From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,ad06d2d7cb045687 X-Google-NewGroupId: yes X-Google-Attributes: gida07f3367d7,domainid0,public,usenet X-Google-Language: ENGLISH,UTF8 Received: by 10.68.226.10 with SMTP id ro10mr1684854pbc.6.1328175620189; Thu, 02 Feb 2012 01:40:20 -0800 (PST) Path: lh20ni251673pbb.0!nntp.google.com!news2.google.com!npeer01.iad.highwinds-media.com!news.highwinds-media.com!feed-me.highwinds-media.com!post02.iad.highwinds-media.com!news.flashnewsgroups.com-b7.4zTQh5tI3A!not-for-mail From: Stephen Leake Newsgroups: comp.lang.ada Subject: Re: Silly and stupid post-condition or not ? References: <82wr86fzos.fsf@stephe-leake.org> <5af407fc-2868-44ca-84d2-c51a2a64104d@o4g2000pbc.googlegroups.com> Date: Thu, 02 Feb 2012 04:40:20 -0500 Message-ID: <82k445fu9n.fsf@stephe-leake.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.2 (windows-nt) Cancel-Lock: sha1:zqMPzqIw6hSUjqxKLU3711f3/1k= MIME-Version: 1.0 X-Complaints-To: abuse@flashnewsgroups.com Organization: FlashNewsgroups.com X-Trace: efa884f2a5a03e029e66106634 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Date: 2012-02-02T04:40:20-05:00 List-Id: Adam Beneschan writes: > On Feb 1, 12:36 am, Stephen Leake > wrote: >> "Yannick DuchĂȘne (Hibou57)" writes: >> >> >> >> >> >> > type Parsed_Type (Status : Parsed_Status_Type) is record >> > case Status is >> > when Parsed => >> > Instance : Instance_Type; >> > when Format_Error => >> > null; >> > end case; >> > end record; -- Parsed_Type >> >> > function Parsed (S : String) return Parsed_Type >> > with Post => >> > (if S'Length not in Image_Length_Type then >> > Parsed'Result.Status = Format_Error); >> > -- There may be other failure conditions. >> >> > Is such a post-condition a good or bad practice in your humble or >> > authoritative opinion ? >> >> > Keep in mind there may be many other cases where "Parsed'Result.Status >> > = Format_Error" could be True; the one in the Post is not the only >> > possible one. >> >> That means the post condition is misleading, and therefore bad. > > I don't see this. It would be misleading to someone who doesn't > understand the fallacy of the converse, but I'd hope that computer > science students would be taught not to make this mistake by the end > of the first or second year. It is true that this post condition leaves open the possibility of other causes of failure. But they should be documented as well; why is only this one singled out? I agree with Dmitry; post conditions should be _complete_. If the Ada post condition language is not strong enough to be complete, don't use it; use natural language comments. -- -- Stephe