From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00, REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4 X-Google-Thread: 103376,93a8020cc980d113 X-Google-Attributes: gid103376,public X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news3.google.com!news.germany.com!newsfeed01.sul.t-online.de!t-online.de!newsfeed.arcor.de!newsspool2.arcor-online.net!news.arcor.de.POSTED!not-for-mail From: "Dmitry A. Kazakov" Subject: Re: What is wrong with Ada? Newsgroups: comp.lang.ada User-Agent: 40tude_Dialog/2.0.15.1 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Reply-To: mailbox@dmitry-kazakov.de Organization: cbb software GmbH References: <1176150704.130880.248080@l77g2000hsb.googlegroups.com> <461B52A6.20102@obry.net> <461BA892.3090002@obry.net> <82dgve.spf.ln@hunter.axlog.fr> <1176226291.589741.257600@q75g2000hsh.googlegroups.com> <4eaive.6p9.ln@hunter.axlog.fr> <1rbtw92apxpl1.1ednvo8v6oiq8$.dlg@40tude.net> Date: Sat, 14 Apr 2007 09:01:09 +0200 Message-ID: NNTP-Posting-Date: 14 Apr 2007 09:00:15 CEST NNTP-Posting-Host: e4883231.newsspool3.arcor-online.net X-Trace: DXC=lBPk:Qo@DQn016@cHD@m;jMcF=Q^Z^V3h4Fo<]lROoRaFl8W>\BH3Yb3[793>I;A?eDNcfSJ;bb[eIRnRBaCd On Fri, 13 Apr 2007 02:16:56 +0200, Markus E Leypold wrote: > "Dmitry A. Kazakov" writes: > >> Tests should cover all program states. Covering all paths is a rough >> approximation of. > >> But the number of program states is finite, or else the program is wrong >> anyway? > > Don't understand that. Assuming the program terminates fo a give input > I the number of states it goes through during execution -- S_1 ... S_n > -- is finite. The number of valid input sets is usually less well > defined, but assuming (and this is wrong) they are finite, i.e. the > sets I \from I_1, I_2 ... I_n are the only valid input then you still > have a finite number of program states. Still the number of possible > inputs might be rather large (i.e. to a type setter it's all possible > books :-), so exhaustive testing is impossible (and your "Tests should > cover all program states" is just saying, that you can't test enough). > > But the set of all inputs is not necessarily finite -- i.e. in the > case that the user might enter one data item after the other and get > some answer about that item until he enters a end-of-input symbol > (stupid example: an interactive prime tester). Since it is nonsense to > artificially restrict the length of the user interaction just to get a > finite set of input sequences, we will have to live with a infinite > number of potential inputs to the program. So the paths covered are > also inifinite (program state is still finite since the machine has > only finite state). What I meant is that we cannot write a correct program running on a finite machine which would non-trivially processes an infinite input. [ <=> uncountable sets cannot be enumerated. ] Consider a program P that counts the number of key presses. This program is necessarily incorrect. Because a correct P would have an infinite number of states. Obviously, for an unlimited input, if you use Integer, you have to deal with Constraint_Error, if you use Unbounded_String be prepared to Storage_Error [*]. Otherwise the program is not non-testable, it is *proven* wrong. Non-testability is rather practical. For all, if P has n states then a test program T(P) should have > 2**n states, and T(T(P)) should have > 2**(2**n)... ------------ * but Storage_Error cannot be handled in Ada! -- Regards, Dmitry A. Kazakov http://www.dmitry-kazakov.de