From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,b78c363353551702 X-Google-NewGroupId: yes X-Google-Attributes: gida07f3367d7,domainid0,public,usenet X-Google-Language: ENGLISH,ASCII-7-bit Received: by 10.68.220.230 with SMTP id pz6mr819548pbc.3.1340311068837; Thu, 21 Jun 2012 13:37:48 -0700 (PDT) MIME-Version: 1.0 Path: l9ni4413pbj.0!nntp.google.com!news2.google.com!goblin2!goblin.stu.neva.ru!news.stack.nl!nuzba.szn.dk!news.jacob-sparre.dk!munin.jacob-sparre.dk!pnx.dk!.POSTED!not-for-mail From: "Randy Brukardt" Newsgroups: comp.lang.ada Subject: Re: about the new Ada 2012 pre/post conditions Date: Thu, 21 Jun 2012 15:37:44 -0500 Organization: Jacob Sparre Andersen Research & Innovation Message-ID: References: <4f0d55a9-83e1-44fe-8943-0c73a34a594d@googlegroups.com> NNTP-Posting-Host: static-69-95-181-76.mad.choiceone.net X-Trace: munin.nbi.dk 1340311067 13260 69.95.181.76 (21 Jun 2012 20:37:47 GMT) X-Complaints-To: news@jacob-sparre.dk NNTP-Posting-Date: Thu, 21 Jun 2012 20:37:47 +0000 (UTC) X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.2900.5931 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157 X-RFC2646: Format=Flowed; Original Date: 2012-06-21T15:37:44-05:00 List-Id: "Jeffrey R. Carter" wrote in message news:4f0d55a9-83e1-44fe-8943-0c73a34a594d@googlegroups.com... ... > Any checks worth having during testing are worth having after testing. > This is why you want a way to ensure they're always done. Right on. > For your own use, the answer is to keep the checks on. The real problem is > for reusable code. > The caller may not be you, and so may have turned off the checks, so such > code should not > have the precondition, but should have the hard-coded checks. "Hard-coded checks" prevent the compiler from doing call-site optimizations and tools from doing much of anything. They should be avoided. The solution is the pragma I showed earlier: pragma Assertion_Policy (Pre => Check, Pre'Class => Check, Static_Predicate => Check, Dynamic_Predicate => Check); put in *every* reusable package spec. They still can suppress the checks by manually deleting the pragma, but it will render command line switches and IDE checkboxes ineffective. And if they do delete the pragma, they've intentionally shot themselves in the foot, and it is no longer your (the package maintainers) problem. (Unless of course they want to spend extra $$$.) Randy.