[Decider] Cyclers

Nathan-Fenner · September 4, 2022, 6:59pm

I’ve created a second implementation of the Cyclers decider(*) in Dafny. Dafny (GitHub - dafny-lang/dafny: Dafny is a verification-aware programming language) is a “verification-aware programming language”. This means that it’s possible to not only write up an implementation, it is possible to ask Dafny to prove that the implementation is correct.

In addition to writing plain code, Dafny allows you to write specifications that describe the expected behavior of your code. The compiler then confirms that all of your specifications are correct. In this case, this culminates in writing:

// This method returns the nth TM state for a program, starting from the
// initial state.
function method machine_iter_n(program: Program, n: nat): MachineStep {
  machine_step_n(program, initial, n)
}

// By definition, a machine halts if there's a step such that at that point, it halts.
predicate program_eventually_halts(program: Program) {
  exists n :: n >= 0 && machine_iter_n(program, n).Halt?
}

predicate program_loops_forever(program: Program) {
  !program_eventually_halts(program)
}

method cyclers_decider(program: Program, time_limit: nat)
returns (finds_loop: bool)
ensures finds_loop ==> program_loops_forever(program) {
  ...
}

In particular, assuming the implementation of the single-step TM function machine_step_n can be trusted, this ensures that when cyclers_decider returns true, the corresponding TM really does halt. This means that bugs in the cyclers_decider function cannot cause false positives!

Differences

In this program, the configuration is described relative to the head of the machine, not relative to the starting position. That means that https://bbchallenge.org/59645887 is a cycler, not a translated cycler!

However, it will still be defeated by other translated cyclers like https://bbchallenge.org/15167997 since the configuration relative to the head of the machine grows without bound.

For this reason, I expect the resolved machines to be a strict superset of the existing cycler output, and a strict subset of the existing translated cycler output.

Decider code

github.com

Nathan-Fenner/bbchallenge-dafny-deciders/blob/main/cyclers-decider.dfy

// A bit is either 0 or 1.
datatype Bit = B0 | B1
// A tape is a cons-list of bits. InfiniteZeros conceptually represents an infinite sequence of 0s.
// Hence, it is a "half-infinite" tape of bits, describing "one side" of the Turing machine
// configuration.
// We use the name 'RawTape' here since these are not normalized; we want to avoid
// having tapes like "010..." since there is no difference between "010..." and "01...".
datatype RawTape = InfiniteZeros | Cons(head: Bit, tail: RawTape)

// A tape is "good" if it doesn't end in a B0 bit.
// Therefore, it must be empty, or if its head is B0, the next one is not empty.
// Additionally, its tail must be "good".
predicate good_tape(r: RawTape) {
  r == InfiniteZeros || (good_tape(r.tail) && (r.head == B0 ==> r.tail != InfiniteZeros))
}

// A `Tape` is any `RawTape` which does not end in a B0.
// This ensures that each Tape represents a genuinely different state.
type Tape = t: RawTape | good_tape(t) witness InfiniteZeros

This file has been truncated. show original

Remaining Tasks
I’ve updated the file to include a basic test; it runs the current BB(5) candidate for 47_176_869 steps and confirms that it has not halted, and then runs for 47_176_870 steps and confirms that it has.

I still need to run the decider itself to confirm the results and make sure that there’s no bugs in the specification.