From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=0.4 required=5.0 tests=BAYES_00,FORGED_MUA_MOZILLA autolearn=no autolearn_force=no version=3.4.4 X-Google-Thread: a07f3367d7,b78c363353551702 X-Google-Attributes: gida07f3367d7,public,usenet X-Google-NewGroupId: yes X-Google-Language: ENGLISH,ASCII Received: by 10.68.227.67 with SMTP id ry3mr9332640pbc.8.1340627952286; Mon, 25 Jun 2012 05:39:12 -0700 (PDT) Path: l9ni18167pbj.0!nntp.google.com!news1.google.com!news3.google.com!feeder1-2.proxad.net!proxad.net!feeder2-2.proxad.net!newsfeed.arcor.de!newsspool3.arcor-online.net!news.arcor.de.POSTED!not-for-mail Date: Mon, 25 Jun 2012 14:39:06 +0200 From: Georg Bauhaus User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20120614 Thunderbird/13.0.1 MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: Re: about the new Ada 2012 pre/post conditions References: <1hgo6aks03zy.by4pq4xbjsgf$.dlg@40tude.net> <1jvy3elqtnd1j.1sjbk32evhp1f$.dlg@40tude.net> <1oih2rok18dmt.avbwrres5k12.dlg@40tude.net> <4fe59ea0$0$9502$9b4e6d93@newsspool1.arcor-online.net> <1mkp7fzlk1b0y.1ueinfjn48fcy$.dlg@40tude.net> <4fe72b6b$0$9504$9b4e6d93@newsspool1.arcor-online.net> <1bbvp3ghpjb5s.1go1s1qvcmagh$.dlg@40tude.net> <4fe76fad$0$9507$9b4e6d93@newsspool1.arcor-online.net> <1jt8vhzxfrv2i.eohce4d3rwx1$.dlg@40tude.net> <4fe83aaa$0$6624$9b4e6d93@newsspool2.arcor-online.net> <1pkfv0tiod3rn$.onx6dmaa3if9$.dlg@40tude.net> In-Reply-To: <1pkfv0tiod3rn$.onx6dmaa3if9$.dlg@40tude.net> Message-ID: <4fe85beb$0$6638$9b4e6d93@newsspool2.arcor-online.net> Organization: Arcor NNTP-Posting-Date: 25 Jun 2012 14:39:07 CEST NNTP-Posting-Host: 262811d7.newsspool2.arcor-online.net X-Trace: DXC=@XF76el3OJhOKO]LCQ@0g`A9EHlD;3Ycb4Fo<]lROoRa8kFjLh>_cHTX3jm_cm8Ab3iY On 25.06.12 13:54, Dmitry A. Kazakov wrote: >> Indeed, it helps to remember that logicians and mathematicians >> have learned that logic and mathematics cannot justify themselves. > > No, they never ever did that. They tried, though. I didn't even say that they did. Frege thought, for some time, that he had done. Russel sent a correction. Hilbert did not give up, though: http://en.wikipedia.org/wiki/File:HilbertGrab.jpg WIR M�SSEN WISSEN WIR WERDEN WISSEN Optimism! >> We have to do something. DbC is something. Better than nothing. > > Is SPARK nothing? Try new Data'(Size => More_than_4k); > Is strong typing nothing? Until Ada 2012, there was nothing in addition to the strong type system of Ada 2005. > But you seemingly did not read what I wrote earlier. There is either #1 or > #2. I have tried to explain that neither #1 nor #2 are applicable because they assume applicability of exhaustive formal analysis to general program design (not programs). Wrong frame of reference. DbC does not claim to be a replacement for a type system. >> DbC is a best effort thing like every system building effort. > > How are you going to prove this, if "DbC" contradicts logic itself? A program that is known to be covered entirely by logic is really an exception. Its notion, however, sells and is a good, justifiable tool in political rhetoric, IMHO. Proving things in a DbC framework is similar to proving things with the help of more than Ada, as is done when using SPARK. If we can't have a more proof friendly type system, let's have at least aspects. Proofs isn't everything. Writing programs for system is.