From: skaller <skaller@users.sourceforge.net>
To: Andrej.Bauer@andrej.com
Cc: caml-list@inria.fr
Subject: Re: [Caml-list] Unsoundness is essential
Date: Fri, 05 Oct 2007 02:37:21 +1000 [thread overview]
Message-ID: <1191515841.6518.185.camel@rosella.wigram> (raw)
In-Reply-To: <470506D9.3080704@fmf.uni-lj.si>
On Thu, 2007-10-04 at 17:29 +0200, Andrej Bauer wrote:
> It is very easy to come up with preconditions that are computationally
> unverifiable.
[]
> Or to give you a much more simplistic example:
>
> fun find_zero (f: int -> int where not (forall n:int, f(n) != 0)) {
> int i = 0;
> while (f(i) != 0) { i++; }
> return i;
> }
>
> How will you verify the precondition on f at runtime? In this case I
> would expect the compiler to list all uses of find_zero applied to
> functions which are not known not have a zero. Let the human worry.
One 'solution' is a timeout. However I would apply the timeout
to the actual find_zero function, not the pre-condition.
The 'convex' example is better, because the pre-condition is not
so obviously closely coupled to the calculation. Also, the
result of a calculation is likely to be simply *wrong*.
--
John Skaller <skaller at users dot sf dot net>
Felix, successor to C++: http://felix.sf.net
next prev parent reply other threads:[~2007-10-04 16:37 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-10-03 8:35 Locally-polymorphic exceptions [was: folding over a file] oleg
2007-10-03 11:27 ` kirillkh
2007-10-03 11:48 ` [Caml-list] " Daniel de Rauglaudre
2007-10-03 12:19 ` kirillkh
2007-10-03 12:32 ` Daniel de Rauglaudre
2007-10-03 14:34 ` kirillkh
2007-10-03 20:39 ` Christophe Raffalli
2007-10-03 22:50 ` Unsoundness is essential skaller
2007-10-03 23:13 ` [Caml-list] " Jacques Carette
2007-10-04 1:24 ` skaller
2007-10-04 11:26 ` David Allsopp
2007-10-04 12:45 ` Vincent Hanquez
2007-10-04 15:07 ` skaller
2007-10-03 23:13 ` Vincent Aravantinos
2007-10-04 1:49 ` skaller
2007-10-03 23:28 ` Joshua D. Guttman
2007-10-04 1:52 ` skaller
2007-10-04 2:35 ` Brian Hurt
2007-10-04 7:46 ` Christophe Raffalli
2007-10-04 8:56 ` Arnaud Spiwack
2007-10-04 14:49 ` skaller
2007-10-04 15:00 ` Harrison, John R
2007-10-04 15:29 ` Andrej Bauer
2007-10-04 16:25 ` skaller
2007-10-04 18:17 ` Arnaud Spiwack
2007-10-04 20:54 ` skaller
2007-10-04 22:24 ` Arnaud Spiwack
2007-10-04 16:37 ` skaller [this message]
2007-10-04 18:59 ` Christophe Raffalli
2007-10-04 15:04 ` Andrej Bauer
2007-10-04 15:57 ` Christophe Raffalli
2007-10-04 16:03 ` skaller
2007-10-04 20:02 ` Ken Rose
2007-10-04 21:00 ` skaller
2007-10-04 15:31 ` Lukasz Stafiniak
2007-10-04 17:56 ` rossberg
2007-10-04 19:56 ` skaller
2007-10-04 21:07 ` rossberg
2007-10-04 22:23 ` skaller
2007-10-05 2:48 ` Bárður Árantsson
2007-10-04 2:16 ` Locally-polymorphic exceptions [was: folding over a file] oleg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1191515841.6518.185.camel@rosella.wigram \
--to=skaller@users.sourceforge.net \
--cc=Andrej.Bauer@andrej.com \
--cc=caml-list@inria.fr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).