Well-Typed Programs Can Go Wrong
================================
{#asd}
-------
\begin{code}
main = putStrLn "Easter Egg: to force Makefile"
\end{code}
Division By Zero
----------------
\begin{spec}
λ> let average xs = sum xs `div` length xs
λ> average [1,2,3]
2
\end{spec}
\begin{spec}
λ> average []
*** Exception: divide by zero
\end{spec}
Missing Keys
------------
\begin{spec}
λ> :m +Data.Map
λ> let m = fromList [ ("haskell", "lazy")
, ("pyret" , "eager")]
λ> m ! "haskell"
"lazy"
\end{spec}
\begin{spec}
λ> m ! "racket"
"*** Exception: key is not in the map
\end{spec}
Segmentation Faults
-------------------
\begin{spec}
λ> :m +Data.Vector
λ> let v = fromList ["haskell", "pyret"]
λ> unsafeIndex v 0
"haskell"
\end{spec}
\begin{spec}
λ> V.unsafeIndex v 3
'ghci' terminated by signal SIGSEGV ...
\end{spec}
"HeartBleeds"
-------------
\begin{spec}
λ> :m + Data.Text Data.Text.Unsafe
λ> let t = pack "Shriram"
λ> takeWord16 5 t
"Shrir"
\end{spec}
Memory overflows **leaking secrets**...
\begin{spec}
λ> takeWord16 20 t
"Shriram\1912\3148\SOH\NUL\15928\2486\SOH\NUL"
\end{spec}
Goal
----
Extend Type System
+ To prevent *wider class* of errors
+ To enforce *program specific* properties
Algorithmic Verification
========================
Tension
-------
Automation vs. Expressiveness
Tension
-------
Extremes: Hindley-Milner vs. CoC
Tension
-------
Trading off Automation for Expressiveness
Tension
-------
**Goal:** Find a sweet spot?
Refinement Types
----------------
[[continue]](01_SimpleRefinements.lhs.slides.html)