9g2000yqm.googlegroups.com>
 <4b83m.98382$d36.15650@bgtnsc04-news.ops.worldnet.att.net>
 <bnak2h.o3u.ln@hunter.axlog.fr>
X-Newsreader: IBM NewsReader/2 2.0
Message-ID: <pdu3m.99538$d36.35172@bgtnsc04-news.ops.worldnet.att.net>
Date: Fri, 03 Jul 2009 20:53:41 GMT
NNTP-Posting-Host: 12.64.54.128
X-Complaints-To: abuse@worldnet.att.net
X-Trace: bgtnsc04-news.ops.worldnet.att.net 1246654421 12.64.54.128 (Fri,
 03 Jul 2009 20:53:41 GMT)
NNTP-Posting-Date: Fri, 03 Jul 2009 20:53:41 GMT
Organization: AT&T Worldnet
Xref: g2news2.google.com comp.lang.ada:6825
Date: 2009-07-03T20:53:41+00:00
List-Id: <comp.lang.ada>

Based on the Ada LRM and the ACATS tests.

Now there is no RM rule that states you check if the Left > Right first, 
before verifying if the bounds are legal. Since the RM does not directly 
give one permission to use an illegal index value, then one should assume 
that all index must be valid before checking for a null array. Actually, 
Ada RM 0 ( 29 ) states that it is illegal and the program shall create 
an exception if the program "access an array component by using an 
incorrect index value". Also, a number of ACATS test suggest this as well 
and the program below will illustrate this. With that stated from the RM 
the program shall 

 if S'First in S'Range and then S'Last in S'Range then 
   if S'First <= S'Last then
     -- access/create an array bound by ( S'First .. S'Last )
   else
    -- return a null created array access
   end if ;
 else
  raise Constraint_Error ;
 end if ;

You have to look at the whole RM to find out if there are other sections 
that may clarify a statements or allow an exception. But there is no 
RM rules that allows an out of bounds index to be used.

Also, no where in the body of the RM does it say that ( 1 .. 0 ) is a 
valid, it is only used in a number of examples. And how many editors for 
RM 83 (pre Randy) check, double check and even triple check those examples. 
( 1 .. 0 ) may be a special case, but it should state that in a rule in the 
body of the RM, not just shown as an example, because how many books have 
examples that are wrong, even after the third version has been published.

And actually, a number of ACATS tests, show that both index bounds, that is, 
the Left and the Right side must be within the valid range of the subscript 
type, even for a null array. Now, the RM 3.5 ( 4 ) states that if the Right 
index is less the Left you have a null array, but it does not say rather the 
bounds must be within the legal range of the index type or not. But due to 
other parts of RM you should assume that all index must be valid even in 
creating a null array.

--
--  An example to prove my point.
--

procedure u is

    -- copied from ACATS "B420001.A"

    type M5 is mod 5 ;
    type String_5 is array ( M5 range <> ) of Character ;
    subtype String_5_5 is String_5 ( 4..3 ) ;
    Null_5    : constant String_5   := "" ; -- ERROR: Would raise C_E.
    OK_Null_5 :          String_5_5 := "" ; -- OK


-- ------------------------------------------------------------------------ --
--  Now these "Null array" type statement are Illegal. And will raise C_E.  --
--  GNAT compiler does flag these statement as ERROR                        --
-- ------------------------------------------------------------------------ --

    -- both indexes are "out of bounds"

    Check_Null_5_A : String_5 := ( 100 .. -100 => 'A' ) ;
    subtype String_5_A is String_5 ( 100 .. -100 ) ;

    -- Left index is valid, with right index "out of bounds"

    Check_Null_5_C : String_5 := ( 0 .. -100 => 'C' ) ;
    subtype String_5_C is String_5 ( 0 .. -100 ) ;

    -- Left index is "out of bounds", with the right index valid 

    Check_Null_5_B : String_5 := ( 100 .. 3 => 'B' ) ;
    subtype String_5_B is String_5 ( 100 .. 3 ) ;

begin
  null ;
end u ;



In <bnak2h.o3u.ln@hunter.axlog.fr>, Jean-Pierre Rosen <rosen@adalog.fr> writes:
>anon a �crit :
>> --  Adam. 
>> --    Now, can you please explain the results from this program.
>Please don't try to make things more complicated than they are.
>
>The rule is simple: no bounds checking on null arrays. Full stop.
>Or if you prefer, here is how the check happens:
>
>if S'Last >= S'First then
>   if S'Last not in S'Range
>      or S'First not in S'Range
>   then
>      raise Constraint_Error;
>   end if;
>end if;
>-- 
>---------------------------------------------------------
>           J-P. Rosen (rosen@adalog.fr)
>Visit Adalog's web site at http://www.adalog.fr