From: "Markus Mottl" <markus.mottl@gmail.com>
To: "Dario Teixeira" <darioteixeira@yahoo.com>
Cc: caml-list@yquem.inria.fr
Subject: Re: [Caml-list] Issues with Sexplib (#1)
Date: Tue, 2 Dec 2008 14:14:45 -0500 [thread overview]
Message-ID: <f8560b80812021114p220a5b20r567937b43609df19@mail.gmail.com> (raw)
In-Reply-To: <110907.37517.qm@web111509.mail.gq1.yahoo.com>
On Sat, Nov 29, 2008 at 11:40 AM, Dario Teixeira
<darioteixeira@yahoo.com> wrote:
> So far so good; now consider the code below, which serialises and then
> unserialises a value of type Foobar.t. Note how a "complex" structure
> can be unserialised as "basic" without any consequences. Therefore, the
> (de)serialisation process can be used to circumvent the restrictions imposed
> by the phantom type.
[snip]
> I understand that phantom types have only a compile-time significance,
> with no runtime expression at all (hence their name). Therefore, it's not
> altogether surprising that the S-expression builder would simply ignore them.
> Still, is there a way to make them explicit in the serialised data, such
> that the unserialiser would cause a runtime error in the above example?
> Note that the serialiser is already passed sexp_of_complex_t though it
> doesn't seem to put it into any actual use.
This is not just a matter of phantom types. Even ordinary abstract
types suffer from this if there are constraints on what constitutes a
well-formed value, i.e. not every concrete representation conforms to
a valid value. E.g. if some abstract type t represents a sorted list
and the internal representation is just a list, somebody could pass
you an S-expression corresponding to an unsorted list.
The only way around this problem is to have functions that check at
runtime whether some value of the internal, concrete type corresponds
to a valid abstract type. Once you have implemented such a function
(e.g. "check_sorted", etc.), you can always easily wrap the converter
for reading from S-expressions to call this test right after
deserializing.
If possible, the best way to handle such situations is to come up with
extensional representations that syntactically only allow construction
of legal values. Then you do not need to add extra checks. But note
that it is not always easy to find such an extensional representation.
Sometimes the representation might also become unwieldy, and there
may not even be such an extensional representation for theoretical
reasons. E.g. think of encoding exactly all terminating programs
extensionally, which would be very nice but is clearly impossible.
Regards,
Markus
--
Markus Mottl http://www.ocaml.info markus.mottl@gmail.com
prev parent reply other threads:[~2008-12-02 19:14 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-11-29 16:40 Dario Teixeira
2008-11-29 17:01 ` [Caml-list] " Till Varoquaux
2008-11-29 17:17 ` Dario Teixeira
2008-12-02 19:14 ` Markus Mottl [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f8560b80812021114p220a5b20r567937b43609df19@mail.gmail.com \
--to=markus.mottl@gmail.com \
--cc=caml-list@yquem.inria.fr \
--cc=darioteixeira@yahoo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).