From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,PLING_QUERY autolearn=no autolearn_force=no version=3.4.4 X-Google-Thread: 103376,b6d862eabdeb1fc4 X-Google-NewGroupId: yes X-Google-Attributes: gida07f3367d7,domainid0,public,usenet X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news4.google.com!feeder3.cambriumusenet.nl!feed.tweaknews.nl!217.73.144.44.MISMATCH!ecngs!feeder.ecngs.de!217.188.199.168.MISMATCH!takemy.news.telefonica.de!telefonica.de!newsfeed.arcor.de!newsspool3.arcor-online.net!news.arcor.de.POSTED!not-for-mail Date: Mon, 07 Jun 2010 13:13:18 +0200 From: Georg Bauhaus User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4 MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: Re: Ada noob here! Is Ada widely used? References: <0e88de66-128c-48fd-9b9f-fdb4357f318a@z17g2000vbd.googlegroups.com> <2o8vq76hpv1m.vs7m2beo23nz.dlg@40tude.net> <1q5k4indthpli.1dn17o4ue4a15$.dlg@40tude.net> <4c0c1188$0$6887$9b4e6d93@newsspool2.arcor-online.net> In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Message-ID: <4c0cd44f$0$6766$9b4e6d93@newsspool3.arcor-online.net> Organization: Arcor NNTP-Posting-Date: 07 Jun 2010 13:13:19 CEST NNTP-Posting-Host: 0788805d.newsspool3.arcor-online.net X-Trace: DXC=TZnZGlLi^Uh:i=48;n?Z:`McF=Q^Z^V3h4Fo<]lROoRa8kFjLh>_cHTX3jmGiK0A\Kn?Qh X-Complaints-To: usenet-abuse@arcor.de Xref: g2news1.google.com comp.lang.ada:11404 Date: 2010-06-07T13:13:19+02:00 List-Id: On 07.06.10 09:56, Martin Krischik wrote: > Am 06.06.2010, 23:22 Uhr, schrieb Georg Bauhaus > : > >> On 6/6/10 3:10 PM, Dmitry A. Kazakov wrote: > >> It seems worthwhile mentioning that DbC's primary purpose >> is not to augment programs with run-time checks; rather, DbC asks >> for programmers who write as if there was no assertion monitoring >> but who explain their code with pre/post/inv. The operator may >> turn on run-time monitoring so that he/she is notified if something goes >> wrong (disproving the programmers' assumptions; the monitor stops >> the program or runs the remains in a debugger). > > Sounds a lot like Java assertions. We makes me think: > > If the captain thinks that there might be icebergs on route he orders to > take on live boats. If not he leaves them at shore to save petrol and > gain extra speed. The later is default if the captain forgets to make a > decision. A captain requesting lifeboats does not prepare for exception handling. You use lifeboats when the ship sinks, the ship's components have failed, possibly after an impact of unexpected I/O (an iceberg popping up, say). By analogy, sinking is when the program stops. DbC, however, has to do with designing components of the ship. You can have rescue clauses (exception handlers) in DbC. But the idea is that a correct program is better. Yet, praising one-self to be preparing for exceptional situations is only as safe normal flow of control within and from exception handlers---if they are at all prepared to handle a situation. Exceptional situations is "unprogrammed" exceptional state, since this is what "exceptional" is about, if anything. And if a hammer turns out to be made of wood, some contract is broken. If no one thought of such a preposterous choice of material for a hammer, it will be reasonable to expect there is no handler for this outcome. Hence no rescue clause. Next ship will have a type, though, that allows distinguishing different kinds of hammer.