From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 Path: eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!news.eternal-september.org!feeder.eternal-september.org!aioe.org!.POSTED!not-for-mail From: "Dmitry A. Kazakov" Newsgroups: comp.lang.ada Subject: Re: Ada 2012 Constraints (WRT an Ada IR) Date: Sat, 3 Dec 2016 11:21:25 +0100 Organization: Aioe.org NNTP Server Message-ID: References: <92ed75e9-baae-455c-9e34-53348dc6eaef@googlegroups.com> <03847fd7-5699-48de-bb3c-ef5512398f26@googlegroups.com> <3ef819e8-55f7-4ef7-9f37-77e6abc33f98@googlegroups.com> NNTP-Posting-Host: s3c6wwRqkurrfTZpuYYZ+w.user.gioia.aioe.org Mime-Version: 1.0 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Complaints-To: abuse@aioe.org User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 X-Mozilla-News-Host: news://news.aioe.org X-Notice: Filtered by postfilter v. 0.8.2 Xref: news.eternal-september.org comp.lang.ada:32583 Date: 2016-12-03T11:21:25+01:00 List-Id: On 2016-12-02 20:15, Randy Brukardt wrote: > Some of us (including me) wanted to have Ada require no side-effects in > contracts, but we got bogged down in deciding precisely what is a > side-effect and it ended up as an unimplementable implementation permission. > Hopefully, Ada 202x will handle this better. Well, but a contract that does not describe behavior is useless. The problem is not if contracts define but how they do. Raising Constraint_Error is too low-level to be useful. >> If under "inheritance" you mean conjunction with the parent's predicate it >> is strengthening. > > Constraints work the same way. So why the difference?? Constraints on discriminants work because there are few operations involved, especially because discriminants cannot be changed. Constraints on numeric types do different things to different operations they know about, that is why they work better. IMO, predicates could work, but only as an implementation method (moved to private) in combination with exception contracts. I.e. instead of considering them contract, I would make them a tool to compose operation: take old body add [virtually] a prologue and epilogue raising exceptions. The contract stays. If it gets broken due to exception [statically checked] you must replace the body. -- Regards, Dmitry A. Kazakov http://www.dmitry-kazakov.de