From: Jacques Garrigue <garrigue@math.nagoya-u.ac.jp>
To: Nathan Mishra Linger <nathan.mishralinger@gmail.com>
Cc: OCaML List Mailing <caml-list@inria.fr>
Subject: Re: [Caml-list] Request for feedback: A problem with injectivity and GADTs
Date: Tue, 30 Apr 2013 08:53:23 +0900 [thread overview]
Message-ID: <4282AC1F-F399-4492-980D-8A52C4215E92@math.nagoya-u.ac.jp> (raw)
In-Reply-To: <CAJO0BX1rQecYyHhfyNXv4BLhxF17ghFvUT_nAUWKoKzmMCF31g@mail.gmail.com>
On 2013/04/30, at 1:37, Nathan Mishra Linger <nathan.mishralinger@gmail.com> wrote:
> Our codebase at Jane Street would not suffer from the proposed fix.
>
> In fact, we have previously wished the type system tracked injectivity of type
> constructors. Because it didn't, we wrote Type_equal.Injective [^1] for cases
> when we need to track injectivity ourselves.
>
> [^1] https://ocaml.janestreet.com/ocaml-core/latest/doc/core/Type_equal.Injective.html
Thank you for the pointer.
One could say this actually shows the need for injectivity annotations
(eventhough Core currently works around them).
To be more precise, injectivity has several uses:
1) To allow you to infer equations between types.
For instance, assuming the standard equality witness type:
type (_,_) equal = Eq : ('a,'a) equal
the following function typeckecks
let conv1 : type a b. (a array, b array) equal -> a -> b = fun Eq x -> x
because array is known to be injective, but this one doesn't
let conv2 : type a b. (a Queue.t, b Queue.t) equal -> a -> b = fun Eq x -> x
because Queue.t is an abstract type whose injectivity is unknown.
This part was correctly handled since 4.00.0.
2) To allow you to prove exhaustiveness of pattern matching, by ensuring
that other cases cannot happen. For instance,
type (_,_) comp =
| Ceq : ('a,'a) comp
| Cany : ('a,'b) comp
let f (x : (int array,bool array) comp) = match x with Cany -> ()
causes no warning, because the type system can prove that Ceq since
int array and bool array cannot be equal in any scope. However
let f (x : (int Queue.t, bool Queue.t) comp) = match x with Cany -> 0
should emit a warning, because we cannot prove that int Queue.t and
bool Queue.t are distinct in the absence of injectivity information.
Note that this is not correctly handled in 4.00, and you will get no warning
in this situation. Worse, since the code is optimized accordingly (i.e. no
runtime check is introduced), if the type is really not injective, and you
pass Eq, you can use this as a hole in the type system.
This now works correctly in trunk (PR#5981).
3) The problem I describe in my first mail. I.e. when defining a type,
if you use type variables appearing in constrained type parameters,
you need the type constructors leading to the type variables to be
injective. This is PR#5985, and it is only fixed in branches/non-vanishing.
The goal of the Type_equal.Injective interface in Core is to work around the
limitation on abstract types in (1), by letting you prove injectivity by hand.
But if we had injectivity annotations, this would solve simultaneously all 3
problems: no need to build proofs by hand anymore.
So I understand you answer as: Jane Street is not directly concerned by
(3) at this point, and has already developed a workaround for (1).
I suppose you could profit from injectivity annotations, since you had
to develop a workaround, but this may not be that urgent.
(2) is not so much a problem, since it only means that you may have to
add extra cases to pattern-matching.
Jacques Garrigue
next prev parent reply other threads:[~2013-04-29 23:53 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-28 0:02 Jacques Garrigue
2013-04-28 2:45 ` Markus Mottl
2013-04-28 10:28 ` Jacques Garrigue
2013-04-28 5:54 ` Jacques Le Normand
2013-04-29 3:45 ` Ivan Gotovchits
2013-04-29 4:03 ` Ivan Gotovchits
2013-04-29 5:17 ` Jacques Le Normand
2013-04-29 7:58 ` Alain Frisch
2013-04-29 10:52 ` Jacques Garrigue
2013-04-29 11:23 ` Alain Frisch
2013-04-29 16:37 ` Nathan Mishra Linger
2013-04-29 23:53 ` Jacques Garrigue [this message]
2013-04-30 5:45 ` Jacques Garrigue
2013-05-04 6:46 ` Jacques Garrigue
2013-05-04 7:09 ` Gabriel Scherer
2013-05-04 12:28 ` Jacques Garrigue
2013-04-30 6:59 ` Alain Frisch
2013-04-30 7:56 ` Jacques Garrigue
2013-04-30 8:02 ` Alain Frisch
2013-04-30 8:18 ` Jacques Garrigue
2013-04-30 9:11 ` Gabriel Scherer
2013-04-30 9:55 ` Jacques Garrigue
2013-04-30 10:12 ` Leo White
2013-04-30 11:30 ` Gabriel Scherer
2013-04-30 13:06 ` Leo White
2013-04-29 7:59 ` Gabriel Scherer
2013-07-01 14:47 ` Alain Frisch
2013-07-01 23:20 ` Jacques Garrigue
2013-07-03 16:08 ` Alain Frisch
2013-07-03 16:13 ` Gabriel Scherer
2013-07-04 6:07 ` [Caml-list] Request for feedback: A problem with injectivity oleg
2013-07-04 7:35 ` Alain Frisch
2013-07-05 10:30 ` oleg
2013-07-05 12:02 ` Alain Frisch
2013-07-04 1:00 ` [Caml-list] Request for feedback: A problem with injectivity and GADTs Jacques Garrigue
2013-07-04 8:14 ` Alain Frisch
2013-07-04 8:52 ` Jacques Garrigue
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4282AC1F-F399-4492-980D-8A52C4215E92@math.nagoya-u.ac.jp \
--to=garrigue@math.nagoya-u.ac.jp \
--cc=caml-list@inria.fr \
--cc=nathan.mishralinger@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).