From: "John R. Strohm" <strohm@airmail.net>
Subject: Re: [Spark] Arrays of Strings
Date: Fri, 11 Apr 2003 08:14:05 -0500
Date: 2003-04-11T08:14:05-05:00 [thread overview]
Message-ID: <314749FA9ED0BA65.8D85E34D0ED0E4B0.A1DEBDFBF232880A@lp.airnews.net> (raw)
In-Reply-To: 1050063540.619475@master.nyc.kbcfp.com
"Hyman Rosen" <hyrosen@mail.com> wrote in message
news:1050063540.619475@master.nyc.kbcfp.com...
> John R. Strohm wrote:
> > When you declare an array to be of a given size, you create a proof
> > obligation that the subscript expression will always be in bounds.
> > Satisfying this proof obligation is what you do during verification.
>
>
> Sure, I understand what program proof and verification are about.
>
> What I'm suggesting is that there is a tension between normal Ada
> usage, which is to declare your types "snugly" so that they hold
> only the ranges you expect them to have, and programs which will
> always be verified before they are permitted to run.
Nope.
Declaring the types "snugly" is a good idea. It gives more information to
the compiler and to the verification system. It may OR MAY NOT make the
verification easier.
The point is that it is not mandatory: the verification system can figure
out the actual constraints.
Declaring the types "snugly" may make the verification harder. Every time a
snugly-declared variable is assigned, a proof obligation is generated, to
prove that the variable will be in bounds. Some of these obligations will
be trivial; some may not be.
next prev parent reply other threads:[~2003-04-11 13:14 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-04-08 12:02 [Spark] Arrays of Strings Lutz Donnerhacke
2003-04-08 18:08 ` Martin Krischik
2003-04-09 9:23 ` Lutz Donnerhacke
2003-04-09 12:38 ` Hyman Rosen
2003-04-09 12:47 ` Vinzent Hoefler
2003-04-09 14:27 ` Hyman Rosen
2003-04-09 15:13 ` Vinzent Hoefler
2003-04-09 17:21 ` Hyman Rosen
2003-04-09 18:41 ` Vinzent Hoefler
2003-04-09 21:04 ` Randy Brukardt
2003-04-10 23:21 ` John R. Strohm
2003-04-11 12:19 ` Hyman Rosen
2003-04-11 13:14 ` John R. Strohm [this message]
2003-04-09 7:50 ` Eric G. Miller
2003-04-09 8:10 ` Lutz Donnerhacke
2003-04-09 18:23 ` Matthew Heaney
2003-04-09 17:42 ` Matthew Heaney
2003-04-09 21:06 ` Randy Brukardt
2003-04-10 8:23 ` Lutz Donnerhacke
2003-04-10 14:09 ` Matthew Heaney
2003-04-10 14:48 ` Hyman Rosen
2003-04-11 6:20 ` Chad R. Meiners
2003-04-11 12:31 ` Hyman Rosen
2003-04-11 18:27 ` Chad R. Meiners
2003-04-11 7:35 ` Phil Thornley
2003-04-11 12:05 ` Marin David Condic
2003-04-11 13:19 ` John R. Strohm
2003-04-12 23:09 ` Robert A Duff
2003-04-11 18:47 ` Chad R. Meiners
2003-04-12 23:51 ` Robert A Duff
2003-04-13 5:47 ` Hyman Rosen
2003-04-14 8:05 ` Lutz Donnerhacke
2003-04-10 15:02 ` Lutz Donnerhacke
2003-04-10 15:50 ` Hyman Rosen
2003-04-10 18:32 ` Randy Brukardt
2003-04-11 6:28 ` Chad R. Meiners
2003-04-11 8:11 ` Lutz Donnerhacke
2003-04-11 12:32 ` Rod Chapman
2003-04-11 14:50 ` Peter Amey
2003-04-11 18:41 ` Matthew Heaney
2003-04-11 21:25 ` Chad R. Meiners
2003-04-12 10:08 ` Peter Amey
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox