Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/hwayne/lets-prove-leftpad

Proving leftpad correct two-dozen different ways
https://github.com/hwayne/lets-prove-leftpad

Last synced: 4 days ago
JSON representation

Proving leftpad correct two-dozen different ways

Host: GitHub
URL: https://github.com/hwayne/lets-prove-leftpad
Owner: hwayne
License: other
Created: 2018-05-07T23:48:37.000Z (over 6 years ago)
Default Branch: master
Last Pushed: 2024-02-05T23:10:05.000Z (9 months ago)
Last Synced: 2024-08-03T01:39:33.069Z (3 months ago)
Language: SystemVerilog
Homepage:
Size: 463 KB
Stars: 629
Watchers: 15
Forks: 60
Open Issues: 3
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

        # Let's Prove Leftpad

This is a repository of provably-correct versions of Leftpad. You can read more about the project's motivations and history [here](https://www.hillelwayne.com/post/lpl/).

## What is "provably-correct"?

**Provably correct code** is code that you can totally guarantee does what you say it does. You do this by providing a [**proof** that a computer can check](https://en.wikipedia.org/wiki/Formal_methods). If the proof is wrong, the code won't compile.

Compare to something like testing: even if you test your function for 1,000 different inputs, you still don't know _for sure_ that the 1,001st test will pass. With a proof, though, you know your function will work for all inputs, regardless of whether you try a thousand or ten trillion different test cases. Proving code correct is really, really powerful. It's also mindbogglingly hard, which is why most programmers don't do it.

This is a sampler of all the different tools we can use to prove code correct, standardized by all being proofs for Leftpad.

## What is "leftpad"?

Leftpad is a function that takes a character, a length, and a string, and pads the string to that length. It pads it by adding the character to the left. So it's adding *padding* on the *left*. Leftpad.

```

>> leftpad('!', 5, "foo")

!!foo

>> leftpad('!', 0, "foo")

foo

```

## Why are we proving leftpad?

Because it's funny.

And because leftpad is a great demo for different proof techniques. The idea is simple, the implementation is simple, but the **specification** (what you actually, formally want it to do) is surprisingly tricky. Specifically, you need to prove things for it to be leftpad:

1. The length of the output is `max(n, len(str))`

2. The prefix of the output is padding characters and nothing but padding characters

3. The suffix of the output is the original string.

A proof of leftpad is going to be small enough to be (mostly) grokkable by Formal Methods outsiders, while being complex enough to differentiate the ways we prove code correct.

## I want to contribute!

We'd love to have you! Please [read the contribution guidelines](https://github.com/hwayne/lets-prove-leftpad/blob/master/CONTRIBUTING.md), and then submit your favorite proofs!

### Plug

If you want to learn more about formal methods, I shout at clouds on my [website](https://hillelwayne.com) and on [bluesky](https://bsky.app/profile/hillelwayne.com).