Lecture 9: Mini-Project: Milestone

Week 9 | May 25 – May 31

L07 and L08 hand-built verification engines from scratch. Tonight looks at solver-aided programming as it was in 2009 and as it is today. Practice walks PEC, a research tool that proved compiler optimizations correct by reducing parameterized equivalence to bounded SMT obligations. Theory rebuilds the same machinery in Rosette, where verify, solve, and synthesize are first-class language constructs. Studio is a design-review clinic for the Friday project milestone.

What We Cover

Practice walks PEC, a 2009 tool that proved compiler optimizations correct once and for all. The page motivates with compiler bugs from CSmith and EMI, then introduces parameterized programs (with metavariables for variables, expressions, and statements), rewrite rules (FIND + REPLACE + WHERE), and equivalence as agreement on live variables under every substitution. The algorithm splits into three steps: find synchronization points in the two CFGs, seed invariants from ${\sigma }_1={\sigma }_2$ plus branch conditions, and discharge each path-pair obligation with a solver. A closing callout names the simulation-relation framing that XCert later mechanized in Rocq.

Theory rebuilds the same kind of tool in Rosette. L07 and L08 together were about 800 lines of Python that walked an AST, encoded SMT, and dispatched to Z3. Rosette puts the same machinery into #lang rosette and adds program synthesis. The page runs verify, solve, assume, and synthesize on bvudiv2 from L01, then shows Rosette as a host language: a 20-line interpreter over a tiny bitvector ISA becomes a verifier and synthesizer for any program in that ISA. Three applications (CNTS radiotherapy verifier, Jitterbug eBPF JIT verifier, Lakeroad FPGA synthesizer) show what this scales to.

Studio centers on the project, with the milestone due Friday.