[Issue 9454] New: Struct invariant call on whole-struct assignements?

d-bugmail at puremagic.com d-bugmail at puremagic.com
Tue Feb 5 16:55:29 PST 2013 

http://d.puremagic.com/issues/show_bug.cgi?id=9454

           Summary: Struct invariant call on whole-struct assignements?
           Product: D
           Version: D2
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: DMD
        AssignedTo: nobody at puremagic.com
        ReportedBy: bearophile_hugs at eml.cc


--- Comment #0 from bearophile_hugs at eml.cc 2013-02-05 16:55:27 PST ---
See the thread:

http://forum.dlang.org/thread/vqoyehpcepobnzyolzfc@forum.dlang.org

That is about the article:

http://electronicdesign.com/contributing-technical-experts/contract-driven-programming-takes-specification-beyond-stone-age


It contains:

<<
In Ada 2012, predicates on a type (one particular type of invariant) are
checked on parameter passing and assignment. So if we have Code 4, there will
be a check failure on the assignment, since the predicate is not true. No check
is generated on individual field modifications, though, so Code 5 does not
raise an exception.
>>

http://electronicdesign.com/site-files/electronicdesign.com/files/uploads/2013/02/0307RequiemCode4.gif

http://electronicdesign.com/site-files/electronicdesign.com/files/uploads/2013/02/0307RequiemCode5.gif


This D code doesn't asserts (unlike equivalent in Ada2011):


struct Foo {
    int x = 200;
    invariant() { assert(x > 100); }
}
void main() {
    auto f = Foo(10);
}


So maybe it's a good to introduce in D as in Ada a call to the invariant when
the whole struct is assigned.


Another case:

<<
Although the assignment to the V fields breaks the invariant [figure 5], no
exception is raised on these two statements. Thankfully, as soon as a call
using V as a parameter is done, a subtype check will occur and the
inconsistency will be pointed out. Hopefully, this will not be too far from the
introduction of the problem.
>>


Currently D doesn't call the invariant even in that second case too:


struct Foo {
    int x = 200;
    invariant() { assert(x > 100); }
}
void bar(Foo f) {}
void main() {
    auto f = Foo(10);
    bar(f);
}

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
------- You are receiving this mail because: -------

More information about the Digitalmars-d-bugs mailing list