Upgrade to Pro — share decks privately, control downloads, hide ads and more …

When Types are Not Enough

Lars Hupel
September 22, 2015
Programming
1
760

When Types are Not Enough

Live code: https://gist.github.com/larsrh/d931ae84e48b2089d981

It is well-known that tests provide an existential guarantee (if the test fails, there is a bug), and that types provide a universal guarantee (the program can't go wrong). Combined, both are useful tools to gain more confidence in the correctness of a given program. However, not all languages provide a sophisticated type system which is able to encode strong properties. Some do, but the syntax is cumbersome. Luckily, there are tools which help to verify code without having to resort to rewriting it completely in a different language.

In this talk, we’ll explore the meanings of specification and implementation, how to formally specify programs, and how to create a connection between these two. We will also look at how to produce one from the other, and present some of the existing tools.

Lars Hupel

September 22, 2015
Tweet

More Decks by Lars Hupel

See All by Lars Hupel
Digital Euro Update
larsrh
0
12
Kugelsichere Architektur mit formalen Methoden
larsrh
0
27
Der Digitale Euro: Was, Warum, Wie?
larsrh
0
36
Digital Cash: What It Is and How It Works
larsrh
0
44
When testing just doesn't cut it (Lambda Days edition)
larsrh
0
29
Designing CBDCs for Seamless Integration with External DLTs: Strategies and Solutions
larsrh
0
42
1000 auf einen Streich
larsrh
0
82
When testing just doesn't cut it
larsrh
0
34
The Role of DSLs in Architecture Design
larsrh
0
37

Other Decks in Programming

See All in Programming
Kaigi on Rails 2024 〜運営の裏側〜
krpk1900
1
210
型付き API リクエストを実現するいくつかの手法とその選択 / Typed API Request
euxn23
8
2.2k
どうして僕の作ったクラスが手続き型と言われなきゃいけないんですか
akikogoto
1
120
3rd party scriptでもReactを使いたい! Preact + Reactのハイブリッド開発
righttouch
PRO
1
600
Quine, Polyglot, 良いコード
qnighy
4
640
Outline View in SwiftUI
1024jp
1
330
「今のプロジェクトいろいろ大変なんですよ、app/services とかもあって……」/After Kaigi on Rails 2024 LT Night
junk0612
5
2.1k
ふかぼれ!CSSセレクターモジュール / Fukabore! CSS Selectors Module
petamoriken
0
150
Webの技術スタックで マルチプラットフォームアプリ開発を可能にするElixirDesktopの紹介
thehaigo
2
1k
Flutterを言い訳にしない!アプリの使い心地改善テクニック5選🔥
kno3a87
1
170
最新TCAキャッチアップ
0si43
0
140
Hotwire or React? ~アフタートーク・本編に含めなかった話~ / Hotwire or React? after talk
harunatsujita
1
120

Featured

See All Featured
How to train your dragon (web standard)
notwaldorf
88
5.7k
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.1k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
229
52k
Designing the Hi-DPI Web
ddemaree
280
34k
Navigating Team Friction
lara
183
14k
Code Reviewing Like a Champion
maltzj
520
39k
Testing 201, or: Great Expectations
jmmastey
38
7.1k
Git: the NoSQL Database
bkeepers
PRO
427
64k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
364
24k
Building Better People: How to give real-time feedback that sticks.
wjessup
364
19k
Product Roadmaps are Hard
iamctodd
PRO
49
11k
Large-scale JavaScript Application Architecture
addyosmani
510
110k

Transcript

  1. When Types are Not Enough Lars Hupel September 22nd, 2015

  2. So ware Development ▶ there are many methodologies out there

    ... ▶ in Scala: universal agreement that types and tests should be used for correctness ▶ What is correctness? ▶ Who defines correctness? 2

  3. Example Task Implement a func on which sorts a list

    of numbers. 3

  4. Example Task Implement a func on which sorts a list

    of numbers. Solu on? ▶ numbers? 3

  5. Example Task Implement a func on which sorts a list

    of numbers. Solu on? ▶ numbers? ▶ sort? 3

  6. Example Task Implement a func on which sorts a list

    of numbers. Solu on? ▶ numbers? ▶ sort? ▶ duplicates? ordering? stability? 3

  7. Specifica ons 4

  8. Specifica ons 4

  9. Assump ons ▶ There is a clear specifica on. ▶

    ... if only for a subsystem. ▶ The specifica on makes sense. ▶ The specifica on doesn’t contradict itself. 5

  10. Specifica on vs. Implementa on How to check adherence of

    an implementa on to a specifica on? tests “in these cases, the output is correct” types “for all inputs, the output is wellformed” proofs “for all inputs, the output is correct” 6

  11. Specifica on vs. Implementa on How to check adherence of

    an implementa on to a specifica on? tests “in these cases, the output is correct” types “for all inputs, the output is wellformed” proofs “for all inputs, the output is correct” 6 It looks like you want to prove something. Need help with that?

  12. What can types do? “ A type system is a

    tractable syntac c method of proving the absence of certain program behaviors by classifying phrases according to the kinds of values they compute. Benjamin Pierce ” 7

  13. Types vs. Proofs ▶ Curry-Howard tells us that types are

    proposi ons and values are proofs ▶ Dependently-typed languages: unified values & types ▶ process of construc ng values entails proving correctness ▶ intrinsic connec on 8

  14. Example data Color = Red | Black data Tree a

    = Leaf | Node color (Tree a) a (Tree a) isRBT :: Tree a -> Bool 9

  15. Example data Color = Red | Black data Nat =

    Z | S Nat data Tree :: * -> Color -> Nat -> * where Leaf :: Tree a Black Z NodeR :: a -> Tree a Black n -> Tree a Black n -> Tree a Red n NodeB :: a -> Tree a c n -> Tree a c’ n -> Tree a Black (S n) 9

  16. Programming & Proving systems Type expressiveness Proof suitability 10

  17. Example data Color = Red | Black data Nat =

    Z | S Nat data Tree :: * -> Color -> Nat -> * where Leaf :: Tree a Black Z NodeR :: a -> Tree a Black n -> Tree a Black n -> Tree a Red n NodeB :: a -> Tree a c n -> Tree a c’ n -> Tree a Black (S n) 11

  18. Proving with Simple Types ▶ even without fancy types, proofs

    are s ll possible ▶ enforces separa on of terms and proposi ons 12

  19. Q & A  larsr h  larsrh