From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00,
	REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4
X-Google-Thread: 103376,e7ceb00d83425e3a
X-Google-Attributes: gid103376,domainid0,public,usenet
X-Google-Language: ENGLISH,ASCII-7-bit
Path: 
 g2news1.google.com!news4.google.com!feeder.news-service.com!newsfeeder.dynfx.net!weretis.net!newsfeed01.sul.t-online.de!t-online.de!newsfeed01.chello.at!newsfeed.arcor.de!newsspool3.arcor-online.net!news.arcor.de.POSTED!not-for-mail
From: "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de>
Subject: Re: rant (Re: Ada featured in Doctor Dobb's Journal )
Newsgroups: comp.lang.ada
User-Agent: 40tude_Dialog/2.0.15.1
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Reply-To: mailbox@dmitry-kazakov.de
Organization: cbb software GmbH
References: 
 <31a97103-1cbb-47b5-a93c-2a29c206556f@e39g2000hsf.googlegroups.com>
 <0d254195-50cb-4bad-b776-8d5c2ab09b6c@m45g2000hsb.googlegroups.com>
 <ba91fec6-cfc1-4b48-ad96-fa2a233e66f4@u36g2000prf.googlegroups.com>
 <878wy9uyg9.fsf@ludovic-brenta.org>
 <qp0bh8mnjm6g$.16j51cr730963$.dlg@40tude.net>
 <482eabd1$0$6513$9b4e6d93@newsspool4.arcor-online.net>
Date: Sat, 17 May 2008 14:05:55 +0200
Message-ID: <bmqnefc8hadp$.37u47te6a63w.dlg@40tude.net>
NNTP-Posting-Date: 17 May 2008 14:05:54 CEST
NNTP-Posting-Host: b27922bd.newsspool2.arcor-online.net
X-Trace: 
 DXC=b4X:?4:o^hTcHPTNZh_e7QA9EHlD;3YcR4Fo<]lROoRQ8kF<OcfhCO[RZK]>1;=NBZ[6LHn;2LCV^[<mhadbfdU[XlX5WMC;fnS6;<E`kX:3>^
X-Complaints-To: usenet-abuse@arcor.de
Xref: g2news1.google.com comp.lang.ada:155
Date: 2008-05-17T14:05:54+02:00
List-Id: <comp.lang.ada>

On Sat, 17 May 2008 11:56:33 +0200, Georg Bauhaus wrote:

> Dmitry A. Kazakov wrote:
>> On Sat, 17 May 2008 10:28:06 +0200, Ludovic Brenta wrote:
>> 
>>> I strongly prefer compile-time checks over run-time checks,
>> 
>> Yes, actually contract checks have to be strictly static.
> 
> I think there is a HALTing problem here.

You mean that checking is undecidable? Yes, this is BTW independent on when
you check. But self-correctness checks are worse that undecidable, they are
inconsistent. Consider

require True;
function X return Boolean is
begin
   if Correct (X) then
      return False;
   else
      return True;
   end if;
end X;
ensure
   (return = False and Correct (X))
or
   (return = True and not Correct (X));

So

   Correct (X) =
= (require => ensure)
= ensure

But these are not equal, let result = True

   Correct (X) = not Correct (X)

So it is better to check what is possible either at compile time, or maybe
by another program at run-time. In either case, there is no way to continue
if a check fails. You continue either the source editor, or the supervising
program.

-- 
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de