From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00, REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4 X-Google-Thread: 103376,585fd78267abd80c,start X-Google-Attributes: gid103376,domainid0,public,usenet X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news3.google.com!feeder1-2.proxad.net!proxad.net!feeder2-2.proxad.net!newsfeed.arcor.de!newsspool1.arcor-online.net!news.arcor.de.POSTED!not-for-mail Date: Fri, 25 Jul 2008 10:01:49 +0200 From: Georg Bauhaus Reply-To: rm.tsoh+bauhaus@maps.futureapps.de User-Agent: Thunderbird 2.0.0.16 (Windows/20080708) MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: On pragma Precondition etc. Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-ID: <4889886d$0$18827$9b4e6d93@newsspool2.arcor-online.net> Organization: Arcor NNTP-Posting-Date: 25 Jul 2008 10:01:49 CEST NNTP-Posting-Host: a4c96262.newsspool2.arcor-online.net X-Trace: DXC=hiE=@oBU=^B=8m7nZkdN^@A9EHlD;3YcB4Fo<]lROoRA4nDHegD_]RE46J516AGP9IA:ho7QcPOVCIF13WGY9RUA X-Complaints-To: usenet-abuse@arcor.de Xref: g2news1.google.com comp.lang.ada:1320 Date: 2008-07-25T10:01:49+02:00 List-Id: A question about syntax. Thanks to GNAT 2008, there is now some initial support for stating preconditions and postconditions of supprograms, using pragma Pre-/Postcondition. Randy Brukardt has presented more thoughts on this to the Ada Comments mailing list; notably, by describing means to express a type's invariant, T'Constraint. (GNAT's pragmas can be used to state conditions right after the spec of a subprogram, and also at the start of declarations of a supbrogram body. Thus, procedure Foo(X, Y: Natural); pragma Precondition(X > Y);) My question is about the syntactical link of a Pre-/Postcondition to a subprogram declaration. Using GNAT's approach, the link is implicit: A spec Pre-/Postcondition applies to the immediately preceding subprogram declaration and to nothing else. At first sight it seems natural to *not* name the subprogram in the Pre-/Postcondition pragma. You could refer the questioner to the Department of Redundancy Department. On the other hand, there are opportunities for code restructuring. What happens to the Pre-/Postconditions then? I suggest the they can get mixed up. For example, exchange the alphabetical order of the following function declarations in a hurry, function More(X, Y: Integer); -- ... pragma Precondition(X > 2 * Y); function Less(X, Y: Integer); -- ... pragma Precondition(X < 2 * Y); So I would contend the lack of a *local_name* parameter in the pragmas Pre-/Postcondition. The parameter could be like those of pragma No_Return or pragma Inline, making the link to the subprogram explicit. We would have something like function More(X, Y: Integer); -- ... pragma Precondition(More, X > 2 * Y); function Less(X, Y: Integer); -- ... pragma Precondition(Less, X < 2 * Y); And now there is no doubt about the subprogram to which a Pre-/Postcondition belongs. (A rule that a spec Pre-/Postcondition pragma must come right after its subprogram will establish consistency.) (On the Ada Comments list, there seems to have been some agreement that there should be some syntax in the future, perhaps obsoleting this discussion...)