Hi everyone! I posted this question few days ago t...
# thinking-togetherp
Pezo - Zoltan Peto
07/16/2019, 12:23 PMHi everyone! I posted this question few days ago to hackernews and got to the frontpage. Maybe you are interested and/or might add comments to it. https://news.ycombinator.com/item?id=20431879
❤️ 1
s
Sankha Narayan Guria
07/19/2019, 6:54 PMHey sorry! I am the one who added that comment about F*. I just saw your response there
Sankha Narayan Guria
07/19/2019, 6:56 PMYou can take a look at Low* (a subset of F*) that can be compiled to high performance C code. Once you have C code you can use it from Unity/C#. Though I don't immediately see the value of doing that unless you need formal guarantees of something.
p
Pezo - Zoltan Peto
07/20/2019, 10:43 PMThanks! Yes that seems overkill then 🙂
a
alltom
08/12/2019, 12:41 AMDid you ever look into Fiat? I saw it come up in the comments and after skimming the paper, my interest is piqued!
The foundation of deductive synthesis in Fiat is _refinement_: a user starts out with a high-level specification that can be implemented in any number of different ways and iteratively refines the possible implementations until producing an executable (and hopefully efficient) implementation.http://plv.csail.mit.edu/fiat/papers/fiat-popl2015.pdf However, I have no experience with this notation, so I can’t understand almost any of the figures…
💡 2
❤️ 1
alltom
08/12/2019, 3:46 AMI wonder what the experience of using Fiat is like.
Does it degenerate to requiring so much specification that there's no interesting variance in the programs that it writes? Maybe that’s a better way to arrive at that program because what you write decomposes by feature rather than by computational step, but I’m still curious what that process is like for a programmer on average.
Another question is, if your code is used non-deterministically to write programs, how do you convince yourself that you’re done—that you won’t get some degenerate “return null” implementation next time you compile because you overlooked a hole in your spec? Do you add unit tests? The initial Cache ADT in the paper had that problem; it described a cache algorithm family that contained every cache algorithm including the one that never adds anything to the cache. The authors knew it had that problem, but in general, how do you?
k
Kartik Agaram
08/12/2019, 6:33 PM
Still reading, but @alltom I just wanted to say I'm really liking this paper. Gives me the strongest incentive yet to get further into Coq.
a
alltom
08/12/2019, 7:02 PMI’m with you, same here.
p
Pezo - Zoltan Peto
08/15/2019, 7:06 PM@alltom Thanks for sharing! I’ve seen myself Fiat in comments, but did not check yet. Now I will for sure! It really does sound the thing I am looking for… “a user starts out with a high-level specification that can be implemented in any number of different ways and iteratively refines”
Pezo - Zoltan Peto
08/15/2019, 7:07 PMThat is my main goal in general. (And seems the holy grail)
Pezo - Zoltan Peto
08/15/2019, 7:07 PM@Prathyush you might be interested too.
👍 1
a
alltom
09/10/2019, 8:53 PMJust saw this in MIT News: "Fiat Cryptography, developed by Adam Chlipala's Programming Languages and Verification group at CSAIL, automatically generates optimized cryptographic algorithms for all hardware platforms---and mathematically verifies them at the same time. Tests showed that its algorithms match the performance of the best handwritten code, but they're produced much faster. The automatically generated code has populated Google's BoringSSL, an open-source cryptographic library. Chrome and Android apps use the library to generate various keys needed to encrypt and decrypt data. Today about 90% of secure Chrome communications run Fiat Cryptography code."
2 Views