Re: Pre-condition vs. Post-condition

[mfeldman@seas.gwu.edu (Michael Feldman)]

In article <5070@goanna.cs.rmit.oz.au> ok@goanna.cs.rmit.oz.au (Richard A. O'Keefe) writes:
>
>global variables with the desired array sizes were initialised.  Now C
>has this helpful little rule that global variables are initialised to
>0 (0.0, NIL, ASCII.NUL, FALSE, or whatever the equivalent happens to be).
>Precisely *because* the variables were initialised to a "sensible" value
>the error was unexpectedly hard to detect.

I don't think the _compiler_ (or the standard) should micro-manage what
should be a programmer's responsibility, namely determining, type by type,
what a "sensible" value means.
>
>Don't expect default initial values for types to be an unmixed blessing.
>
Perhaps we have a terminological problem here. By "default initial value"
we do _not_ mean "the compiler determines the value." We _do_ mean "the
programmer has the option of specifying the initializing value, and
all declared objects then have this value when they are elaborated."
This is only inconsistently possible in Ada83. 

If if we wanted the compiler to do it, things are easier said than done.
Given things like range constraints, etc., which C doesn't have to
worry about, it could be messy for the compiler to determine what the
initial value should be. E.g. 0 isn't a sensible initial value for
a Positive subtype. Perhaps Type'First would make sense, but I
still think this would micro-manage what should be a project choice.
Give the programmer the option.

Taking it a step further, the Ada9x standard _could_ REQUIRE that the
programmer give all types default initial values. I favor this;
I think it corresponds to the Dijkstra notation you were referring to.
Going that far may be controversial; I'd settle for a consistent rule
_allowing_ the programmer to do it.

Mike Feldman