From: gmckee@cloudnine.com (Gary McKee)
Subject: Re: Assertions (a different intent?)
Date: 1996/06/24
Date: 1996-06-24T00:00:00+00:00 [thread overview]
Message-ID: <ADF43817966867238@p1.denver2.dialup.csn.net> (raw)
In-Reply-To: DtI7n4.Brz@world.std.com
In article <DtI7n4.Brz@world.std.com>,
bobduff@world.std.com (Robert A Duff) wrote:
> for these two cases. Note that in *both* of these cases, the compiler
> can optimize the following code based on the asserted "fact". These
> pragmas are really no different from constraint checks, which may or may
> not be suppressed, and which can, of course, affect the behavior of the
> program.
>
> The third case that Robert mentioned -- an assertion that cannot affect
> the behavior of the program in any way -- is quite impossible to define
> in language terms. It very well might be a useful thing, though.
---------------------------------------------------------------
Robert has explained how "Pragma Assert" actually works in GNAT and, no
doubt, it is useful as such. My own preference would be for something with
diametrically opposite semantics.
In particular, I see "assertions", whatever the syntax, as being a tool for
specifying a program/subprogram in more detail and with more restrictions
then the language semantics permit. Such an interpretation would REQUIRE
that the compiler process them and raise exceptions when appropriate. The
design constraint is that such assertions "must always be true IF the
system is correct implemented".
I achieve this affect with a simple package of Assertion procedures,
exceptions, etc. Some examples of usage:
1) Verify a boolean relation between two incoming parameters to a reusable
component:
assert (param-A > param-b);
2) Verify that a parameter to a reusable component is within a legal (but
non-contiguous) range (obviously, with syntactic changes):
assert (param-a in (23..143) or param-a in (312..445) );
Other possiblities certainly exist. Such assertion semantics allow a
competent deigner to embed design criteria, assumptions, and expectations
in the executable code.
next prev parent reply other threads:[~1996-06-24 0:00 UTC|newest]
Thread overview: 93+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <4p0fdd$4ml@news.atlantic.net>
1996-06-04 0:00 ` next "big" language?? (disagree) Peter Hermann
1996-06-04 0:00 ` The Amorphous Mass
1996-06-04 0:00 ` Robert Dewar
1996-06-06 0:00 ` Ken Garlington
1996-06-12 0:00 ` Help making ada pretty CSC Trusted Systems Group
1996-06-14 0:00 ` Sandy McPherson
1996-06-19 0:00 ` Ruediger Berlich
1996-06-04 0:00 ` next "big" language?? (disagree) Peter Hermann
1996-06-04 0:00 ` The Amorphous Mass
1996-06-05 0:00 ` Michael David WINIKOFF
1996-06-07 0:00 ` Robert Dewar
1996-06-05 0:00 ` Ian Ward
1996-06-05 0:00 ` The Amorphous Mass
1996-06-08 0:00 ` Robert Dewar
1996-06-08 0:00 ` The Amorphous Mass
1996-06-09 0:00 ` Robert Dewar
1996-06-08 0:00 ` Robert Dewar
