From: Andrew Shvets <andrew.shvets@gmail.com>
Subject: Re: What am I doing wrong with contracts? Why are they succeeding when they should be failing?
Date: Sun, 29 Oct 2017 18:37:24 -0700 (PDT)
Date: 2017-10-29T18:37:24-07:00 [thread overview]
Message-ID: <4924b0ad-47a2-497e-a363-a341726ca45d@googlegroups.com> (raw)
In-Reply-To: <ef7f0ad9-a544-4823-aa81-64b4ba962450@googlegroups.com>
On Sunday, October 29, 2017 at 8:16:43 PM UTC-4, Shark8 wrote:
> > procedure Multiply_By_Two(Arr : in out Int_Array)
> > with Pre => (for all Item in Arr'Range =>
> > Arr(Item) /= 6),
> > Post => (for all Item in Arr'Range =>
> > Arr(Item) = Arr'Old(Item) * 2);
> >
> >
> > I simply pass in the array into Multiply_By_Two and then print out the array as needed. This is what gets me. The array has elements going from 6 to 45.
>
> Your precondition is wrong then, all it's checking is that the [elements of the] inputs aren't 6, leaving things like 2 or 3 (or -17) as valid. I would recommend something like "with Pre => (for all Item in Arr'Range => Arr(Item) in 6..45)".
I did that on purpose. I was trying to figure out why my logic wasn't working, so I used a blatantly wrong comparison (the array did have one 6 in it, so I should have seen an error.)
prev parent reply other threads:[~2017-10-30 1:37 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-29 0:31 What am I doing wrong with contracts? Why are they succeeding when they should be failing? Andrew Shvets
2017-10-29 0:34 ` Andrew Shvets
2017-10-29 2:42 ` Andrew Shvets
2017-10-29 7:20 ` joakimds
2017-10-29 13:42 ` Andrew Shvets
2017-10-29 19:17 ` Anh Vo
2017-10-29 19:41 ` Andrew Shvets
2017-10-30 0:16 ` Shark8
2017-10-30 1:37 ` Andrew Shvets [this message]
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox