From: ag129@ucs.cam.ac.uk (A. Grant)
Subject: Re: next "big" language?? (disagree)
Date: 1996/06/26
Date: 1996-06-26T00:00:00+00:00 [thread overview]
Message-ID: <ag129.561.000C8E7B@ucs.cam.ac.uk> (raw)
In-Reply-To: qqn31rr53g.fsf@tartarus.ucsd.edu
In article <qqn31rr53g.fsf@tartarus.ucsd.edu> djohnson@tartarus.ucsd.edu (Darin Johnson) writes:
>How about "Assert"!!! That's exactly what this means in English,
>despite the fact that Ada changed its meaning. "Assert" and
>"assertion" in English in no way mean "check that this is true".
If someone says something is true, don't you check it?
There are all sorts of implicit assertions made by programmers
which the compiler doesn't have to believe.
F(A,B(5),C/D)
implicitly asserts that F takes three parameters, that 5 is not out
of bounds for B, and that D is non-zero. It is necessary for
correct execution of the program (assuming we aren't relying on
trapping exceptions for the moment) that these be correct, so if
they can't be checked statically they should be checked dynamically.
Explicit assertions are just a way of doing the same for more
complicated algorithms where the compiler is unable to determine
for itself that some condition must be met for an algorithm to
function correctly, or is unable to propagate implicit assertions
backwards far enough to make the test as efficient as it could be.
The only situation where an assertion test is unnecessary is when
an assertion is guaranteed to be true by a proof that is too complex
for the program. For example
FUNCTION EXP(X)
... some polynomial ...
EXP = ...
RETURN
where you may want to assert in the published interface to EXP that
its result is positive. I would suggest that any language environment
which supports this kind of unproved assertion must have linguistic
support (i.e. not just a comment) for reference to an external proof,
e.g. a full record of the developer who made the assertion and any
references they supply.
Again this is just like real life - if you can't see the truth of
someone's assertion, you have to see their evidence, and if you don't
understand it, but it is from a reputable source, you remember what
it is in case you act on the assertion and get challenged. Or you
at least get enough paperwork so that if the assertion turns out to
be wrong and your rocket explodes, they get sued, not you.
next prev parent reply other threads:[~1996-06-26 0:00 UTC|newest]
Thread overview: 100+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <4p0fdd$4ml@news.atlantic.net>
1996-06-04 0:00 ` next "big" language?? (disagree) Peter Hermann
1996-06-04 0:00 ` The Amorphous Mass
1996-06-04 0:00 ` Robert Dewar
1996-06-06 0:00 ` Ken Garlington
1996-06-12 0:00 ` Help making ada pretty CSC Trusted Systems Group
1996-06-14 0:00 ` Sandy McPherson
1996-06-19 0:00 ` Ruediger Berlich
1996-06-04 0:00 ` next "big" language?? (disagree) Peter Hermann
1996-06-04 0:00 ` The Amorphous Mass
1996-06-05 0:00 ` Michael David WINIKOFF
1996-06-07 0:00 ` Robert Dewar
1996-06-05 0:00 ` Ian Ward
1996-06-05 0:00 ` The Amorphous Mass
1996-06-08 0:00 ` Robert Dewar
1996-06-08 0:00 ` The Amorphous Mass
1996-06-09 0:00 ` Robert Dewar
1996-06-08 0:00 ` Robert Dewar
1996-06-05 0:00 ` ++ robin
1996-06-05 0:00 ` Ian Ward
1996-06-05 0:00 ` Ian Ward
1996-06-06 0:00 ` Richard Riehle
1996-06-07 0:00 ` Richard Riehle
1996-06-08 0:00 ` O'Connor
1996-06-07 0:00 ` Robert Dewar
1996-06-10 0:00 ` Richard Riehle
1996-06-11 0:00 ` ++ robin
1996-06-11 0:00 ` David Weller
1996-06-11 0:00 ` Chris Warack <sys mgr>
1996-06-11 0:00 ` James_Rogers
1996-06-11 0:00 ` Kevin J. Weise
1996-06-11 0:00 ` ++ robin
1996-06-11 0:00 ` Ian Ward
1996-06-12 0:00 ` ++ robin
1996-06-12 0:00 ` Ian Ward
1996-06-11 0:00 ` Jon S Anthony
[not found] ` <4p60nk$imd@euas20.eua.ericsson.se>
[not found] ` <4p8lmq$oq7@goanna.cs.rmit.edu.au>
1996-06-11 0:00 ` ++ robin
1996-06-11 0:00 ` A. Grant
1996-06-12 0:00 ` Robert Dewar
1996-06-17 0:00 ` A. Grant
1996-06-18 0:00 ` Robert Dewar
1996-06-24 0:00 ` Robert I. Eachus
1996-06-26 0:00 ` Norman H. Cohen
1996-06-19 0:00 ` Jon S Anthony
1996-06-20 0:00 ` Robert Dewar
1996-06-24 0:00 ` Adam Beneschan
1996-06-24 0:00 ` Dale Stanbrough
1996-06-24 0:00 ` Robert Dewar
1996-06-24 0:00 ` Adam Beneschan
1996-06-24 0:00 ` hopkinc
1996-06-24 0:00 ` Lars Duening
1996-06-24 0:00 ` Assertions (was: Re: next "big" language?? (disagree)) Robert A Duff
1996-06-24 0:00 ` Robert Dewar
1996-06-25 0:00 ` Robert A Duff
1996-06-28 0:00 ` Robert Dewar
1996-06-24 0:00 ` Assertions (a different intent?) Gary McKee
[not found] ` <4qrljg$15l8@watnews1.watson.ibm.com>
1996-06-28 0:00 ` Assertions (was: Re: next "big" language?? (disagree)) Robert Dewar
1996-06-26 0:00 ` next "big" language?? (disagree) Marc C. Brooks
1996-06-26 0:00 ` Marc C. Brooks
[not found] ` <4qsbm7$r1s@Starbase.NeoSoft.COM>
1996-06-28 0:00 ` "Assert"? "Assume"? (was: next "big" language?? (disagree)) Alexander Bunkenburg
1996-06-28 0:00 ` Ian Collier
1996-07-01 0:00 ` Cameron Laird
1996-06-24 0:00 ` next "big" language?? (disagree) Keith Thompson
1996-06-25 0:00 ` Robert A Duff
1996-06-25 0:00 ` Simon Read
1996-06-25 0:00 ` Brian Nettleton @pulsar
1996-06-26 0:00 ` Robert Dewar
1996-06-28 0:00 ` Fergus Henderson
1996-06-28 0:00 ` Robert Dewar
1996-06-30 0:00 ` Fergus Henderson
1996-06-30 0:00 ` Robert Dewar
1996-06-25 0:00 ` Darin Johnson
1996-06-26 0:00 ` A. Grant [this message]
1996-06-26 0:00 ` Dale Stanbrough
1996-06-12 0:00 ` ++ robin
1996-06-12 0:00 ` A. Grant
1996-06-14 0:00 ` Richard A. O'Keefe
1996-06-12 0:00 ` Richard A. O'Keefe
1996-06-12 0:00 ` ++ robin
1996-06-12 0:00 ` Richard A. O'Keefe
1996-06-13 0:00 ` ++ robin
1996-06-13 0:00 ` ++ robin
1996-06-12 0:00 ` Jon S Anthony
1996-06-14 0:00 ` Jon S Anthony
1996-06-15 0:00 ` Jon S Anthony
1996-06-18 0:00 ` Adam Beneschan
1996-06-18 0:00 ` Jon S Anthony
1996-06-28 0:00 ` Assertions (an heretic view) Michel Gauthier
1996-06-28 0:00 ` Robert Dewar
1996-06-28 0:00 ` Robert A Duff
1996-06-06 0:00 ` next "big" language?? (disagree) Dale Pontius
1996-06-11 0:00 ` Jon S Anthony
1996-06-12 0:00 ` Help making ada pretty Pedro de las Heras
1996-06-18 0:00 ` next "big" language?? (disagree) ++ robin
1996-06-07 0:00 Ian Ward
1996-06-08 0:00 ` O'Connor
1996-06-10 0:00 ` Matt Kennel
1996-06-11 0:00 ` Ian Ward
1996-06-12 0:00 ` Norman H. Cohen
1996-06-11 0:00 ` Robb Nebbe
1996-06-09 0:00 ` Robert Dewar
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox