Weekly edition Kernel Security Distributions Contact Us Search Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

# A taste of Rust

## A taste of Rust

Posted Apr 18, 2013 5:52 UTC (Thu) by ssmith32 (subscriber, #72404)
Parent article: A taste of Rust

It's a nit, but I don't think Godel's Incompleteness Theorem applies.. You don't have to be able to construct a set of axioms that prove every mathematical truth in order to have a language that lets programmers say whatever they want to say.

(Log in to post comments)

A taste of Rust

Posted Apr 18, 2013 9:55 UTC (Thu) by k3ninho (subscriber, #50375) [Link]

The portion of Gödel's Incompleteness Theorem used here is the 'breaking the bounds of the box you specified' part. The incompleteness of two books for library cataloguing, one listing the books which do refer to themselves and one listing the books which don't refer to themselves, necessitates an incomplete catalogue and is a tidy example of Gödel's Incompleteness Theorem.

K3n.

A taste of Rust

Posted Apr 18, 2013 10:51 UTC (Thu) by tsmithe (subscriber, #57598) [Link]

No, that's not an example of Gödelian incompleteness; it's just an example of diagonalisation. Gödel's first theorem says specifically that no countably axiomatisable theory can be both consistent and complete; and, indeed, the proof of the theorem is a diagonal argument like that of your books. There are many fundamental results in mathematics -- such as Cantor's, or Church's -- along similar lines, and though related, they are all different results.

A taste of Rust

Posted Apr 18, 2013 13:26 UTC (Thu) by branden (subscriber, #7029) [Link]

I think you're mis-stating the results of Goedel's Incompleteness Theorems (there are two).

Rewording things very loosely (perhaps enough that I'll get myself into trouble), the GITs say that any semantic system sufficiently expressive to prove statements about simple arithmetic is necessarily at least either incomplete (meaning that some statements cannot be proven at all within the system) or inconsistent (meaning that some statements can be proven both true and false using only the basic axioms and other statements proven true within the system).

It is, of course, possible to have a system that is both incomplete *and* inconsistent.

So, basically, it's worse than you think:

"You don't have to be able to construct a set of axioms that prove every mathematical truth in order to have a language that lets programmers say whatever they want to say."

If you let programmers say whatever they want to say, you're guaranteed to have a language that permits them to express undefinable things. (Having just seen Peter Sewell's talk, "The C Language: It's not What You Think It Is!" at LFCS earlier this week, I have the strong impression that real-world programming languages will dash themselves upon the rocks of undefined semantics and/or machine state in multifarious ways long before reaching any sort of limitations on coherent expressiveness imposed by Goedel.)

Furthermore, I'm not sure I took part of your meaning correctly, but: an axiomatic system that directly asserted every mathematical truth would 1) not require logic or proofs, 2) consist of an uncountably huge number of axioms, surpassing all storage and computability requirements; and 3) per GITs, would be inconsistent anyway. (I think.)

N.B., I have not actually played with GITs' application to programming languages in any formal or academic sense, and I will happily yield the floor to someone who has.

A taste of Rust

Posted Apr 18, 2013 21:29 UTC (Thu) by tx (subscriber, #81224) [Link]

As others have said, I think the statement you make doesn't quite follow from the GIT; that being said, I think you're right that GIT doesn't apply.

"This could be viewed as an admission of failure to provide a truly safe language, however that view would be overly simplistic. In the first place, Gödel's incompleteness theorem seems to suggest that any programming language which is rich enough to say all that we might want to say is also so rich that it cannot possibly be considered to be "safe". "

I think of GIT w.r.t. programming languages more in the light of things like Turing completeness and the halting problem (where self-reference can lead to undecidability). "unsafe" seems a more practical than theoretical issue relating to functional purity.

Hm, now that I type this; however, it does occur to me that one real world usage of null pointer casting could be to subvert an otherwise consistent type system which would be necessary to allow a programmer to say whatever (s)he wants. So I guess I'm disagreeing with myself :)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds