From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
	ip-172-31-74-118.ec2.internal
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=3.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.6
Path: eternal-september.org!reader02.eternal-september.org!aioe.org!5WHqCw2XxjHb2npjM9GYbw.user.gioia.aioe.org.POSTED!not-for-mail
From: "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de>
Newsgroups: comp.lang.ada
Subject: Re: Ada and software testing
Date: Thu, 15 Jul 2021 09:27:37 +0200
Organization: Aioe.org NNTP Server
Message-ID: <scoo19$154u$1@gioia.aioe.org>
References: <871r84cq4r.fsf@nightsong.com>
 <5bc2434a-6784-47d6-ba66-50edff4f80f0n@googlegroups.com>
 <87pmvky9lz.fsf@nightsong.com> <scnf8n$1lgd$1@gioia.aioe.org>
 <87h7gwy88g.fsf@nightsong.com>
NNTP-Posting-Host: 5WHqCw2XxjHb2npjM9GYbw.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
 Thunderbird/78.12.0
Content-Language: en-US
X-Mozilla-News-Host: news://news.aioe.org
X-Notice: Filtered by postfilter v. 0.9.2
Xref: reader02.eternal-september.org comp.lang.ada:62388
List-Id: <comp.lang.ada>

On 2021-07-14 22:02, Paul Rubin wrote:
> "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de> writes:
>>> I do have to say that errors thrown by runtime checks on range types are
>>> still program bugs,
>> No, it depends on the contract.
> 
> If a contract is broken by either the caller or the callee, it is a
> program bug either way, I would have thought.

If the contract includes exception, then nothing is broken.

>>> in the sense that they are type errors,
>> A type error cannot happen at run-time per definition of strong
>> typing. Constraint violation is not a type error.
> 
> Hmm ok, if out of range for a range type is considered a constraint
> error rather than a type error, then it's ok to say the compiler can't
> check it even in principle, and it becomes the responsibility of the
> application user or environment.  Inputs that trigger a constraint error
> might be considered invalid in some situations.

Yes, and the tests must include the cases when exceptions are 
propagated, which is frequently ignored, though in my view such tests 
are even more important than the "normal" cases. Exceptions are not 
likely to happen. So the code not handling contracted exceptions tend to 
slip into production with catastrophic results.

-- 
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de