From: "Randy Brukardt" <randy@rrsoftware.com>
Subject: Re: The future of Spark . Spark 2014 : a wreckage
Date: Tue, 9 Jul 2013 15:37:10 -0500
Date: 2013-07-09T15:37:10-05:00 [thread overview]
Message-ID: <krhs9n$65h$1@loke.gir.dk> (raw)
In-Reply-To: 1vc73wjwkqmnl$.gx86xaqy60u4$.dlg@40tude.net
"Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de> wrote in message
news:1vc73wjwkqmnl$.gx86xaqy60u4$.dlg@40tude.net...
> On Mon, 8 Jul 2013 16:32:21 -0500, Randy Brukardt wrote:
>
>>> I realy hope that Spark users will say to AdaCore that they aro going
>>> wrong and that AdaCore will really try to make a better future for
>>> Spark.
>>
>> Spark users are on a certain dead-end, IMHO. The future is getting proof
>> into the hands of all programmers, as a normal part of their day-to-day
>> programming. That requires that proofs aren't necessarily complete,
>
> Rather the programmer should announce what to prove and that proof must be
> complete.
Right. And that should be an integral part of compilation: no proof, no
compilation.
>> that
>> they use whatever information is available, and most of all, that they
>> only
>> depend on the specifications of packages (never, ever, on the contents of
>> a
>> body).
>
> There are obviously goals which cannot be proven without the bodies.
> Proofs
> about specifications are important but far not all. Consider LSP as an
> example. You cannot prove substitutability from interfaces. It simply does
> not work. Same with almost everything else, because proving something in
> general is much more harder, even impossible, than proving things about a
> concrete instance, e.g. body.
My contention is such things are not worth proving. With strong enough
contracts (including class-wide contracts for dispatching calls, and
contracts on subprogram types :-), important properties of code can be
proven. What's too hard shouldn't be bothered with, because we've lived just
fine with no proofs at all for programming up to this point. Proofs should
be an aid to debugging, not the be-all, end-all. I want to add proof
technology incrementally so that everyone can use a little of it, benefit
from it, and then use more of it. It's how most Ada programmers learned to
use types and constraints, and its the way to get proofs into the
mainstream. Not by stand-alone tools and subsets with weird rules.
Randy.
Randy.
next prev parent reply other threads:[~2013-07-09 20:37 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-07-08 17:56 The future of Spark . Spark 2014 : a wreckage vincent.diemunsch
2013-07-08 19:24 ` Simon Wright
2013-07-08 20:59 ` Florian Weimer
2013-07-09 7:40 ` Dmitry A. Kazakov
2013-07-09 8:30 ` Georg Bauhaus
2013-07-09 8:58 ` Dmitry A. Kazakov
2013-07-09 10:27 ` G.B.
2013-07-09 11:13 ` G.B.
2013-07-09 15:14 ` Adam Beneschan
2013-07-09 22:51 ` Robert A Duff
2013-07-10 7:49 ` Dmitry A. Kazakov
2013-07-10 8:21 ` Georg Bauhaus
2013-07-08 21:32 ` Randy Brukardt
2013-07-09 7:28 ` Dmitry A. Kazakov
2013-07-09 11:29 ` Simon Wright
2013-07-09 12:22 ` Dmitry A. Kazakov
2013-07-09 20:37 ` Randy Brukardt [this message]
2013-07-10 10:03 ` Dmitry A. Kazakov
2013-07-10 23:21 ` Randy Brukardt
2013-07-11 7:44 ` Dmitry A. Kazakov
2013-07-11 22:28 ` Randy Brukardt
2013-07-12 8:02 ` Dmitry A. Kazakov
2013-07-12 21:16 ` Randy Brukardt
2013-07-14 10:19 ` Dmitry A. Kazakov
2013-07-14 15:57 ` Georg Bauhaus
2013-07-16 0:16 ` Randy Brukardt
2013-07-17 1:30 ` Shark8
2013-07-17 23:08 ` Randy Brukardt
2013-07-18 7:19 ` Dmitry A. Kazakov
2013-07-19 4:36 ` Randy Brukardt
2013-07-16 0:13 ` Randy Brukardt
2013-07-16 8:37 ` Dmitry A. Kazakov
2013-07-16 22:13 ` Randy Brukardt
2013-07-17 7:59 ` Dmitry A. Kazakov
2013-07-17 23:26 ` Randy Brukardt
2013-07-18 7:37 ` Dmitry A. Kazakov
2013-07-19 4:32 ` Randy Brukardt
2013-07-19 7:16 ` Dmitry A. Kazakov
2013-07-20 5:32 ` Randy Brukardt
2013-07-20 9:06 ` Dmitry A. Kazakov
2013-07-12 1:01 ` Slow? Ada?? Bill Findlay
2013-07-09 7:57 ` The future of Spark . Spark 2014 : a wreckage Stefan.Lucks
2013-07-09 20:46 ` Randy Brukardt
2013-07-10 8:03 ` Stefan.Lucks
2013-07-10 12:46 ` Simon Wright
2013-07-10 23:10 ` Randy Brukardt
2013-07-11 19:23 ` Stefan.Lucks
2013-07-12 0:21 ` Randy Brukardt
2013-07-12 9:12 ` Stefan.Lucks
2013-07-12 20:47 ` Randy Brukardt
2013-08-05 5:43 ` Paul Rubin
2013-07-10 12:19 ` vincent.diemunsch
2013-07-10 16:02 ` Simon Wright
2013-07-11 0:36 ` Randy Brukardt
2013-07-11 6:19 ` Simon Wright
2013-07-11 23:11 ` Randy Brukardt
2013-07-11 10:10 ` vincent.diemunsch
2013-07-11 14:23 ` Dmitry A. Kazakov
2013-07-12 0:07 ` Randy Brukardt
2013-07-12 0:00 ` Randy Brukardt
2013-07-12 7:25 ` Simon Wright
2013-07-12 20:07 ` Randy Brukardt
2013-07-12 14:23 ` Robert A Duff
2013-07-12 20:14 ` Randy Brukardt
2013-07-11 23:50 ` Shark8
2013-07-08 23:18 ` Peter C. Chapin
2013-07-09 7:34 ` Stefan.Lucks
2013-07-09 15:21 ` Adam Beneschan
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox