CVS difference for ais/ai-00167.txt

Differences between 1.4 and version 1.5
Log of other versions for file ais/ai-00167.txt

--- ais/ai-00167.txt	2001/11/15 02:34:08	1.4
+++ ais/ai-00167.txt	2001/12/22 04:11:55	1.5
@@ -468,4 +468,53 @@
+From: Robert Dewar
+Date: Friday, November 15, 2001  9:11 AM
+<<Well, the body wouldn't work for Janus/Ada, because the size of component of
+a generic formal integer type is the size of the largest possible integer
+type. And pragma Pack is ineffective on such types. (The results of generic
+code sharing.) Thus, you probably would get a type mismatch error on the
+Unchecked_Conversion instantiation.>>
+This implementation is arguably incorrect, I see no reason to allow the UC to
+fail in this case.
+<<I think that is a little bit too strong: if the compiler can determine that
+the value being tested is known to be set to one or more valid, static
+values in the current extended basic block (via flow analysis, for example),
+then it can remove the check. Certainly if the value is known to be static.
+But those cases are likely to be rare enough that it may not be worth it to
+allow them.
+You are right legalistically, but I wlil repeat my assertion that it is a bad
+implementatoin choice to ever optimize away 'Valid. This should be a
+defence even in an erroneous program with memory overwriting etc.
+(or hardware failure)
+From: David Emery
+Date: Friday, November 15, 2001  11:30 AM
+Speaking a J. Random User here :-).  If I used 'Valid, then
+I want to be guaranteed a check, regardless of what the compiler
+can "prove".  If I didn't want it, I wouldn't ask for it.
+Besides Robert's example, this could well be part of an
+external 'proof system' (e.g. SPARK) where the correctness
+of the proof depends on the check occuring at exactly this
+From: Mike Kamrad
+Date: Friday, November 15, 2001  1:20 PM
+I would agree with Robert's assertion too, as M. Random-User.  Is this the
+one attribute the only one way we do not want to optimize away?

Questions? Ask the ACAA Technical Agent