design by contract versus doctest
Colin Blackburn
colin.blackburn at durham.ac.uk
Wed Apr 7 04:34:49 EDT 2004
On Tue, 06 Apr 2004 16:08:30 +0100, Peter Hickman <peter at semantico.com>
wrote:
> Colin Blackburn wrote:
>> Aku is correct, no checks are (necessarily) made by the function in
>> installed code. It is the caller's responsibility to satisfy the
>> pre-conditions.
>
> True but the caller does not check the pre-conditions, that is done in
> the called. The called does not trust the caller to get things right,
> hence the contract.
You have DbC completely wrong. The contract is there to be trusted. As far
as I can tell you are seeing what looks like a parameter check at the
start of a method and assuming that that is a defensive check against the
caller providing incorrect parameters. That is not what the preconditions
are.
The preconditions (and other constraints) were developed early in the
design process. In fact, they guided the design process.
The preconditions are ultimately coded (in Eiffel) but they are not part
of the implementation of the method. They are not there to check for
errors in production code. They are there to specify the contract, to
specify what the caller must provide for the outcome to be guaranteed.
They form part of the documentation whereas the implementation code
(following do in Eiffel) does not. Writers of calling code can examine the
pre and post-condition to know what they must do and what they can expect
if the do things right.
In fact some pre-conditions cannot be expressed computationally, there are
put in as comments, and so cannot be checked by the called method.
It is entirely the responsibility of the caller to check that the
preconditions are satisfied, by providing correct parameters, say. It
might do this explicitely, or implicitely but it is the caller that must
satisfy those conditions. The called routine has no responsibility to
check the preconditions, in fact it has every reason to expect those
preconditions to be satisfied by the caller because that *is* the contract.
Colin
--
More information about the Python-list
mailing list