From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,7a7040918881fd02
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2002-01-14 09:21:28 PST
Newsgroups: comp.lang.ada
Path: 
 archiver1.google.com!news1.google.com!sn-xit-02!supernews.com!isdnet!freenix!fr.clara.net!heighliner.fr.clara.net!newsgate.cistron.nl!news2.euro.net!uunet!ash.uu.net!world!news
From: Robert A Duff <bobduff@shell01.TheWorld.com>
Subject: Re: Assertions in the Next Ada Standard
Sender: news@world.std.com (Mr Usenet Himself)
Message-ID: <wccadvgq27z.fsf@shell01.TheWorld.com>
Date: Mon, 14 Jan 2002 17:20:00 GMT
References: <3C3E8438.E780D942@adaworks.com> <3C3F45EE.7030808@look.ca>
 <3C3FE630.BDB27416@adaworks.com> <3C40BC71.F3009405@san.rr.com>
NNTP-Posting-Host: shell01.theworld.com
Organization: The World Public Access UNIX, Brookline, MA
X-Newsreader: Gnus v5.7/Emacs 20.7
Xref: archiver1.google.com comp.lang.ada:18916
Date: 2002-01-14T17:20:00+00:00
List-Id: <comp.lang.ada>

Darren New <dnew@san.rr.com> writes:

> >    Second,  in an inheritance
> > scheme, what do we do about either inheriting or overriding a assertion.
> > This problem is non-trivial.   I am not sure I have the answer,  and that
> > is why there is a need for more people thinking about this than we have
> > so far.
> 
> This is pretty well considered in Eiffel, actually. Indeed, the strength
> of Eiffel's "DbC" assertions over those of just inlining boolean checks
> is that they *do* get inherited in the "right way".

The right way for Eiffel, perhaps.  But Ada makes has a distinction
between class-wide and specific types, which is not present in Eiffel,
so the Eiffel rules don't quite translate over to Ada.  I think you
really want *two* preconditions on a dispatching procedure: one that
applies to non-dispatching calls, and one that applies to dispatching
calls.  This is so the specific type can provide a stronger contract
than is provided by the whole class.  Same for post-cond.

The Eiffel rules are certainly a good starting point.  But it would
require some thought to translate them into the Ada world.

- Bob