1996-06-05 0:00 ` ++ robin
1996-06-05 0:00 ` Ian Ward
1996-06-05 0:00 ` Ian Ward
1996-06-06 0:00 ` Richard Riehle
1996-06-07 0:00 ` Richard Riehle
1996-06-08 0:00 ` O'Connor
1996-06-07 0:00 ` Robert Dewar
1996-06-10 0:00 ` Richard Riehle
1996-06-11 0:00 ` ++ robin
1996-06-11 0:00 ` Chris Warack <sys mgr>
1996-06-11 0:00 ` David Weller
1996-06-11 0:00 ` James_Rogers
1996-06-11 0:00 ` Kevin J. Weise
1996-06-11 0:00 ` ++ robin
1996-06-11 0:00 ` Ian Ward
1996-06-12 0:00 ` ++ robin
1996-06-12 0:00 ` Ian Ward
1996-06-11 0:00 ` Jon S Anthony
[not found] ` <4p60nk$imd@euas20.eua.ericsson.se>
[not found] ` <4p8lmq$oq7@goanna.cs.rmit.edu.au>
1996-06-11 0:00 ` ++ robin
1996-06-11 0:00 ` A. Grant
1996-06-12 0:00 ` ++ robin
1996-06-12 0:00 ` A. Grant
1996-06-14 0:00 ` Richard A. O'Keefe
1996-06-12 0:00 ` Robert Dewar
1996-06-17 0:00 ` A. Grant
1996-06-18 0:00 ` Robert Dewar
1996-06-24 0:00 ` Robert I. Eachus
1996-06-26 0:00 ` Norman H. Cohen
1996-06-19 0:00 ` Jon S Anthony
1996-06-20 0:00 ` Robert Dewar
1996-06-24 0:00 ` Dale Stanbrough
1996-06-24 0:00 ` Adam Beneschan
1996-06-24 0:00 ` Robert Dewar
1996-06-24 0:00 ` Lars Duening
1996-06-24 0:00 ` hopkinc
1996-06-24 0:00 ` Assertions (was: Re: next "big" language?? (disagree)) Robert A Duff
1996-06-24 0:00 ` Gary McKee [this message]
1996-06-24 0:00 ` Robert Dewar
1996-06-25 0:00 ` Robert A Duff
1996-06-28 0:00 ` Robert Dewar
[not found] ` <4qrljg$15l8@watnews1.watson.ibm.com>
1996-06-28 0:00 ` Robert Dewar
1996-06-26 0:00 ` next "big" language?? (disagree) Marc C. Brooks
1996-06-26 0:00 ` Marc C. Brooks
[not found] ` <4qsbm7$r1s@Starbase.NeoSoft.COM>
1996-06-28 0:00 ` "Assert"? "Assume"? (was: next "big" language?? (disagree)) Alexander Bunkenburg
1996-06-28 0:00 ` Ian Collier
1996-07-01 0:00 ` Cameron Laird
1996-06-24 0:00 ` next "big" language?? (disagree) Keith Thompson
1996-06-25 0:00 ` Robert A Duff
1996-06-25 0:00 ` Simon Read
1996-06-24 0:00 ` Adam Beneschan
1996-06-25 0:00 ` Darin Johnson
1996-06-26 0:00 ` A. Grant
1996-06-26 0:00 ` Dale Stanbrough
1996-06-25 0:00 ` Brian Nettleton @pulsar
1996-06-26 0:00 ` Robert Dewar
1996-06-28 0:00 ` Fergus Henderson
1996-06-28 0:00 ` Robert Dewar
1996-06-30 0:00 ` Fergus Henderson
1996-06-30 0:00 ` Robert Dewar
1996-06-12 0:00 ` Richard A. O'Keefe
1996-06-12 0:00 ` ++ robin
1996-06-12 0:00 ` Richard A. O'Keefe
1996-06-13 0:00 ` ++ robin
1996-06-13 0:00 ` ++ robin
1996-06-12 0:00 ` Jon S Anthony
1996-06-14 0:00 ` Jon S Anthony
1996-06-15 0:00 ` Jon S Anthony
1996-06-18 0:00 ` Adam Beneschan
1996-06-18 0:00 ` Jon S Anthony
1996-06-28 0:00 ` Assertions (an heretic view) Michel Gauthier
1996-06-28 0:00 ` Robert A Duff
1996-06-28 0:00 ` Robert Dewar
1996-06-06 0:00 ` next "big" language?? (disagree) Dale Pontius
1996-06-11 0:00 ` Jon S Anthony
1996-06-12 0:00 ` Help making ada pretty Pedro de las Heras
1996-06-18 0:00 ` next "big" language?? (disagree) ++ robin
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox