Logs: liberachat/#haskell
| 2021-07-25 18:15:16 | <dsal> | Is it just that you're using Int and that's not an appropriate type for your problem? |
| 2021-07-25 18:16:09 | <vaibhavsagar[m]> | it sounds like their problem is that overflow might be happening in their dependencies |
| 2021-07-25 18:16:21 | <vaibhavsagar[m]> | and there isn't a language-level way of preventing this |
| 2021-07-25 18:16:39 | <arkanoid> | vaibhavsagar[m]: thanks |
| 2021-07-25 18:16:43 | <[exa]> | apparently some other languages can prevent that |
| 2021-07-25 18:16:47 | <[exa]> | are there examples? |
| 2021-07-25 18:16:56 | <vaibhavsagar[m]> | C# apparently |
| 2021-07-25 18:17:05 | <arkanoid> | https://docs.microsoft.com/en-us/dotnet/csharp/language-reference/keywords/checked |
| 2021-07-25 18:17:20 | <nitrix> | They're worried about code not under their control that would be responsible to overflow, somehow obsessed on the overflow part and not concerned about any other malicious thing that vendor code could be doing. |
| 2021-07-25 18:17:21 | → | Guest57 joins (~Guest57@50.47.115.102) |
| 2021-07-25 18:18:00 | × | drd quits (~drd@93-39-151-19.ip76.fastwebnet.it) (Read error: Connection reset by peer) |
| 2021-07-25 18:18:08 | <nitrix> | But my stance is the same. As far as Int goes, that's exactly it's behavior. If you don't want that behavior or can't trust people did their homework when they use it, then apply your policy and refuse that code. |
| 2021-07-25 18:18:23 | <dsal> | I don't understand how this C# thing is any different. So if the code in the dependency uses `checked` that's effectively using the correct data type. |
| 2021-07-25 18:18:24 | <arkanoid> | https://doc.rust-lang.org/std/primitive.i32.html#method.checked_add |
| 2021-07-25 18:18:28 | × | Null_A quits (~null_a@2601:645:8700:2290:707f:6ddd:516:dcea) (Remote host closed the connection) |
| 2021-07-25 18:18:47 | → | drd joins (~drd@2001:b07:a70:9f1f:1562:34de:f50f:77d4) |
| 2021-07-25 18:19:01 | <arkanoid> | dsal: the C# check goes all down the stack and check imported logic too |
| 2021-07-25 18:19:28 | <dsal> | The rust checked add is basically function I wrote yesterday for a semigroup implementation of a type that ensures addition only goes up to `maxBound` |
| 2021-07-25 18:19:45 | <nitrix> | Yeah. They mentioned earlier "arbitrary-precision integers in higher-level languages like Lisp, Python, Perl, Ruby" which is again the proper type and Haskell has that too. |
| 2021-07-25 18:20:41 | × | drd quits (~drd@2001:b07:a70:9f1f:1562:34de:f50f:77d4) (Client Quit) |
| 2021-07-25 18:20:46 | <arkanoid> | dsal: but you can enforce it with preprocessing, there are also other tools at type and compiler level. https://doc.rust-lang.org/stable/std/num/struct.Wrapping.html |
| 2021-07-25 18:21:04 | <arkanoid> | nitrix: you are not seeing the problem, apparently |
| 2021-07-25 18:21:25 | <vaibhavsagar[m]> | I'm not seeing the problem either |
| 2021-07-25 18:21:26 | → | drd joins (~drd@2001:b07:a70:9f1f:1562:34de:f50f:77d4) |
| 2021-07-25 18:21:29 | <vaibhavsagar[m]> | use `Integer` |
| 2021-07-25 18:21:31 | <arkanoid> | having it for MY code doesn't make it into imported logic |
| 2021-07-25 18:21:38 | <vaibhavsagar[m]> | or `toIntegralSized` |
| 2021-07-25 18:21:47 | <dsal> | I don't know rust, but nothing you're describing there sounds much different from how I'd do it in Haskell. |
| 2021-07-25 18:21:59 | <[exa]> | arkanoid: do all rust packages use the checked_add ? |
| 2021-07-25 18:22:03 | <nitrix> | I understand your problem. "What if someone has a malicious call to exit(), or launchTheNukes() in their library that I'm not expecting". |
| 2021-07-25 18:22:24 | <vaibhavsagar[m]> | https://hackage.haskell.org/package/base-4.15.0.0/docs/Data-Bits.html#v:toIntegralSized |
| 2021-07-25 18:23:08 | <nitrix> | And I also understand that you're under the impression that this is something that the type system would prevent, but you're misunderstanding the situation. There is _nothing_ to prevent, this is the desired behavior for Int. |
| 2021-07-25 18:23:14 | <arkanoid> | this is at compiler level https://doc.rust-lang.org/rustc/codegen-options/index.html#overflow-checks |
