From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 Path: eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!mx02.eternal-september.org!.POSTED!not-for-mail From: Bob Duff Newsgroups: comp.lang.ada Subject: Re: Instantiating package problems Date: Wed, 06 Jan 2016 09:25:44 -0500 Organization: A noiseless patient Spider Message-ID: <87egduhjiv.fsf@theworld.com> References: <7dcd49f3-b04f-4ea3-b431-5c27f73b9afe@googlegroups.com> <87poxixqmy.fsf@theworld.com> <112f5e6c-35c1-483a-b8dd-24f5f76dc6ce@googlegroups.com> <084197af-8e37-4250-a083-b45bd9ab4609@googlegroups.com> Mime-Version: 1.0 Content-Type: text/plain Injection-Info: mx02.eternal-september.org; posting-host="856d30583d7541a653e38eddb33cfcfc"; logging-data="20043"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX197Or2BIFOqkq0Q/2uJwb+y" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) Cancel-Lock: sha1:qI9tEUrnc+u3cXBWZUW9LfjuByA= sha1:9BMPtRL3NUFGbOraPqyoGTOdjM0= Xref: news.eternal-september.org comp.lang.ada:29033 Date: 2016-01-06T09:25:44-05:00 List-Id: Anh Vo writes: > On Tuesday, January 5, 2016 at 7:31:00 PM UTC-8, Andrew Shvets wrote: >> On Monday, January 4, 2016 at 3:49:32 PM UTC-5, Anh Vo wrote: >> > On Sunday, January 3, 2016 at 4:07:30 PM UTC-8, Andrew Shvets wrote: >> > > Hi Bob, >> > > >> > > Thanks for writing back. This is the entire example: >> > > http://pastebin.com/GEJT3WzL >> > >> > Just recommend to add a precondition to function Division as shown below. By the way, this feature is part of latest Ada (Ada 2012). In addition, you should think about adding precondition to other operations such as Addition where Input1 + Input2 <= Integer'Last and Input1 + Input2 >= Integer'Last. >> > >> > function Division( >> > Input1 : in Integer; >> > Input2 : in Integer) >> > return Integer >> > with pre => Input2 /= 0; I prefer predicates in a case like that: subtype Nonzero is Integer with Predicate => Nonzero /= 0; And then Input2 can be of subtype Nonzero. (Predicate is specific to GNAT; use Static_Predicate if you want to conform to the Ada standard.) >> I'm not sure that that worked. I added it to my ads file and after >> compilation and then re-running the application, this is what I got: >> >> .... >> >> Division: 4 >> >> >> raised CONSTRAINT_ERROR : calculator.adb:33 divide by zero >> >> Shouldn't the division function been prevented from running the actual division operation beforehand? > > The preconditions and postconditions are controlled by pragma > Assertion_Policy. Thus, pragma Assertion_Policy(Check) must be added at the top > of the package specification. Absent of this pragma is equivalent to pragma > Assertion_Policy (Ignore). That means these conditions are ignored. By the way, > ASSERTION_ERROR exception would be raised instead of CONSTRAINT_ERROR. I wouldn't bother fooling about with Assertion_Policy. Just use the -gnata switch. If you do use Assertion_Policy, you probably want it in a global configuration file, so it applies to all of your code. - Bob