Version 1.2 of ais/ai-00234.txt

Unformatted version of ais/ai-00234.txt version 1.2
Other versions for file ais/ai-00234.txt

!standard 3.5.4 (00)          00-11-28 AI95-00234/02
!class amendment 00-04-27
!status No Action (9-0-1) 00-11-18
!status received 00-04-27
!priority Low
!difficulty Hard
!subject Unsigned integer types
!summary
!problem
Ada 95 provides modular types as a solution to provide unsigned integer functionality. However, these types differ from regular integer types in that they do not provide overflow checking.
For some uses, overflow checking is valuable for unsigned types. For maximum values less than System.Max_Int, an ordinary integer type declaration can be used. However, it is not possible in Ada 95 to declare a full-range unsigned integer type that has overflow checking.
( Interesting arguments in the question. )
!proposal
!wording
!example
!discussion
!appendix

From: Public Comments on the International Ada Standard
[ADA-COMMENT@ACM.ORG] on behalf of Tarjei.Jensen@KVAERNER.COM
Sent: Saturday, April 15, 2000 7:58 AM
Subject: [Ada-Comment] Unsigned integer types

!topic unsigned integer types
!reference 3.5.4 Integer types, B.3 Interfacing with C
!from Tarjei Tjøstheim Jensen 00-04-15
!keywords unsigned integer, C, interfaces.c
!discussion

In recent discussion on comp.lang.ada it has become clear that it is
desirable to be able to specify an unsigned integer type which is not
constrained by the max_int attribute.

Using a modular type may not be desirable since it allows an undetected
overflow in situations where an undetected overflow could cause a program to
malfunction.

The argument for blindly translating unsigned types to modular type in
connection with C library bindings is that the unsigned types in C have
modular semantics. This is not a valid argument since it is clear from the
context that the powers that be used an unsigned datatype to get the desired
numerical range. It is not a acceptable argument that because the semantics
of unsigned types in C allows a programmer to abuse a given datatype that
this abuse should be possible with equal ease in Ada.

From the library point of view it does not matter whether the Ada compiler
treats the datatypes as modular or just unsigned types. For the Ada
programmer there is a great difference since using modular datatypes will
increase the number of possible errors in the software and may cause
undesireable program behavious which may be difficult to correct.

To summarize. To translate C unsigned datatypes blindly as modular types in
Ada is contrary to what I perceive as "the Ada way of programming".

Examples of unsigned datatypes which should not automatically be translated
to modular types:
time_t - time in seconds since beginning of epoch
size_t - size of strings, variables, etc


If it is undesireable to change existing interfaces to C I propose that a
new child package to interfaces.c be introduced. The scope of the new child
should be to have sensible declaration for all _well known_ C datatypes on
the platform. By well known I mean the datatypes in the standard C library,
the socket library, etc. It would be a bonus if bindings to the libraries
were included, but that is not neccessary. The important issue is that it
becomes possible for the programmer to be certain of the size of a given
datatype. The size of some datatypes may vary from platform to platform and
it would be a relief if the individual author did not have to worry about
this.

I propose interfaces.c.ctypes as the name for such a package.

I don't see that lifting the max_int constraint on unsigned types will
create any problems for existing software.

*************************************************************


Questions? Ask the ACAA Technical Agent