From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=0.4 required=5.0 tests=BAYES_00,FORGED_MUA_MOZILLA autolearn=no autolearn_force=no version=3.4.4 X-Google-Thread: 103376,ad06d2d7cb045687 X-Google-NewGroupId: yes X-Google-Attributes: gida07f3367d7,domainid0,public,usenet X-Google-Language: ENGLISH,UTF8 Received: by 10.68.199.73 with SMTP id ji9mr13785142pbc.5.1328013252897; Tue, 31 Jan 2012 04:34:12 -0800 (PST) Path: lh20ni244769pbb.0!nntp.google.com!news1.google.com!volia.net!news2.volia.net!feed-A.news.volia.net!news.musoftware.de!wum.musoftware.de!newsfeed.straub-nv.de!uucp.gnuu.de!newsfeed.arcor.de!newsspool3.arcor-online.net!news.arcor.de.POSTED!not-for-mail Date: Tue, 31 Jan 2012 13:33:41 +0100 From: Georg Bauhaus User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:9.0) Gecko/20111222 Thunderbird/9.0.1 MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: Re: Silly and stupid =?UTF-8?B?cG9zdOKAkWNvbmRpdGlvbiBvciBub3TCoA==?= =?UTF-8?B?Pw==?= References: <12kegkefstjiy.115bw2vmx23ll.dlg@40tude.net> <4f27b5e8$0$6628$9b4e6d93@newsspool2.arcor-online.net> <19jyp0vyqkcop$.6oatj9p6pcp1$.dlg@40tude.net> In-Reply-To: <19jyp0vyqkcop$.6oatj9p6pcp1$.dlg@40tude.net> Message-ID: <4f27dfa5$0$6570$9b4e6d93@newsspool4.arcor-online.net> Organization: Arcor NNTP-Posting-Date: 31 Jan 2012 13:33:41 CET NNTP-Posting-Host: 3e0b9a06.newsspool4.arcor-online.net X-Trace: DXC=[JH:hYf=ZJG^B]`=U:WelB4IUKJLh>_cHTX3jM^obfD:TT1oH X-Complaints-To: usenet-abuse@arcor.de Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Date: 2012-01-31T13:33:41+01:00 List-Id: On 31.01.12 11:22, Dmitry A. Kazakov wrote: > On Tue, 31 Jan 2012 10:35:35 +0100, Georg Bauhaus wrote: > >> On 31.01.12 09:54, Dmitry A. Kazakov wrote: >>> On Tue, 31 Jan 2012 00:11:43 +0100, Yannick Duchêne (Hibou57) wrote: >>> >>>> function Parsed (S : String) return Parsed_Type >>>> with Post => >>>> (if S'Length not in Image_Length_Type then >>>> Parsed'Result.Status = Format_Error); >>>> -- There may be other failure conditions. >>>> >>>> >>>> Is such a post‑condition a good or bad practice in your humble or >>>> authoritative opinion ? >>> >>> I would say it would be a bad practice. The reason is that IMO the >>> postcondition must be complete, it must tell all truth or nothing. Your >>> prostcondition is a partial truth, it does not describe all cases when >>> Status is mandated to be Format_Error. >> >> One way to express a "hints only" postcondition is >> >> with Post => True or -- yes, mathniks, just FTR: >> (if ... then ... >> >> The idea is that the partial truth, in the shape of a >> formal note, can later lead to an improved program >> structure. > > Apply your idea to the case statement: > > case Char is > when 'A' => Put_Line ("Got A"); > end case; I was only picking up the idea that a case statement's completeness is decidable and postconditions aren't. Nor need they be. Yet, incomplete information ("lies") can add value to the "about" part of the annotated thing. Until the formalists succeed in making the program better ("correct" WRT a set of decidable hypotheses), that's something. If aspects are misused to make an impression, to produce a cover-up of premature (non-)design, then that's not different form using something more complete: a decidable cover-up does not change the premature state (the "lie") of the software. It just is a formally more correct lie. :-)