From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00,
	REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4
Path: 
 eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: "G.B." <bauhaus@notmyhomepage.invalid>
Newsgroups: comp.lang.ada
Subject: Re: Ada 2012 Constraints (WRT an Ada IR)
Date: Sun, 11 Dec 2016 14:31:52 +0100
Organization: A noiseless patient Spider
Message-ID: <o2jkdm$bt$1@dont-email.me>
References: <c06ee4e6-d616-4e01-ba2e-cb111a81f6f6@googlegroups.com>
 <o1m2oi$g8l$1@gioia.aioe.org>
 <03847fd7-5699-48de-bb3c-ef5512398f26@googlegroups.com>
 <o1ndod$14ke$1@gioia.aioe.org>
 <3ef819e8-55f7-4ef7-9f37-77e6abc33f98@googlegroups.com>
 <o1oohd$13nu$1@gioia.aioe.org> <o1q81b$9kc$1@franka.jacob-sparre.dk>
 <o1s71b$oi7$1@gioia.aioe.org> <o1sj6s$9vp$1@dont-email.me>
 <o1u6en$1igc$2@gioia.aioe.org> <o1uj70$qe2$1@dont-email.me>
 <o1uroj$jsj$1@gioia.aioe.org>
 <47366b42-c0a3-41bf-a44a-5241c109d60f@googlegroups.com>
 <alpine.DEB.2.20.1612050922450.22845@debian> <o23a8a$11e9$1@gioia.aioe.org>
 <o24om5$vfr$1@franka.jacob-sparre.dk> <o24phv$1ou6$1@gioia.aioe.org>
 <o27gpr$o8k$1@franka.jacob-sparre.dk> <o28non$1fn8$1@gioia.aioe.org>
 <o2a2ad$vnp$1@franka.jacob-sparre.dk> <o2b79r$1dit$1@gioia.aioe.org>
 <o2b9rg$ejl$1@dont-email.me> <o2bb4o$1jpb$1@gioia.aioe.org>
 <o2c93i$rpp$2@dont-email.me> <o2du2t$1ghu$1@gioia.aioe.org>
 <o2jcpd$75p$1@dont-email.me> <o2jgom$18jg$1@gioia.aioe.org>
Reply-To: nonlegitur@notmyhomepage.de
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Sun, 11 Dec 2016 13:30:30 -0000 (UTC)
Injection-Info: mx02.eternal-september.org;
 posting-host="985f538a19ae66c848ab6227f8a3b828";
	logging-data="381"; mail-complaints-to="abuse@eternal-september.org";
	posting-account="U2FsdGVkX18p4xDKzrns5ZyfM5dQx+SLcaWlOfH+mjI="
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0)
 Gecko/20100101 Thunderbird/45.5.1
In-Reply-To: <o2jgom$18jg$1@gioia.aioe.org>
Cancel-Lock: sha1:t5cL5Bipfkk7z2WmKwv5uPP3qKM=
Xref: news.eternal-september.org comp.lang.ada:32718
Date: 2016-12-11T14:31:52+01:00
List-Id: <comp.lang.ada>

On 11/12/2016 13:28, Dmitry A. Kazakov wrote:
>> so that the caller
>> knows what to do about a and b and the implementation of `remainder`
>> can assume it's been done?
>
> That does not translate to me into anything.

Seeing

     function X (A, B: T) return T;

I can write

      Y (X (A => any of T, B => any of T));

Seeing

     function X (A, B: T) return T
       with Pre => A > B;

I must first establish A > B before calling X,
because "Pre" tells me so.

Me.

Me, the programmer who plans a call of X.

Me, who is meant to respect the law, i.e., the contract.

CLU uses "requires", Eiffel uses "require" for Pre,
perhaps preventing a misunderstanding:
Pre only happens to be descriptive in proven programs.
Pre is really meant for programmers unconditionally.
Pre produces a maximally informed start for programming.


How much should a function declaration tell a programmer about
the relation between parameters A and B in the following? Just:
True (nothing), but be prepared for Constraint_Error to be
raised for reasons that we don't tell you?

function Plus_Too (A, B: Standard.Integer)
                   return Standard.Integer is
begin
    return A + B;
end Plus_Too;