08-Feb-2013 15:25, monarch_dodra пишет:
On Thursday, 7 February 2013 at 22:36:53 UTC, Andrei Alexandrescu wrote:
On 2/7/13 5:27 PM, Vladimir Panteleev wrote:
On Thursday, 7 February 2013 at 22:22:09 UTC, Stewart Gordon wrote:
This is what I've found: Validity checking is done in an in contract!
I've ran into the same problem with std.base64. DbC doesn't seem to be a
generally well-understood concept.
That's why TDPL dedicates a whole chapter to it (separate from error
handling!). Apparently that didn't make a dent in the Universe :o).
Andrei
"in" and "out" contracts themselves are flawed in D in any case, given
they are part of the "called" code, as opposed to "caller" code.
+111
This makes them absolutely no different than an assert.
The problem is that an assert is "internal" validation, whereas an
"in"/"out" is supposed to be a handshake between the caller/callee.
If I write an "sqrt" function, and document it as "Please, only give me
positive numbers", and then write a contract for it, and then compile my
lib in release, the caller will have no way of "signing" my contract.
He'll call my sqrt with negative numbers, and the in will never get
called, and sqrt will crash horribly.
--
Dmitry Olshansky
