Fredrik Lundh wrote: > Neil Hodgson wrote: > > >> Yes, the rule has obvious shortcomings, but OTOH if it had enabled >>reasonable formal verification... > > > I somehow find it hard to believe that you could write a multi-exit > function that cannot be trivially and automatically converted to a > single-exit function, for further analysis... > Besides which I'm somewhat sceptical about formal verification methods.
While outwardly they apear to offer a technique for making software more reliable there are two shortcomings I'm leery of. First, no verification program can verify itself; secondly the requirements sepcifications for formal verification are way beyond what a normal user is capable of specifying, making them an even worse tool for specification. regards Steve -- Steve Holden +44 150 684 7255 +1 800 494 3119 Holden Web LLC www.holdenweb.com PyCon TX 2006 www.python.org/pycon/ -- http://mail.python.org/mailman/listinfo/python-list
