From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00, REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4 X-Google-Thread: a07f3367d7,df055ffdd469757d X-Google-Attributes: gida07f3367d7,public,usenet X-Google-NewGroupId: yes X-Google-Language: ENGLISH,ASCII-7-bit X-Received: by 10.180.24.132 with SMTP id u4mr2381265wif.6.1361848894566; Mon, 25 Feb 2013 19:21:34 -0800 (PST) Path: bp2ni59434wib.1!nntp.google.com!feeder1.cambriumusenet.nl!feed.tweaknews.nl!194.109.133.83.MISMATCH!newsfeed.xs4all.nl!newsfeed4.news.xs4all.nl!xs4all!border4.nntp.ams.giganews.com!border2.nntp.ams.giganews.com!nntp.giganews.com!news.teledata-fn.de!weretis.net!feeder4.news.weretis.net!news.mixmin.net!aioe.org!.POSTED!not-for-mail From: "Dmitry A. Kazakov" Newsgroups: comp.lang.ada Subject: Re: Class wide preconditions: error in GNAT implementation? Date: Mon, 18 Feb 2013 15:25:04 +0100 Organization: cbb software GmbH Message-ID: <1r2tvdtl13at0.3nopie8tus4v.dlg@40tude.net> References: <30edd381-7505-496a-99e5-f884faf33c33@googlegroups.com> <16s3mt7cm3n61$.8qu6fp1nglfq.dlg@40tude.net> <1a648dqoysnp4$.7l9zsp043d2e.dlg@40tude.net> <377a4b9b-eec8-4af9-af3f-fdeb008339e4@googlegroups.com> <1hjhzbhx5ryn7$.rst5open618c.dlg@40tude.net> Reply-To: mailbox@dmitry-kazakov.de NNTP-Posting-Host: FbOMkhMtVLVmu7IwBnt1tw.user.speranza.aioe.org Mime-Version: 1.0 X-Complaints-To: abuse@aioe.org User-Agent: 40tude_Dialog/2.0.15.1 X-Notice: Filtered by postfilter v. 0.8.2 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Date: 2013-02-18T15:25:04+01:00 List-Id: On Mon, 18 Feb 2013 09:17:57 +0000, Simon Wright wrote: > "Dmitry A. Kazakov" writes: > >> On Sat, 16 Feb 2013 11:55:55 -0800 (PST), ytomino wrote: >> >>> On Sunday, February 17, 2013 1:35:12 AM UTC+9, Dmitry A. Kazakov wrote: >>>> On Sat, 16 Feb 2013 05:13:53 -0800 (PST), ytomino wrote: >>>>>>> In this case, the caller should keep As.foo'Pre'Class because >>>>>> calling As.foo. >>>>>> No, the caller shall satisfy the precondition of the >>>>>> callee. Regarding inheritance, a primitive operation (callee) may >>>>>> weaken the precondition it overrides. This is why logical >>>>>> disjunction apply, as Randy said. >>>>> No. The caller is "client" of not Bs but As, in this case. >>>> >>>> The precondition of a dispatching call is one of the class. The >>>> precondition of the specific operation can be weaker. The >>>> precondition of a LSP subclass can be stronger. All three shall be >>>> satisfied by the caller, but only the first one is actually >>>> constraining for it, because the second two are automatically >>>> satisfied through the mechanism of dispatching call and type >>>> coercion. >>> >>> Yes. *only the first one* = only As.foo'Pre'Class should be satisfied. >> >> No, all preconditions must be satisfied, otherwise, the program is >> incorrect, provided it is correctness we are talking about. > [...] >> But then the precondition of B'Class is *required* to be true for an >> object which is in that class. The precondition of A'Class is weaker >> and need not to be checked if one for B'Class is satisfied. > > This is the wrong way round. A subclass can only _weaken_ the > precondition of the superclass. Anything else violates LSP. LSP is wrong in general. A narrower "truer" version of LSP applies specifically to operations and their preconditions and all that in the context of substitutability, which is not the case for a dispatching call. A dispatching call does not substitute unless the body is inherited. Anyway, trivially, consider the following types: type A is ...; type B is new A with ...; The predicate P=x in A'Class is true for both A and B. The predicate Q=y in B'Class is true B and false for A. hence Q=>P, Q is stronger. [Tag checks violate LSP] > This new feature introduces a whole new opportunity for error: getting > the preconditions wrong. Yes, but the major crime here is mingling correctness with program semantics. The thing meant to be executed in the prologue of an operation has nothing to do with correctness, it is about operation composition upon inheritance and/or about object construction. -- Regards, Dmitry A. Kazakov http://www.dmitry-kazakov.de