| 2021-07-25 18:24:06 | <[exa]> | arkanoid: is downing an airplane because of an overflow better than just continuing on a slightly wrong trajectory? |
| 2021-07-25 18:24:12 | <dsal> | Does the compiler have checks for other mathematical errors that might exist in the code? |
| 2021-07-25 18:24:14 | <vaibhavsagar[m]> | that's not a type system check |
| 2021-07-25 18:24:29 | × | drd quits (~drd@2001:b07:a70:9f1f:1562:34de:f50f:77d4) (Client Quit) |
| 2021-07-25 18:24:46 | → | drd joins (~drd@93-39-151-19.ip76.fastwebnet.it) |
| 2021-07-25 18:25:39 | <vaibhavsagar[m]> | it looks like it checks for division by zero errors: https://stackoverflow.com/questions/42544491/can-i-disable-checking-for-zero-division-every-time-the-division-happens |
| 2021-07-25 18:25:39 | <DigitalKiwi> | [exa]: what if it's a rocket on a slightly wrong trajectory lol |
| 2021-07-25 18:26:08 | <[exa]> | DigitalKiwi: might be useful tbh :D |
| 2021-07-25 18:26:16 | <nitrix> | The wrong trajectory is a bad analogy. The result still has to be mathematically correct for Int. |
| 2021-07-25 18:26:47 | <nitrix> | The difference here is that Int semantics follows modulo-arithmetic, which arkanoid refuses to believe in. |
| 2021-07-25 18:27:18 | <DigitalKiwi> | https://twitter.com/hdevalence/status/1413559229672165380 |
| 2021-07-25 18:27:18 | <[exa]> | nitrix: for a programmer who didn't expect the overflow the trajectory is going to be literally the wrong one :] |
| 2021-07-25 18:27:21 | <dsal> | Does that mean that in C# code that's otherwise correct will start throwing an exceptions under certain contexts? |
| 2021-07-25 18:28:52 | <DigitalKiwi> | oh yeah this one https://twitter.com/pee_zombie/status/1413567104679387143 |
| 2021-07-25 18:29:12 | <nitrix> | [exa], Except you would expect the overflow, since you chose Int and you know that it does overflow. |
| 2021-07-25 18:29:22 | <arkanoid> | checking overflows means that you know when it happens. The effect my vary. May throw an exception, may print a warning, and so on. Surely not return 0 or something else |
| 2021-07-25 18:29:41 | <nitrix> | That's literally it's behavior. If you don't like the behavior then pick a type with a better behavior. |
| 2021-07-25 18:29:44 | → | leeper joins (leeper@gateway/vpn/nordvpn/leeper) |
| 2021-07-25 18:29:52 | <arkanoid> | nitrix: other-people-code |
| 2021-07-25 18:29:56 | × | drd quits (~drd@93-39-151-19.ip76.fastwebnet.it) (Read error: Connection reset by peer) |
| 2021-07-25 18:30:02 | <arkanoid> | you keep ignoring the point |
| 2021-07-25 18:30:03 | <[exa]> | nitrix: yeah but we are talking about the other programmers now |
| 2021-07-25 18:30:13 | <nitrix> | And yes, people sometimes use Int when they should use Integer. It's acceptable for some programs, for programs that it's not, then of course you don't use those. |
| 2021-07-25 18:30:39 | → | slice joins (~slice@user/slice) |
| 2021-07-25 18:30:45 | → | drd joins (~drd@2001:b07:a70:9f1f:1562:34de:f50f:77d4) |
| 2021-07-25 18:30:48 | <DigitalKiwi> | http://www.math.sjsu.edu/~foster/m143m/ariane_rocket_overflow.pdf |
| 2021-07-25 18:30:53 | <nitrix> | Then don't use the code that's problematic. |
| 2021-07-25 18:31:06 | <c_wraith> | I pretty much only use Int if it's describing the cardinality of something in memory. |
| 2021-07-25 18:31:07 | <nitrix> | Why are you making this so complicated. Use what work, don't use what doesn't. |
| 2021-07-25 18:31:24 | × | drd quits (~drd@2001:b07:a70:9f1f:1562:34de:f50f:77d4) (Client Quit) |
| 2021-07-25 18:31:40 | → | drd joins (~drd@93-39-151-19.ip76.fastwebnet.it) |
| 2021-07-25 18:31:47 | <[exa]> | DigitalKiwi: okay that was the unlucky one |
| 2021-07-25 18:32:37 | <[exa]> | DigitalKiwi: my airplane overflowed the seatbelt ding statistic counter and somehow survived |
| 2021-07-25 18:32:43 | <DigitalKiwi> | https://www-users.cse.umn.edu/~arnold/disasters/patriot.html |
| 2021-07-25 18:33:07 | × | drd quits (~drd@93-39-151-19.ip76.fastwebnet.it) (Read error: Connection reset by peer) |
| 2021-07-25 18:33:25 | <arkanoid> | I'm really quite surprised that haskell ignores a problem that literally killed people |
