Scribd Logo
Upload

Welcome to Scribd!

  • 31 views

    Writing Bug-Free Code Using Theorem Provers

    Uploaded by

    Jexia
    The document discusses issues with current software testing practices and proposes using theorem provers to help develop bug-free code. It notes that while testing can find many bugs, it cannot prove the absence of bugs. The document then introduces theorem provers as a way to formally prove properties and the correctness of code. It provides examples of theorem provers being used and argues they could revolutionize software quality if used to prove critical properties of open-source code before commits. In conclusion, it asserts that great code is key for society and theorem provers may help ensure code is correct "to infinity and beyond."

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Writing Bug-Free Code Using Theorem Provers

    Uploaded by

    Jexia
    31 views32 pages
    The document discusses issues with current software testing practices and proposes using theorem provers to help develop bug-free code. It notes that while testing can find many bugs, it cannot prove the absence of bugs. The document then introduces theorem provers as a way to formally prove properties and the correctness of code. It provides examples of theorem provers being used and argues they could revolutionize software quality if used to prove critical properties of open-source code before commits. In conclusion, it asserts that great code is key for society and theorem provers may help ensure code is correct "to infinity and beyond."

    Original Description:

    Writing Bug-Free Code Using Theorem Provers

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses issues with current software testing practices and proposes using theorem provers to help develop bug-free code. It notes that while testing can find many bugs, it cannot prove the absence of bugs. The document then introduces theorem provers as a way to formally prove properties and the correctness of code. It provides examples of theorem provers being used and argues they could revolutionize software quality if used to prove critical properties of open-source code before commits. In conclusion, it asserts that great code is key for society and theorem provers may help ensure code is correct "to infinity and beyond."

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    31 views32 pages

    Writing Bug-Free Code Using Theorem Provers

    Uploaded by

    Jexia
    The document discusses issues with current software testing practices and proposes using theorem provers to help develop bug-free code. It notes that while testing can find many bugs, it cannot prove the absence of bugs. The document then introduces theorem provers as a way to formally prove properties and the correctness of code. It provides examples of theorem provers being used and argues they could revolutionize software quality if used to prove critical properties of open-source code before commits. In conclusion, it asserts that great code is key for society and theorem provers may help ensure code is correct "to infinity and beyond."

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 32

    Writing Bug-Free Code

    Using Theorem Provers

    Aaron Stump
    Computer Science
    The University of Iowa

    1
    Coding Bliss

    The world is running on code

    We are benevolent heroes!

    2
    Coding Bloodbath

    The world is crashing on code

    We are arrogant villains!

    3
    What Makes Software Lousy?
    • Unclear requirements
    Bad interfaces, missing features, unnecessary features

    • Bad coding style


    Hard to maintain, lots of cutting and pasting, convoluted

    • Bugs
    Invariants broken, function contracts not met,
    resources misused

    4
    What Makes Software Lousy?
    • Unclear requirements
    Bad interfaces, missing features, unnecessary features

    • Bad coding style


    Hard to maintain, lots of cutting and pasting, convoluted

    • Bugs
    Invariants broken, function contracts not met,
    resources misused

    "Building error-free trading software is impossible,


    and that makes today's stock markets even more fragile."

    5
    Is error-free code impossible?

    6
    Current Practice: Testing

    7
    Current Practice: Testing

    8
    Current Practice: Testing

    9
    Current Practice: Testing

    10
    Current Practice: Testing

    11
    Current Practice: Testing

    12
    Current Practice: Testing

    13
    Current Practice: Testing

    14
    Current Practice: Testing

    15
    Current Practice: Testing

    16
    Current Practice: Testing

    17
    Current Practice: Testing

    18
    Current Practice: Testing

    19
    Current Practice: Testing

    20
    Current Practice: Testing

    21
    Current Practice: Testing

    22
    Testing Pros and Cons

    + Relatively easy to write tests


    + Applies to modules, subsystems, systems
    + Reveals many bugs in practice
    + Relatively easy to adapt as code changes

    23
    Testing Pros and Cons

    + Relatively easy to write tests


    + Applies to modules, subsystems, systems
    + Reveals many bugs in practice
    + Relatively easy to adapt as code changes

    - Cannot prove absence of bugs

    24
    Q. Is there any way to prove the absence of bugs in code?

    25
    Q. Is there any way to prove the absence of bugs in code?
    A. Yes, with a theorem prover!

    26
    Theorem-Proving Tools
    • Have been around since the late 1970s

    • Increased adoption in academia, industry


    Quality of tools has improved
    Need for tools has skyrocketed

    • Applied for verification


    seL4 mobile phone microkernel [Isabelle]
    CompCert optimizing C compiler [Coq]
    Quark web browser [Coq]

    • Also for mathematics


    Four-Color Theorem [Coq]
    Feit-Thompson Theorem [Coq]
    Kepler Conjecture [Isabelle]

    27
    The Agda Theorem Prover
    • From Chalmers U. of Technology, Sweden

    • Supports verified pure functional programming


    Inductive datatypes (immutable)
    Anonymous functions, higher-order functions
    Pattern-matching, recursion

    • One language for programs, proofs


    Proofs correspond to terminating functional programs
    Curry-Howard isomorphism
    Mathematical induction = terminating recursion
    Minimalistic language, very elegant
    Supports only constructive logic

    • Unicode support, user-defined mixfix notation

    demo
    28
    The Future of Programming?
    • Revolutionize open-source
    Anyone can be a committer
    (Just require proofs on commit)

    • Quantum leap in software quality


    Prove critical properties
    Issue: still need to prove the right properties

    • Software engineering gets harder


    How to use development budget?
    More complicated tradeoffs

    • Happier programmers
    Proving software correct is awesome experience
    Watching it actually run correctly even better!

    29
    Conclusion

    • Software is increasingly critical for society

    • We programmers have an important role

    • Great code is a key ingredient

    • Testing only goes so far

    • Theorem provers: to infinity and beyond!

    Slides written in slideshow (www.racket-lang.org)

    Thank you!

    30
    The University of Iowa
    Computing Conference (UICC)

    • Run by U. Iowa ACM student chapter

    • Intended for computing students in the region

    • Outside speakers

    • Programming/puzzle contest

    • Will be Feb. 28/March 1 for 2014

    http://acm.cs.uiowa.edu/uicc/schedule.html

    31
    CS Graduate Program at U. Iowa
    • Master of Computer Science (MCS)
    Improve credentials, knowledge, for industry
    Typically 2 years, 10 grad classes
    New for 2014: Regional Scholars Fellowship
    Teaching assistantship for one academic year
    Tuition, plus stipend (approx $2000/month)
    Renewable for second year with GPA of 3.25

    • Doctor of Philosophy (PhD)


    Original research, advanced expertise
    Preparation for career in academia, industrial research
    Typically 5-6 years
    Supported through teaching assistantships, fellowships
    Recent placements: Yahoo! Research, MIT (postdoc), Amazon

    32

    You might also like