Date: 03 Mar 1998 20:13:39 +0100 From: dag-erli@ifi.uio.no (Dag-Erling Coidan Smørgrav) To: Michael Hancock <michaelh@cet.co.jp> Cc: Niall Smart <njs3@doc.ic.ac.uk>, FreeBSD Hackers <Hackers@FreeBSD.ORG> Subject: Re: cshort - speaking of new utilities Message-ID: <xzp90qregf0.fsf@gjallarbru.ifi.uio.no> In-Reply-To: Michael Hancock's message of "Fri, 27 Feb 1998 10:40:18 %2B0900 (JST)" References: <Pine.SV4.3.95.980227102241.1028D-100000@parkplace.cet.co.jp>
next in thread | previous in thread | raw e-mail | index | archive | help
Michael Hancock <michaelh@cet.co.jp> writes: > On Thu, 26 Feb 1998, Niall Smart wrote: > > > int > > > foobar(a) > > > int a; > > > REQUIRE(a > 0); > > > ENSURE(retval < 100); > > > > Ugh, do you really use this precondition stuff? > > Sure. It beats writing specs and they're kept up to date. If you were > really pedantic about it every time you looked at a piece of code without > preconditions you would say, "Anything goes". This code is telling me > that I can give it whatever I want as arguments. AOL. Plus - can you *prove* that your code is correct? No you can't, not without a suitable specification. And sometimes it is extremely useful to be able to prove your code is correct, especially stuff lik complex ADTs, or protocols. I ought to know - I teach this stuff at the Univeristy of Oslo... -- "I have a closed mind. It helps keeping the rain out." (Michael Press on a.s.r) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzp90qregf0.fsf>