From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Thread: 103376,93a8020cc980d113
X-Google-Attributes: gid103376,public
X-Google-Language: ENGLISH,ASCII-7-bit
Newsgroups: comp.lang.ada
Subject: Re: What is wrong with Ada?
References: <1176150704.130880.248080@l77g2000hsb.googlegroups.com>
 <zyBSh.44138$oV.14776@attbi_s21>
 <461B52A6.20102@obry.net> <awirc4gv13.fsf@hod.lan.m-e-leypold.de>
 <461BA892.3090002@obry.net> <yeabxgnsrj.fsf@hod.lan.m-e-leypold.de>
 <82dgve.spf.ln@hunter.axlog.fr>
 <1176226291.589741.257600@q75g2000hsh.googlegroups.com>
 <4eaive.6p9.ln@hunter.axlog.fr> <sa4ps6apjb7.fsf@margay.local>
 <wccwt0ho2fc.fsf@shell01.TheWorld.com>
 <1rbtw92apxpl1.1ednvo8v6oiq8$.dlg@40tude.net>
 <aslkgxyvpj.fsf@hod.lan.m-e-leypold.de>
 <el1sx203zohn$.1ehb1vbs3p0vd.dlg@40tude.net>
From: Markus E Leypold
 <development-2006-8ecbb5cc8aREMOVETHIS@ANDTHATm-e-leypold.de>
Organization: N/A
Date: Sat, 14 Apr 2007 12:48:12 +0200
Message-ID: <mn3b33w7tf.fsf@hod.lan.m-e-leypold.de>
User-Agent: Some cool user agent (SCUG)
Cancel-Lock: sha1:G+SeBLaGkvb6Dc50lTrSntENTLo=
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
NNTP-Posting-Host: 88.72.255.147
X-Trace: news.arcor-ip.de 1176547245 88.72.255.147 (14 Apr 2007 12:40:45
 +0200)
X-Complaints-To: abuse@arcor-ip.de
Path: 
 g2news1.google.com!news3.google.com!out02b.usenetserver.com!news.usenetserver.com!in01.usenetserver.com!news.usenetserver.com!news.tele.dk!news.tele.dk!small.news.tele.dk!news-fra1.dfn.de!newsfeed.arcor-ip.de!news.arcor-ip.de!not-for-mail
Xref: g2news1.google.com comp.lang.ada:15035
Date: 2007-04-14T12:48:12+02:00
List-Id: <comp.lang.ada>


"Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de> writes:

> On Fri, 13 Apr 2007 02:16:56 +0200, Markus E Leypold wrote:
>
>> "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de> writes:
>> 
>>> Tests should cover all program states. Covering all paths is a rough
>>> approximation of.
>> 
>>> But the number of program states is finite, or else the program is wrong
>>> anyway? 
>> 
>> Don't understand that. Assuming the program terminates fo a give input
>> I the number of states it goes through during execution -- S_1 ... S_n
>> -- is finite. The number of valid input sets is usually less well
>> defined, but assuming (and this is wrong) they are finite, i.e. the
>> sets I \from I_1, I_2 ... I_n are the only valid input then you still
>> have a finite number of program states. Still the number of possible
>> inputs might be rather large (i.e. to a type setter it's all possible
>> books :-), so exhaustive testing is impossible (and your "Tests should
>> cover all program states" is just saying, that you can't test enough).
>> 
>> But the set of all inputs is not necessarily finite -- i.e. in the
>> case that the user might enter one data item after the other and get
>> some answer about that item until he enters a end-of-input symbol
>> (stupid example: an interactive prime tester). Since it is nonsense to
>> artificially restrict the length of the user interaction just to get a
>> finite set of input sequences, we will have to live with a infinite
>> number of potential inputs to the program. So the paths covered are
>> also inifinite (program state is still finite since the machine has
>> only finite state).
>
> What I meant is that we cannot write a correct program running on a finite
> machine which would non-trivially processes an infinite input. [ <=>
> uncountable sets cannot be enumerated. ]

That is, excuse me, wrong. I thought that you had fallen for that
fallacy. Let me explain:

The machine itself might go only through a finite number of
states. But the user input might be a sequence of key presses that
might terminate arbitrarily late. The input is finite, but the
"processing state space" and the output space are only finite. This is
possible: Imagein a "machine" that only counts/indicates wether the
number of keypresses entered in a sequence from power-on to the end of
sequence mark are odd or even: Finite program, finite states (rather
easy indeed). But the set of all "legal" input sequences is
infinite. Nonetheless the program is correct.

> Consider a program P that counts the number of key presses. This program is
> necessarily incorrect. Because a correct P would have an infinite number of
> states.

In this case yes. But see above. Logically an example that shows an
attempt to produce an artefact with property X (your program) that
fails, does not prove its impossible. I've shown that your proposition
doesn't hold (except if you define "non-trivially" as requiring an
infinete number of "processing states".

> Obviously, for an unlimited input, if you use Integer, you have to deal
> with Constraint_Error, if you use Unbounded_String be prepared to
> Storage_Error [*]. Otherwise the program is not non-testable, it is
> *proven* wrong.
>
> Non-testability is rather practical. For all, if P has n states then a test
> program T(P) should have > 2**n states, and T(T(P)) should have >
> 2**(2**n)...

See above: You're wrong.

Regards -- Markus