Hacker News new | ask | show | jobs
by stuarthalloway 763 days ago
Formal verification is very powerful but still not full assurance. Fun fact: Testing and monitoring of Datomic has sometimes uncovered design flaws in underlying storages that formal verification missed.
2 comments
asa400 762 days ago
Is there anything I can read about what capabilities Datomic requires of the underlying storages it uses?
link
nine_k 763 days ago
What kind of flaws? I would expect performance problems.
link
jupp0r 762 days ago
To start with, you usually perform verification on a behavioral model and not on the code itself. This opens up the possibility that there are behavioral differences between the code itself and the model which wouldn't be caught.
link
nine_k 762 days ago
Could you offer an example?
link
jupp0r 762 days ago
If you work through the TLA+ tutorial[1] it will help you get a good idea of the benefits and limitations of verification.

[1] https://learntla.com/

link