From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00,
	REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4
X-Google-Thread: a07f3367d7,39579ad87542da0e
X-Google-Attributes: gida07f3367d7,public,usenet
X-Google-NewGroupId: yes
X-Google-Language: ENGLISH,UTF8
X-Received: by 10.224.165.130 with SMTP id i2mr22392901qay.2.1368583927661;
        Tue, 14 May 2013 19:12:07 -0700 (PDT)
Path: 
 y6ni44351qax.0!nntp.google.com!border1.nntp.dca.giganews.com!border4.nntp.dca.giganews.com!border2.nntp.dca.giganews.com!nntp.giganews.com!newsfeed.news.ucla.edu!nrc-news.nrc.ca!News.Dal.Ca!news.litech.org!news.stack.nl!aioe.org!.POSTED!not-for-mail
From: "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de>
Newsgroups: comp.lang.ada
Subject: Re: Seeking for papers about tagged types vs access to subprograms
Date: Sun, 12 May 2013 09:14:41 +0200
Organization: cbb software GmbH
Message-ID: <xrlivgfvo6vp.1w3qblmw5gfzr.dlg@40tude.net>
References: <op.wv8jh1c1ule2fv@cardamome>
 <19lrzzbgm77v6.1dzpgqckptaj6.dlg@40tude.net> <kmbohm$elb$1@loke.gir.dk>
 <p0pf97g5w6xg.jhca6ztjwpde$.dlg@40tude.net> <op.wwq9s4l6ule2fv@cardamome>
 <1bfhq7jo34xpi.p8n2vq6yjsea.dlg@40tude.net> <op.wwrefx1pule2fv@cardamome>
 <cps71yzogw24$.7ol98fxcaurj$.dlg@40tude.net> <op.wwriky0dule2fv@cardamome>
 <nd22gfeezrwf$.tlj4yyygrwq3$.dlg@40tude.net> <kmecg6$et4$1@loke.gir.dk>
 <12gn9wvv1gwfk.10ikfju4rzmnj.dlg@40tude.net> <kmh7d4$up3$1@loke.gir.dk>
 <1oy5rmprgawqs.1jz36okze0xju$.dlg@40tude.net> <kmk45u$v45$1@loke.gir.dk>
 <1q2ql1e4rcgko.diszzq1mhaq8$.dlg@40tude.net> <op.wwwtznpsule2fv@cardamome>
 <1msoad3apbkf.1optea1ujjydv.dlg@40tude.net>
 <wcc61ypi100.fsf@shell01.TheWorld.com>
 <otnq8fecgbel.1itrfodtky6d0.dlg@40tude.net> <op.wwyj4vovule2fv@cardamome>
Reply-To: mailbox@dmitry-kazakov.de
NNTP-Posting-Host: 15waz9CoS+eMakbyhTPyFQ.user.speranza.aioe.org
Mime-Version: 1.0
X-Complaints-To: abuse@aioe.org
User-Agent: 40tude_Dialog/2.0.15.1
X-Notice: Filtered by postfilter v. 0.8.2
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Date: 2013-05-12T09:14:41+02:00
List-Id: <comp.lang.ada>

On Sun, 12 May 2013 08:25:33 +0200, Yannick Duchêne (Hibou57) wrote:

> Le Sun, 12 May 2013 08:02:16 +0200, Dmitry A. Kazakov  
> <mailbox@dmitry-kazakov.de> a écrit:
>>>> The condition is moved to the post-condition. E.g.
>>>>
>>>> # require X >= 0.0
>>>>    function sqrt (X : Float) return Float;
>>>> # ensure sqrt (X)**2 = X
>>>>
>>>> is replaced with
>>>>
>>>> # require true
>>>>    function sqrt (X : Float) return Float;
>>>> # ensure sqrt (X)**2 = X or else Constraint_Error raised
>>>
>>> It seems to me that this replacement loses information (the info that
>>> X is "supposed to be nonnegative").
>>
>> # ensure
>>     (X >= 0.0 and then sqrt (X)**2 = X)
>> or else
>>     (X < 0.0 and then Constraint_Error raised)
> 
> But what's the benefit of moving the precondition to the postcondition? Or  
> more simply, why dropping the idea of precondition for sub‑program  
> declarations?

In short, because it is inconsistent with the notion of type. Other issues
are merely consequences.

> Do you have to re‑invent or re‑derive the precondition at each call place,  
> from the postcondition?

Conditions at call place are of second kind. They could be any or none.

> It makes more me feel like losing something than the opposite. And how do  
> you clearly connect valid invocations into sequence?

See above, it is 1st and 2nd kind conditions. You are conflating the
semantics of a type with the semantics of *a* program that uses this type
somewhere, somehow.

To put it simply: if a type is designed in a way that limits it use, it is
a poor design.

-- 
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de