| 2021-07-25 18:33:55 | → | drd joins (~drd@93-39-151-19.ip76.fastwebnet.it) |
| 2021-07-25 18:34:14 | × | dyeplexer quits (~dyeplexer@user/dyeplexer) (Remote host closed the connection) |
| 2021-07-25 18:34:49 | <nitrix> | There are a multitude of other ways for logic or arithmetic in software to be wrong that Haskell (or any language for that matter) can prove incorrect. |
| 2021-07-25 18:35:01 | <dsal> | Haskell lets you use types to express problems safely. It also lets you choose the wrong solutions to problems. |
| 2021-07-25 18:35:16 | × | drd quits (~drd@93-39-151-19.ip76.fastwebnet.it) (Read error: Connection reset by peer) |
| 2021-07-25 18:35:28 | <nitrix> | cannot* |
| 2021-07-25 18:35:55 | <jumper149> | arkanoid: If you really feel like `Int` is so bad, feel free to create a new Prelude, where all functions take `Integer`. At that point you might as well start to use `Natural` though. |
| 2021-07-25 18:35:56 | × | mc47 quits (~mc47@xmonad/TheMC47) (Remote host closed the connection) |
| 2021-07-25 18:36:05 | → | drd joins (~drd@93-39-151-19.ip76.fastwebnet.it) |
| 2021-07-25 18:36:36 | <nitrix> | They said they could; they're worried about "other code". |
| 2021-07-25 18:36:37 | <DigitalKiwi> | i use peno numbers in all of my rocket guaidance systems |
| 2021-07-25 18:36:58 | <DigitalKiwi> | peano |
| 2021-07-25 18:37:07 | <arkanoid> | yeah, I can run quickcheck on the entire problem domain to ensure that the called code doesn not contain Integer to Int conversion or whatever may raise overflow. Grep is more officient on that |
| 2021-07-25 18:37:08 | <[exa]> | DigitalKiwi: my point was, roughly, would throwing an exception instead of overflowing save anything there? |
| 2021-07-25 18:37:12 | <nitrix> | Not understanding that the moment they bring vendor code, the "other code" becomes "their code" and therefore their own liability. |
| 2021-07-25 18:37:13 | <vaibhavsagar[m]> | arkanoid: you might be under the impression that Haskell is the most advanced programming language that enables you to avoid all correctness and safety issues. Unfortunately that will never be tru |
| 2021-07-25 18:37:47 | <vaibhavsagar[m]> | it's still possible to write awful awful code with glaringly obvious logic bugs |
| 2021-07-25 18:38:03 | × | drd quits (~drd@93-39-151-19.ip76.fastwebnet.it) (Client Quit) |
| 2021-07-25 18:38:18 | <vaibhavsagar[m]> | we can help avoid some classes of issues, but not others |
| 2021-07-25 18:38:50 | → | drd joins (~drd@93-39-151-19.ip76.fastwebnet.it) |
| 2021-07-25 18:38:59 | <dsal> | That's generally true. Any language that doesn't let you write bugs doesn't let you write much of anything. |
| 2021-07-25 18:39:40 | <vaibhavsagar[m]> | but particularly in this case contrasted with e.g. Rust that cares a lot about memory safety but not so much about side effects |
| 2021-07-25 18:39:43 | → | curiousgay joins (~curiousga@77-120-186-48.kha.volia.net) |
| 2021-07-25 18:39:48 | <vaibhavsagar[m]> | the tradeoffs are different |
| 2021-07-25 18:40:14 | <nitrix> | For what it's worth, Rust's int types have the same behavior. |
| 2021-07-25 18:40:31 | <nitrix> | There's tooling to catch it and you can write tests too, but it's the exact same. |
| 2021-07-25 18:40:52 | <DigitalKiwi> | [exa]: oh yeah also the 737 MAX ;_; |
| 2021-07-25 18:40:56 | → | soft-warm joins (~soft-warm@2600:8801:db01:8f0:9615:1e45:d06d:2d70) |
| 2021-07-25 18:41:11 | <dsal> | arkanoid: grep will help you find the one thing you're worried about once. quickcheck will help you ensure your properties hold true. Using the right types will make it difficult to express incorrect logic (e.g. if you use `finite-typelits` you won't be able to have a value outside of your defined range) |
| 2021-07-25 18:41:43 | <arkanoid> | vaibhavsagar[m]: I had the illusion that having such high level control and math-rooted logic would have been a safer choice over other system programming languages, but I'm actually realising that it's not so different from others, Yeah I was expecting tradeoffs, but not on int overflow. |
| 2021-07-25 18:42:06 | <vaibhavsagar[m]> | ah, but haskell isn't a systems programming language |
All times are in UTC.