From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=0.4 required=5.0 tests=BAYES_00,FORGED_MUA_MOZILLA autolearn=no autolearn_force=no version=3.4.4 X-Google-Thread: 103376,ea5071f634c2ea8b X-Google-NewGroupId: yes X-Google-Attributes: gida07f3367d7,domainid0,public,usenet X-Google-Language: ENGLISH,ASCII-7-bit Received: by 10.68.35.131 with SMTP id h3mr1745000pbj.1.1322006851042; Tue, 22 Nov 2011 16:07:31 -0800 (PST) Path: lh20ni7052pbb.0!nntp.google.com!news1.google.com!goblin2!goblin.stu.neva.ru!news.internetdienste.de!news.tu-darmstadt.de!news.belwue.de!newsfeed.arcor.de!newsspool1.arcor-online.net!news.arcor.de.POSTED!not-for-mail Date: Wed, 23 Nov 2011 01:07:25 +0100 From: Georg Bauhaus User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:7.0.1) Gecko/20110929 Thunderbird/7.0.1 MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: Re: Generic-Package Elaboration Question / Possible GNAT Bug. References: <7bf9bc32-850a-40c6-9ae2-5254fe220533@f29g2000yqa.googlegroups.com> <4295dc09-43de-4557-a095-fc108359f27f@y42g2000yqh.googlegroups.com> <3snehoqgs8ia$.1nobjem6g6hx6$.dlg@40tude.net> <128rdz2581345$.c4td19l7qp9z$.dlg@40tude.net> <16ipwvpdavifr$.17bxf7if7f6kh$.dlg@40tude.net> <4ecb78b1$0$6643$9b4e6d93@newsspool2.arcor-online.net> <1iofgbqznsviu$.phvidtvxlyj4$.dlg@40tude.net> <4ecbb96e$0$6581$9b4e6d93@newsspool3.arcor-online.net> <4ecbdfdb$0$6629$9b4e6d93@newsspool2.arcor-online.net> <12hfiflyf7pr5$.l3pkpgoid8xt$.dlg@40tude.net> <1ecuhb030iugz.4q1hfjx371xa.dlg@40tude.net> In-Reply-To: <1ecuhb030iugz.4q1hfjx371xa.dlg@40tude.net> Message-ID: <4ecc393d$0$7625$9b4e6d93@newsspool1.arcor-online.net> Organization: Arcor NNTP-Posting-Date: 23 Nov 2011 01:07:25 CET NNTP-Posting-Host: d03bbd5f.newsspool1.arcor-online.net X-Trace: DXC=eaPDogM[4IOC4i^e1BZ=_Hic==]BZ:afN4Fo<]lROoRA<`=YMgDjhgB@:>SDEfdW7FPCY\c7>ejVH1:G4`DH3cXLKYVlPbQ3g=O X-Complaints-To: usenet-abuse@arcor.de Xref: news1.google.com comp.lang.ada:19046 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Date: 2011-11-23T01:07:25+01:00 List-Id: On 22.11.11 22:26, Dmitry A. Kazakov wrote: > Sure, I meant only dynamic checks of *program correctness*. Overflow or > index are not such checks, they are here to enforce defined, contracted > behavior. > > Pre-/post-conditions and accessibility checks pretend [only pretend] to be > correctness checks, yielding true if the program is correct. As the result > the user expects them not to raise exceptions This will indeed be a wrong expectation; why would programmers expect that there will be no exceptions if there are checks all over the place? > and is programming the rest > correspondingly. That is a wrong idea, which makes programs less safe due > to false expectations. It is same as reading file and expecting that > End_Error is never raised. I want that exception expectations were > contracted and checked statically. If impossible to prove, the program > should only be legal if it is *visibly* annotated as potentially raising > the corresponding exception. DbC (TM) means: an objects primitive operation may raise an exception. That's part of the business. Thus if there is procedure ... with post => postcondition; then, yes, it should probably be understood to mean procedure ... with post => raise when not postcondition; is there substantial difference in behavior, regarding both that of the program and that of the programmer?