Standard syntax for preconditions, postconditions, and invariants

Taral taralx at gmail.com
Thu Oct 19 18:58:50 EDT 2006


On 10/19/06, Neil Mitchell <ndmitchell at gmail.com> wrote:
> Hi
>
> > reverse @ ensure { reverse (reverse xs) == xs }
>
> Question, does "reverse [1..]" meet, or not meet this invariant?

This is a good point. You can only do sensible conditions on functions
if appropriate termination constraints are met.

> > invariant RedBlackTree a where
> >   RBNode False _ l _ r ==> redDepth l == redDepth r
>
> Where does this invariant hold? At all points in time? After a call
> has executed? Only between module boundaries?

This invariant holds at the time you build the RBNode. It's
effectively a precondition on the RBNode "function".

> That said, I think that embedding invariants/pre/postconditions in the
> code is very useful, I just don't think that Haskell' is a good target
> for this - there is a big design space that no one has yet explored.

I agree that Haskell' will not have this, if only under the "must
already be implemented" requirement for major features. However, it
seems that Haskell' is a good way to get people thinking about future
improvements, and I'd hate to stifle that.

-- 
Taral <taralx at gmail.com>
"You can't prove anything."
    -- Gödel's Incompetence Theorem


More information about the Haskell-prime mailing list