Reply to experimental totality comment

ploeh · May 24, 2022 · 50538e6 · 50538e6
1 parent fda4c2b
commit 50538e6
Showing 1 changed file with 22 additions and 1 deletion.
diff --git a/_posts/2015-05-07-functional-design-is-intrinsically-testable.html b/_posts/2015-05-07-functional-design-is-intrinsically-testable.html
@@ -348,7 +348,7 @@ <h2 id="comments-header">
         While less thorough than proofs, such a technique could be applied to most any system with static typing through meta-programming and conventions to find type constraints (i.e. via factory functions).
         The proportion of inputs that error or timeout could be a consistent measure for migrating systems to more total, and less surprising, functions.
       </p>
-      <p></p>
+      <p>
         Thoughts?
       </p>
     </div>
@@ -376,4 +376,25 @@ <h2 id="comments-header">
     </div>
     <div class="comment-date">2022-05-24 6:27 UTC</div>
   </div>
+  <div class="comment" id="12fc077b72914a93828887a2c17a9ccc">
+    <div class="comment-author"><a href="https://spencerfarley.com">Spencer Farley</a></div>
+    <div class="comment-content">
+      <p>
+        You make an excellent point. If I understand correctly, many domains are effectively infinite so coverage of random testing is effectively negligable.
+      </p>
+      <p>
+        My connection to totality came from trying to understand what Clojure spec's instrument function is really testing. 
+        It's a property, but the property only knows the shape of the domain and range. It knows nothing about relationships between specific input and output values.
+        Therefore, it doesn't verify business domain correctness. Rather, it's checking that the range holds true for a sampling of valid input values.
+      </p>
+      <p>
+        In light of your insight, it may be more fair to say this is a coverage "surprise" check. It can run common edge cases and input scenarios to make sure they return 
+        values from the advertized range rather than exceptions (or fail to terminate). As you discerned, it cannot generally detect adversarial implementations that would violate totality.
+      </p>
+      <p>
+        Thank you for taking the time to consider this idea and share your expertise!
+      </p>
+    </div>
+    <div class="comment-date">2022-05-24 14:22 UTC</div>
+  </div>
 </div>