From: "Markus Mottl" <markus.mottl@gmail.com>
To: "Brian Hurt" <bhurt@janestcapital.com>
Cc: "Geoffrey Alan Washburn" <geoffw@cis.upenn.edu>, caml-list@inria.fr
Subject: Re: [Caml-list] Re: Void type?
Date: Mon, 30 Jul 2007 13:58:12 -0400 [thread overview]
Message-ID: <f8560b80707301058g166368b2h705e3e344a9e8738@mail.gmail.com> (raw)
In-Reply-To: <46ADE367.8020801@janestcapital.com>
On 7/30/07, Brian Hurt <bhurt@janestcapital.com> wrote:
> I'm not sure I agree with this- especially the proposition that unit ==
> truth. That would make a function of the type:
> unit -> 'a
> equivelent to the proposition "If true then for all a, a", which is
> obviously bogus.
Indeed, this proposition is impossibly true.
> The assumption of the Ocaml type system is that you
> can not form "false" theorems within the type system (these correspond
> to invalid types). So either this assumption is false, or unit is the
> void type in the Ocaml type system.
I guess you mean that one cannot form proofs of propositions that
don't have a model (i.e. an interpretation that makes the proposition
true). There is a false dichotomy here. It rests on the assumption
that a pure program that has such a type is a proof of the proposition
whereas in fact it isn't. The assumption that programs are proofs
only makes sense if every program is strongly normalizing, i.e.
requires only a finite amount of evaluation (= "proof") steps. This
is always the case with e.g. the pure, simply typed lambda calculus
without fixed-point operator, which is strongly normalizing.
Something that requires an infinite number of derivation steps cannot
be considered a proof.
If we constrained ourselves to programs that are proofs only, and if
we required soundness, too, then there would be satisfiable
propositions for which, indeed, you wouldn't be able to write down a
program of corresponding type: some solvable problems would become
unsolvable to us.
OCaml is not unsound. It is also not incomplete in the sense that you
cannot write down a terminating program for a proposition that has a
model. But this unfortunately necessarily implies that you can write
down programs that are not proofs, i.e. never terminate.
Note that you can also write down the type "unit -> unit", which is a
tautology and therefore trivially true in any interpretation. But you
can still write down a program of this type that doesn't constitute a
proof of the corresponding proposition irrespective of how trivial it
may be:
let rec f () = f (f ())
Provability and truth are two distinct concepts, you cannot conflate
the two in the general case. This is a direct consequence of Goedel's
incompleteness theorem.
Some program may constitute a proof or not, and a type may correspond
to a satisfiable proposition or not. We definitely don't want a
system that allows us to write down something that is a proof of a
false proposition (= unsound). We want to be able to write down a
proof for every proposition that has a model (= completeness). But
then we'll have to live with the presumably less awful fact that we
will be able to write down non-proofs of non-truths (and truths
alike)...
> More pragmatically, I don't see any situation in which void can be used
> where unit couldn't be used just as well, if not better.
You'll laugh, but I just actually made use of Chung-chieh Shan's trick
to use polymorphic record fields in our code base. Here is a rough
idea of where this may be useful:
Assume you have a functor argument that defines several types and
functions operating on these types. Now assume that I know that I
will never want to use the module resulting from the functor
application in a way that requires the use of some of these types and
associated functions in the functor argument. How can I make sure
that nobody will ever do something with the resulting module that
violates these assumptions? E.g.:
---------------------------------------------
module type ARG = sig
type t
type u
val use_t : t -> unit
val use_u : u -> t
end
module Func (Arg : ARG) = struct
let propagate_t arg_t = Arg.use_t arg_t
let propagate_u arg_u = Arg.use_u arg_u
end
type void = { void : 'a. 'a }
module Arg = struct
type t = int
type u = void
let use_u u = u.void
let use_t t = print_int t
end
---------------------------------------------
If I had specified "u" as "unit" in the above example, I would need to
e.g. raise an exception in "use_u" to indicate that my assumption was
violated, or return a dummy value (integer) which may screw up
something in the functor body, etc. But having specified the value as
"void", I essentially get a proof at compile time that nobody will
ever be able to misuse the module resulting from the functor
application.
Of course, I could restrict the signature of the resulting module, but
this may be a non-trivial effort, e.g. if type "u" is used in sum
types of the resulting module, etc., in which case I'd have to wrap
the result in an intermediate module that translates function calls
accordingly. The "void" solution on the other hand is just plain
awesome and solves this problem safely and conveniently.
Best regards,
Markus
--
Markus Mottl http://www.ocaml.info markus.mottl@gmail.com
next prev parent reply other threads:[~2007-07-30 17:58 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-07-28 4:14 Stefan Monnier
2007-07-28 4:33 ` [Caml-list] " Erik de Castro Lopo
2007-07-28 4:51 ` Chris King
2007-07-28 18:49 ` Stefan Monnier
2007-07-28 18:53 ` Basile STARYNKEVITCH
2007-07-29 0:48 ` Stefan Monnier
2007-07-28 18:57 ` Arnaud Spiwack
2007-07-28 6:12 ` Daniel de Rauglaudre
2007-07-28 6:15 ` Chung-chieh Shan
2007-07-28 8:22 ` [Caml-list] " rossberg
2007-07-29 6:31 ` Chung-chieh Shan
2007-07-29 11:05 ` [Caml-list] " Arnaud Spiwack
2007-07-29 11:16 ` Jon Harrop
2007-07-29 11:36 ` Arnaud Spiwack
2007-07-29 12:43 ` Richard Jones
2007-07-29 12:58 ` Arnaud Spiwack
2007-07-29 17:02 ` Richard Jones
2007-07-29 20:06 ` Arnaud Spiwack
2007-07-29 22:55 ` Brian Hurt
2007-07-30 4:40 ` skaller
2007-07-30 23:13 ` Brian Hurt
2007-07-31 8:52 ` Richard Jones
2007-07-31 13:08 ` Chris King
2007-07-31 15:27 ` Markus Mottl
2007-08-01 11:37 ` Tom
2007-08-01 16:23 ` Markus Mottl
2007-07-30 4:44 ` Geoffrey Alan Washburn
2007-07-30 13:11 ` [Caml-list] " Brian Hurt
2007-07-30 13:32 ` Christopher L Conway
2007-07-30 13:35 ` Geoffrey Alan Washburn
2007-07-30 13:41 ` [Caml-list] " Chris King
2007-07-30 17:43 ` Christophe Raffalli
2007-07-30 17:58 ` Markus Mottl [this message]
2007-07-30 14:27 ` Jeff Polakow
2007-07-28 7:58 ` Sébastien Hinderer
2007-07-28 8:13 ` [Caml-list] " Basile STARYNKEVITCH
2007-07-28 12:29 ` Christophe TROESTLER
2007-07-28 13:36 ` Brian Hurt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f8560b80707301058g166368b2h705e3e344a9e8738@mail.gmail.com \
--to=markus.mottl@gmail.com \
--cc=bhurt@janestcapital.com \
--cc=caml-list@inria.fr \
--cc=geoffw@cis.upenn.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).