Err, no they don't. Clearly an object of the type can hold a value
outside TYPE_MIN_VALUE/TYPE_MAX_VALUE at runtime. That IMHO means
that TYPE_MIN_VALUE/TYPE_MAX_VALUE do not reflect reality.
What does "can" mean here? If it means "is physically capable of", then
TYPE_MIN_VALUE and TYPE_MAX_VALUE have no meaning an any context.
I interpret "can" as meaning "is allowed to according to the semantics
of the language", meaning that if the value is outside that range, it's
an invalid (technicallly "erroneous" in Ada terminology).
Having a consistent TYPE_MIN_VALUE and TYPE_MAX_VALUE in no way
prohibits you from implementing these tests.
Of course it doesn't! I was agreeing with you. I was also separating
the issue of those tests from the issue at hand.
OK, so then we can claim the Ada code in question in bogus? Or at
least put the burden of proving the code is correct back in your
court? I've clearly showed that VRP is "miscompiling" the code
because of the bogus values for TYPE_MAX_VALUE. But if you claim that
having a value outside TYPE_MAX_VALUE is invalid according to the
language, then the source code must be incorrect.
No, I don't think the Ada code in question is bogus. My understanding
of this thread is that somebody (either the Ada front end, gimplification,
or the optimizer) is breaking the type-correctness of the tree.
Which implies that TYPE_MIN_VALUE/TYPE_MAX_VALUE need to reflect the
set of values which can be placed into the object by way of an
unchecked conversion.
No, because in the absence of a 'Value, the unchecked conversion must
*also* produce a value in the range to be non-erroneous. The *only*
case we need to worry about is an object that is *both* the target of
an unchecked conversion *and* the operand of a 'Valid. That applies
to an exceedingly tiny number of objects and they should not drive the
entire type system, as I said. Instead, what we need to do is define
some tree node (or flag) that tells VRP "don't deduce any value
through this node". That's enough to handle this rare case.
No they are not. The ADa front-end says that an object of a particular
type as a set of values [x .. y]. However, at runtime the object is
allowed to have values outside that range.
Not for the normal meaning of "allowed". With the single exception above,
a program is erroneous if, at run time, the values are otuside that range.
