From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00
	autolearn=unavailable autolearn_force=no version=3.4.4
Path: 
 border1.nntp.dca1.giganews.com!nntp.giganews.com!usenet.blueworldhosting.com!feeder01.blueworldhosting.com!feeder.erje.net!1.eu.feeder.erje.net!weretis.net!feeder4.news.weretis.net!gandalf.srv.welterde.de!news.jacob-sparre.dk!loke.jacob-sparre.dk!pnx.dk!.POSTED!not-for-mail
From: "Randy Brukardt" <randy@rrsoftware.com>
Newsgroups: comp.lang.ada
Subject: Re: {Pre,Post}conditions and side effects
Date: Tue, 12 May 2015 17:14:33 -0500
Organization: Jacob Sparre Andersen Research & Innovation
Message-ID: <mitu09$cn0$1@loke.gir.dk>
References: <2430252d-52a1-4609-acef-684864e6ca0c@googlegroups.com>
 <AnYlw.957256$Rp.242412@fx23.iad>
 <0a718b39-ebd3-4ab5-912e-f1229679dacc@googlegroups.com>
 <wccoaqucn51.fsf@shell01.TheWorld.com>
 <9ee5e186-5aaa-4d07-9490-0f9fdbb5ca18@googlegroups.com>
 <alpine.CYG.2.11.1412231747100.4196@WIL414CHAPIN.vtc.vsc.edu>
 <wccegrpq2om.fsf@shell01.TheWorld.com>
 <87tww5296f.fsf@adaheads.sparre-andersen.dk> <871tj9dp5b.fsf@theworld.com>
 <ce4af31e-d491-479f-a5b3-0b3eedea2a68@googlegroups.com>
 <midvq5$2u3$1@loke.gir.dk> <alpine.DEB.2.11.1505071103310.14859@debian>
 <migc9a$jp8$1@loke.gir.dk> <alpine.DEB.2.11.1505072052570.16448@debian>
 <mijen0$1hj$1@loke.gir.dk> <alpine.DEB.2.11.1505111113020.12062@debian>
 <mirjho$lqh$1@loke.gir.dk> <misc19$qbp$1@dont-email.me>
NNTP-Posting-Host: rrsoftware.com
X-Trace: loke.gir.dk 1431468873 13024 24.196.82.226 (12 May 2015 22:14:33 GMT)
X-Complaints-To: news@jacob-sparre.dk
NNTP-Posting-Date: Tue, 12 May 2015 22:14:33 +0000 (UTC)
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2900.5931
X-RFC2646: Format=Flowed; Response
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
Xref: number.nntp.giganews.com comp.lang.ada:193162
Date: 2015-05-12T17:14:33-05:00
List-Id: <comp.lang.ada>

"Georg Bauhaus" <bauhaus@futureapps.invalid> wrote in message 
news:misc19$qbp$1@dont-email.me...
> On 12.05.15 03:03, Randy Brukardt wrote:
>> No, I'd still argue your code is broken. If*you*  know that some object 
>> is
>> always sorted, then*you*  should tell the compiler that with an 
>> appropriate
>> predicate:
>>
>>      subtype Sorted_Array is Some_Array
>>          with Dynamic_Predicate => Is_Sorted (Sorted_Array);
>>
>>     My_Array : Sorted_Array := ...;
>
> There is no formal specification of what Is_Sorted should be.

Huh? Is_Sorted is presumably an expression function that someone provided. 
Something like:

   function Is_Sorted (A : Some_Array) return Boolean is
      (A'Length < 2 or else  (for all I in A'First .. T'Pred(A'Last) => A 
(I) <= A (T'Succ (I)));

(where T is the index subtype of Some_Array; I borrowed this from the RM 
example 4.5.8(11/3)).

> But there should be one, somewhere (other than a comment), even
> when the formal specification involves quite a bit.

What's wrong with the above? You could have used the expression instead, but 
the name helps clarify it for the human reader.

It's not like Is_Sorted is going to be some undefined thing; it has to be a 
function declared in Ada; preferably it is an expression function so 
everyone knows how its defined (that's one reason those were added).

                                         Randy.