HN

Need help?
<- Back
How to train your program verifier

How to train your program verifier

matt_d

Comments (16)

  • woodruffw
    At a very quick look, no evidence is given that the "bugs" found in requests are in fact reachable, i.e. not prevented by construction. And sure enough, the very first one is impossible because of a validating guard[1]: `address_in_network` only gets called after `is_valid_cidr`, which enforces the presence of a slash.I think we should hold claims about effective static analysis and/or program verification to a higher standard than this.[1]: https://github.com/psf/requests/blob/4bd79e397304d46dfccd76f...
  • saithound
    What if you asked your favorite AI agent to produce mathematics at the level of Vladimir Voevodsky, Fields Medal-winning, foundation-shaking work but directed toward something the legendary Nikolaj Bjørner (co-creator of Z3) could actually use?Well, you'd get this embarrassing mess, apparently.
  • grey-area
    I miss the days when humans submitted things they had done to this site, instead of generating long slop articles in 5 minutes: ‘LLM‑based code synthesis—while mind-numbingly effective—’ about slop code they generated in 5 minutes (or worse in hours) with foolish prompts:’Produce mathematics at the level of Vladimir Voevodsky, Fields Medal-winning, foundation-shaking work’.Should we even read this or should we get an LLM to summarise it onto a few bullet points again?This bit was interesting in illuminating the human authors’ credulity (assuming they believe in their own article):‘The central move was elegant: stop asking only “is the system safe?“, start asking “how far is it from safety?“‘This ersatz profundity couched in a false opposition is common in generated text - does it have anything at all to do with the code generated or is it all just convincing bullshit?
  • stratos123
    The very first example in this post: # requests/utils.py:670 def address_in_network(ip, net): ipaddr = struct.unpack("=L", socket.inet_aton(ip))[0] netaddr, bits = net.split("/") # ^^^^^^^^^^^^^^^^ # ValueError if net has no "/", BOUNDS if split returns 1 element The BOUNDS part is technically correct, though a search over the codebase will show that it's never triggered since this function is called only after verifying net via is_valid_cidr. But the ValueError part is entirely false, "something".split("/") does not raise an error. Knowing the semantics of str.split is Python basics, so the way I interpret this result is that the authors' "favorite model" correctly inferred they won't actually question any of its outputs, and fed them a load of bullshit.
  • naillang
    [dead]
  • dhjjdjjjd
    [dead]