TEAM-ADA Archives

Team Ada: Ada Programming Language Advocacy


Options: Use Classic View

Use Proportional Font
Show Text Part by Default
Show All Mail Headers

Topic: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Greg Bek <[log in to unmask]>
Fri, 16 Feb 2001 09:51:39 -0800
text/plain (84 lines)
Just a final point.  As Tucker pointed out, you have a bounded error.

Apex (and I'm guessing GNAT) conclude in the example code you provide
that the value isn't used, therefore the erroneous value doesn't
impact further execution of the program.  This is acceptable behaviour
under the standard.

I tried a couple of different things before your final line of
    Ada.Text_Io.Put_Line ("Image is " & Month_Type'Image (Control_Data.Month));
With Apex that raises constraint error, as the incorrect value is now
being used.

I also tried

   case Control_Data.Month is
        when January .. December =>
            Ada.Text_Io.Put_Line ("Valid month");
        when others =>
            Ada.Text_Io.Put_Line ("Invalid month");
    end case;

And got "Invalid Month" output.

I think you have tripped over a very subtle area.  One of the challenges
here is performance.  To correctly detect invalid data in all cases
would really degrade performance, for instance: subprograms would not
be able to assume that parameters were in range all the time (what if
the parameter was a result of unchecked_conversion, the called s/p cannot
see that, so would have to check regardless).

The above examples with Apex used no optimization, I'd guess that this
would have an impact on the behaviour as well.

I'm not a language lawyer, so I may be overly pessimistic here.

But I think one conclusion that could be reached is that if you
are not absoultely sure about the input to unchecked_conversion
then you need to validate the data your self.


> -----Original Message-----
> From: Team Ada: Ada Advocacy Issues (83 & 95)
> [mailto:[log in to unmask]]On Behalf Of Tucker Taft
> Sent: Friday, February 16, 2001 6:02 AM
> To: [log in to unmask]
> Subject: Re: Technical Question
> [log in to unmask] wrote:
> >
> > I have a bit of a dilemma that I was hoping some of you may be able to shed some
> > light on. It is in relation to the program below (I know this isn't really the
> > place to discuss technical problems, but I'd appreciate any comment on this
> > one).
> >
> > The program below is a modified snippet of something I have to use. The problem
> > I have is that I have access to 4 compilers, namely Apex, Green Hills, GNAT and
> > ObjectAda that I have used to compile the code. All of them are quite happy to
> > compile the program, but I need to know whether I should be reporting this as a
> > bug to the supplier of the code, or the compiler vendors!
> The unchecked conversion has produced a record whose Month component
> has an "invalid representation" (see RM95 13.9.1(9)).
> Evaluating the value of that component is a bounded error,
> and Program_Error or Constraint_Error can be raised, or the
> execution can continue using this invalid representation.
> So the compilers you have are conforming to the standard, but
> they happen to be choosing different alternatives among the 3 mentioned
> in 13.9.1(9).  So this program has a bounded error, and
> should be fixed unless you like the current implementation-dependent
> behavior  ;-).
> --
> -Tucker Taft   [log in to unmask]
> Chief Technology Officer, AverCom Corporation (A Titan Company)
> Burlington, MA  USA (AverCom was formerly the Commercial Division of AverStar: