logoalt Hacker News

Salt v1.0.0 – a systems language with Z3 theorem proving in the compiler

17 pointsby bneb-devtoday at 5:05 PM8 commentsview on HN

Comments

csb6today at 7:13 PM

For people looking for other languages with statically checked contracts, you might want to check out SPARK, which has been around in some form since the late 1980s. It is a subset of the Ada language and had been used for safety critical code in aerospace and defense projects, as well as for some Nvidia firmware.

It also uses Z3 to discharge proof obligations generated by the contract annotations, and it lets you use swap out different theorem provers as backends.

The GNAT Ada compiler (which is part of GCC) allows you to turn off the dynamic safety checks that are usually inserted into Ada programs at build time so you can optionally remove them if they are proven unnecessary.

Here are some resources for comparison:

- https://www.adacore.com/languages/spark

- https://learn.adacore.com/courses/intro-to-spark/chapters/01...

show 1 reply
skybriantoday at 6:33 PM

This looks pretty impressive but it’s all AI-generated (or written in a similar style) and therefore the documentation is lacking.

There is a language specification [1][2] but it lacks coherence.

I think the way to improve it would be to try to teach this language to people and get feedback from them. That is, it needs beta testers. It looks like there’s no community of users yet?

[1] https://github.com/bneb/lattice/blob/main/docs/SPEC.md

[2] https://github.com/bneb/lattice/blob/main/SYNTAX.md

show 1 reply
luckystarrtoday at 6:33 PM

> [int overflows, etc.] No runtime cost when Z3 can prove it. Otherwise, the compiler emits a safe runtime check as fallback.

Super interesting approach. I see this eventually be integrated into future mainstream languages, though that may take a while. I suspect that the game programming crowd will try to use it first, due to the possibility to prove certain edge cases at compile time and skip the runtime cost. But perhaps this optimization drive is no longer the case because we've got bazillions of cores nowadays. I may be too old for these predictions. Cool nonetheless.

show 1 reply
bneb-devtoday at 5:05 PM

[flagged]