enforce()?

[Norbert Nemec]

On 28/06/10 19:30, Andrei Alexandrescu wrote:
> bearophile wrote:
>> Andrei Alexandrescu:
>>> C APIs also check their arguments.
>>
>> Try again, C doesn't have DbC :-)
>
> What I meant to say was that even the standard library of a language
> famous for its to-the-metal performance still checks parameters
> compulsively whenever it can. [...]

Indeed, checking input arguments is essential. DbC simply means 
formalizing what has been done in any good libary for ages.

My only intention was to make clear that checking input arguments is 
exactly what contracts are designed for. If the Phobos designers are 
worried that their input checks might be deactivated prematurely, we 
should fix the policy for (de/)activating the input contract checks 
rather than avoiding the use of input contracts they way they are 
intended to be used.

"enforce" simply is not the right tool for this purpose: When a contract 
or and assertion violation is found, it is clear that there is a bug in 
the code. Furthermore, it is even clear which portion of the code is 
responsible for the bug. An assertion violation inside a library is a 
bug in this library. This bug may simply be a missing input contract, 
but this still is a bug in the library.

An "enforce" violation in the library may be anything. The user has to 
dig into the library code to find out whether it is a library bug or a 
piece of incorrect input.

Raising a well-defined exception gives enough information about the 
problem. An anonymous "enforce" on the other hand is a quick-and-dirty 
solution that does not help the developer very much to identify the real 
problem.


>> Norbert Nemec says some good things.
>
> I think it's an area where reasonable people may disagree.

Thanks bearophile, thanks Andrei as well -- I really appreciate this 
open exchange of ideas. Feel free to shoot back as directly as I 
attacked... :-)