On 16-Jun-1998, Simon L Peyton Jones <[EMAIL PROTECTED]> wrote:
>
> [Fergus wrote:]
> > I thought about this problem some more, and I have realized that the
> > problem of nondeterminacy for Haskell exceptions would in fact be
> > considerably worse that I had previously considered. The trouble is
> > that in the general case the problem is not just that the choice of
> > which exception is raised is nondeterministic -- instead, it would be
> > much worse: the choice of whether you raise an exception or loop
> > forever can be also be nondeterministic. This occurs because of
> > expressions such as `0/0 + loop'. Or, to take a more realistic (and
> > nasty) example, `f 0' where `f x = 1/x + g x' where `g x' happens to
> > loop if `x' is zero.
>
> I don't agree that this is a problem. If (g x) loops when x is zero
> then you should jolly well test for that:
>
> f x | x == 0 = raise "x is zero"
> | otherwise = 1/x + g x
Simon, I'm sure that a really thorough programmer such as yourself
would never forget to insert such a test. But, as was recently
demonstrated on this mailing list ;-), I'm quite fallible.
I'm sure there are many other fallible Haskell programmers around.
To minimize the bugs in my programs, I use a lot of different tools
and techniques. I write in languages that have a lot of static checking,
so that the compiler will catch a lot of my mistakes. I get my colleagues
to review my code. And last but not least, I test my code.
For the kind of bug referred to above, static checking isn't going to
help (at least not given the current state of the art -- no doubt
improvements are possible). Code reviews would help, but my colleagues
are fallible too. And this kind of bug is very difficult to test for.
Not only is it difficult to construct test cases that exercise all the
exceptional cases, even that is not sufficient, since it might work
fine with one implementation and then fail with another.
So, I don't think it is reasonable to say that this is not a problem.
It may not be a big problem, but I do consider it a problem.
Now, we can certainly debate the likely frequency of such bugs, and
their cost, and compare this with the advantages and disadvantages
of exception handling. In fact, it does seem likely that such
bugs would be very rare. The cost of each such bug may be high,
but if they occur infrequently enough, then the overall cost will be small.
So maybe you just meant that it wasn't likely to be a significant problem
in practice. If that was what you meant, then I'm inclined to agree
with you.
> I simply don't think it's reasonable to comletely prescribe
> the evaluation order of a lazy functional program.
Why not? Because it would inhibit optimization?
This is true, but for some applications reliability (and hence
determinism) is much more important than efficiency.
For these applications, I think it would be reasonable
to specify the behaviour exactly, even if it means giving
up some optimization opportunities. Do you agree?
Conversely, there are many applications for which efficiency
is more important than determinacy, so for those applications
I agree the behaviour should not be specified exactly.
Fortunately a single language can support both kinds of applications,
as I outlined in previous mail.
> At the moment, Haskell has the fiction that a divide-by-zero
> exception and non-termination are the same value, i.e. bottom.
> That allows us to say that the behaviour of
>
> f x = 1/x + g x
>
> is identical regardless of whether "+" evaluates its first
> argument first or second. But we all know that the behaviour
> in these two cases is quite different: one prints a message and
> halts, and the other fails to terminate. So in this sense
> the behaviour of Haskell programs is already non-deterministic.
That's true, but since both the fatal error message and non-termination
constitute program bugs, this is not so much of a worry.
The nondeterminism doesn't make testing any more difficult, for example.
--
Fergus Henderson <[EMAIL PROTECTED]> | "I have always known that the pursuit
WWW: <http://www.cs.mu.oz.au/~fjh> | of excellence is a lethal habit"
PGP: finger [EMAIL PROTECTED] | -- the last words of T. S. Garp.
