Good Contract programming idiom?

Michiel Helvensteijn m.helvensteijn.remove at gmail.com
Tue Mar 2 09:41:49 PST 2010


bearophile wrote:

> What do you think? Do you agree that's better to use exceptions like this
> to test arguments in public methods (instead of using asserts in
> preconditions)?

Short answer: No!

Longer answer:

It depends. With exceptions, your methods and constructors basically double
as a test of input validity. You can catch the exception and recover. And
if this is part of the behavioral specification, that's fine.

But I suspect these exceptions are not supposed to be caught, and are only
used as makeshift release mode assertions. That's not nice. Preconditions
are part of the public interface, and D should treat them better.

Even in release mode, I'd want to keep the runtime checks, except if we have
static proof of total correctness at every call site, in which case runtime
checks are redundant. If the programmer is deadset on removing runtime
checks for unproven assertions, he should have to compile with
the --dangerous-unchecked-assertions flag.

-- 
Michiel Helvensteijn




More information about the Digitalmars-d mailing list