Date: Tue, 21 Oct 2025 00:01:13 +0300
On Mon, 20 Oct 2025 at 23:57, Gašper Ažman <gasper.azman_at_[hidden]> wrote:
>
> I mean that the P2900 syntax is enough for assertions; inline semantic forcing IMO actually decreases safety (in the same way that to keep an exposed gas pipe safe, you should mark it loudly, and not try to build massive walls, because it statistically leads to fewer accidents).
I don't understand how that answers my question.
> We will need a massive investment into static analysis for the predicates to be useful for proving programs correct without runtime checks, which is where the real step-change will come from. In my opinion.
It's curious indeed that we didn't then choose an approach that would
actually help all that static analysis, and perhaps make that
investment less
massive.
Suggested massive investments tend to have bad chances of actually happening...
>
> I mean that the P2900 syntax is enough for assertions; inline semantic forcing IMO actually decreases safety (in the same way that to keep an exposed gas pipe safe, you should mark it loudly, and not try to build massive walls, because it statistically leads to fewer accidents).
I don't understand how that answers my question.
> We will need a massive investment into static analysis for the predicates to be useful for proving programs correct without runtime checks, which is where the real step-change will come from. In my opinion.
It's curious indeed that we didn't then choose an approach that would
actually help all that static analysis, and perhaps make that
investment less
massive.
Suggested massive investments tend to have bad chances of actually happening...
Received on 2025-10-20 21:01:29