[SystemSafety] Number Theorist Fears All Published Math Is Wrong

Roderick Chapman rod at proteancode.com
Wed Oct 30 10:45:06 CET 2019


On 29/10/2019 18:39, Derek M Jones wrote:
> I am saying that proofs of correctness don't exist, only evidence that
> certain kinds of behavior have not been found.

I'd don't think I can agree with that.

In addition to the usual proofs of absence of the most obvious defects, 
I can think of several projects where some non-trivial proofs of 
correctness have been achieved against a formal specification. Most of 
the ones I know of are coded in SPARK, but there are others (e.g. 
Amazon's "s2n" TLS stack and projects using Frama-C).

Of course, these proofs depend on assumptions - that the compiler is 
non-malicious, that the CPU executes the semantics of its ISA 
as-advertised and so on, but I've found those to be both reasonable and 
manageable risks in the past...

Simple example: in SHOLIS, I had to implement a truncating integer 
square root algorithm with the following specification (expressed in 
SPARK 2014 for the purposes of this email):

    subtype Sqrt_Domain is Integer range 0 .. 2**31 - 1;
    subtype Sqrt_Range  is Integer range 0 .. 46340;

    function Sqrt (X : in Sqrt_Domain) return Sqrt_Range
      with Post => (Sqrt'Result * Sqrt'Result) <= X and
                   (Sqrt'Result + 1) * (Sqrt'Result + 1) > X;

Now... there are several ways to implement that - binary chop search, 
Newton-Raphson, Von-Neumann's algorithm etc. etc.  We chose binary chop, 
and proved it correct against that specification. I can post the code, 
VCs and so on if anyone is really interested.

So... why does Derek object to this as a "proof of correctness"?

(An aside: In 1996 (when I wrote that code) we also considered 
Von-Neumann's algorithm, but rejected it because it is rather not 
obvious how it works, and no-one could derive a loop invariant for it at 
the time.  More recently, the team at AdaCore and the Why3 team did 
manage to refine the correct loop invariant and produce a semi-automated 
proof of it - the first mechanized proof of the algorithm that I have 
seen. It's entertaining, and we hope to write it up at some point. The 
algorithm appears in Henry Warren's "Hacker's Delight" if you're not 
familiar with it...)

  - Rod


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20191030/b5fa4b8d/attachment.html>


More information about the systemsafety mailing list