From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM
	autolearn=ham autolearn_force=no version=3.4.4
X-Google-Thread: 103376,6327f05d4989a68d
X-Google-NewGroupId: yes
X-Google-Attributes: gida07f3367d7,domainid0,public,usenet
X-Google-Language: ENGLISH,UTF8
X-Received: by 10.66.82.103 with SMTP id h7mr3534545pay.11.1356364180876;
        Mon, 24 Dec 2012 07:49:40 -0800 (PST)
Path: 
 6ni62194pbd.1!nntp.google.com!Xl.tags.giganews.com!border1.nntp.dca.giganews.com!nntp.giganews.com!local2.nntp.dca.giganews.com!news.giganews.com.POSTED!not-for-mail
NNTP-Posting-Date: Mon, 24 Dec 2012 09:49:40 -0600
Date: Mon, 24 Dec 2012 10:49:39 -0500
From: "Peter C. Chapin" <pcc482719@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:17.0) Gecko/17.0 Thunderbird/17.0
MIME-Version: 1.0
Newsgroups: comp.lang.ada
Subject: Exception contracts for Ada? Was: Re: Press Release - Ada 2012
 Language
 Standard Approved by ISO
References: <kap6v8$mr7$1@dont-email.me>
 <wcc8v8vti17.fsf@shell01.TheWorld.com>
 <CCF68CB9.22EB9%yaldnif.w@blueyonder.co.uk>
 <7wrdmbre6jw9.qww9l0uzj6mg.dlg@40tude.net> <katr14$sef$2@munin.nbi.dk>
 <14oqoq06zhlu2.tcasif3hdyhw.dlg@40tude.net> <kb333b$tcg$1@munin.nbi.dk>
 <1drh1q1ln2dfh$.a9hwlg01fjfy.dlg@40tude.net>
 <50d6365d$0$6577$9b4e6d93@newsspool3.arcor-online.net>
 <1pbg79bz92j3t$.sz41zduivjfp.dlg@40tude.net> <op.wps6bmzrule2fv@cardamome>
 <w5jgx6nw0sab.tkawy9yi5zs.dlg@40tude.net> <op.wptir6egule2fv@cardamome>
In-Reply-To: <op.wptir6egule2fv@cardamome>
Message-ID: <46idnVdMEr8J5EXN4p2dnAA@giganews.com>
X-Usenet-Provider: http://www.giganews.com
X-Trace: 
 sv3-gTJ2/RyxXujpFo61tb039DnNRw8BkY/T8KjG+9FbSY7tOfcE4nqrW0NJveaqOJtdSiSFJYa2T5OvQ37!C/b1b15zEkC+dLyalZ2+QU3stWrMA+R+66Y2HBbNDCvKz67pMrvrqFHWamG8760=
X-Complaints-To: abuse@giganews.com
X-DMCA-Notifications: http://www.giganews.com/info/dmca.html
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint
 properly
X-Postfilter: 1.3.40
X-Original-Bytes: 4408
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Date: 2012-12-24T10:49:39-05:00
List-Id: <comp.lang.ada>

On 12/24/2012 06:13 AM, Yannick Duchêne (Hibou57) wrote:

> This one is fine, I see your point now.

Exception contracts are a huge, HUGE topic and one that shouldn't be 
treated too lightly. I can understand their attraction in a language 
that prides itself on its suitability for robust programming. However, 
if exception contracts are ever added to Ada I pray to the Ada gods (the 
ARG?) that it is only done after an extensive review has been made of 
the issues related to them in other languages. One only needs to search 
for the topic of exception specifications in C++ and Java to find a 
mountain of discussion on the subject. Consider:

+ Should exception contracts be enforced statically or dynamically?

+ Should exception contracts be enforced at all or only produce warnings 
or logs?

+ What about backward compatibility with the existing code base? We 
don't want to force people to decorate all code with exception contracts 
before it will compile again with Ada 2020 (or whatever). Do we?

+ Should exception contracts distinguish between "impossible" exceptions 
that shouldn't occur in a correct program (like Constraint_Error) and 
"normal" exceptions that pertain to environmental problems such as 
invalid input data?

+ How should exception contracts interact with generic code?

+ Should exception contracts be a part of a subprogram's type? Consider 
access to subprogram values and their usage.

+ How should exception contracts interact with other static analysis 
techniques? For example if a subprogram has a contract that says it 
might raise exception E, but if static analysis can prove that a 
particular usage will not actually raise E, does the programmer have to 
declare a contract on the calling subprogram about E? One objection I've 
heard about exception specifications in Java is that they require 
programmers to either specify (or handle) exceptions that "clearly" can 
never actually arise at that particular program point.

Now that Ada has preconditions the last point is particularly acute. The 
precondition on a procedure P might guarantee that a called subprogram 
won't raise an exception that it might nevertheless declare in its 
exception contract. It would be really unpleasant if the programmer had 
to also add an exception contract to P stating that it might raise an 
exception that the programmer knows the precondition will prevent!

This is just a sample of some of the issues involved in the subject. 
There are those who have answers for all of these issues. That's great. 
But again I sincerely hope that if exception contracts are ever 
seriously considered for Ada that the matter be given the deep 
consideration it deserves.

Peter