Functional Programming with Isabelle/HOL
|
|
- Alan Bailey
- 5 years ago
- Views:
Transcription
1 Functional Programming with Isabelle/HOL = Isabelle λ β HOL α Florian Haftmann Technische Universität München January 2009
2 Overview Viewing Isabelle/HOL as a functional programming language: 1. Isabelle/HOL Specification Tools. 2. Code Generation from Isabelle/HOL-Theories. 3. Behind the Scene. 1 / 18
3 Overview Viewing Isabelle/HOL as a functional programming language: 1. Isabelle/HOL Specification Tools. 2. Code Generation from Isabelle/HOL-Theories. 3. Behind the Scene. Isabelle/HOL code generation SML / OCaml / Haskell specification tools 1 / 18
4 Isabelle/HOL specification tools
5 The definitional game Aim: write programs in Isabelle/HOL as naturally as in, say, SML... Isabelle/HOL specification tools 3 / 18
6 The definitional game Aim: write programs in Isabelle/HOL as naturally as in, say, SML... but it s not enough just to claim arbitrary things: axiomatization nonsense :: nat nat where nonsense-def : nonsense n = Suc (nonsense n) Isabelle/HOL specification tools 3 / 18
7 The definitional game Aim: write programs in Isabelle/HOL as naturally as in, say, SML... but it s not enough just to claim arbitrary things: axiomatization nonsense :: nat nat where nonsense-def : nonsense n = Suc (nonsense n) lemma 0 = Suc 0 proof from nonsense-def have nonsense 0 nonsense 0 = Suc (nonsense 0) nonsense 0 by simp then show 0 = Suc 0 by simp qed Isabelle/HOL specification tools 3 / 18
8 The definitional game Aim: write programs in Isabelle/HOL as naturally as in, say, SML... but it s not enough just to claim arbitrary things: axiomatization nonsense :: nat nat where nonsense-def : nonsense n = Suc (nonsense n) lemma 0 = Suc 0 proof from nonsense-def have nonsense 0 nonsense 0 = Suc (nonsense 0) nonsense 0 by simp then show 0 = Suc 0 by simp qed Things have to be properly constructed, that is: Find an appropriate primitive definition. Derive desired specification (honest toil). Specification tools automate this. Isabelle/HOL specification tools 3 / 18
9 The Isabelle/HOL toolbox Isabelle/HOL code generation SML / OCaml / Haskell specification tools inductive predicates Knaster-Tarski fixed point theorem inductive datatypes inductive predicate plus typedef primitive recursion primitive recursion combinator terminating functions explicit function graph plus definite choice Isabelle/HOL specification tools 4 / 18
10 Type classes Leightweight mechanism for overloading plus abstract specification. Example: algebra Isabelle/HOL specification tools 5 / 18
11 Code generator basics
12 Code generation paradigms proof extraction animates proof derivations in the spirit of the Curry- Howard isomorphism (cf. Coq) Code generator basics 7 / 18
13 Code generation paradigms proof extraction animates proof derivations in the spirit of the Curry- Howard isomorphism (cf. Coq) shallow embedding identifies term language of logic with term language of target language Code generator basics 7 / 18
14 Code generation paradigms proof extraction animates proof derivations in the spirit of the Curry- Howard isomorphism (cf. Coq) shallow embedding identifies term language of logic with term language of target language In the HOL tradition the second approach is favoured, Isabelle/HOL permits proof extraction, though. Code generator basics 7 / 18
15 Code generation paradigms proof extraction animates proof derivations in the spirit of the Curry- Howard isomorphism (cf. Coq) shallow embedding identifies term language of logic with term language of target language In the HOL tradition the second approach is favoured, Isabelle/HOL permits proof extraction, though. Isabelle/HOL code generation SML / OCaml / Haskell specification tools Code generator basics 7 / 18
16 Code generation using shallow embedding Correctness criterion: semantics of generated target language program P describes a term rewrite system where each derivation can be simulated in the theory Θ of the logic: sum [Suc Zero_nat, Suc Zero_nat] t identification t datatype nat = Suc of nat Zero_nat; fun plus_nat (Suc m) n = plus_nat m (Suc n) plus_nat Zero_nat n = n; fun sum [] = Zero_nat sum (m :: ms) = plus_nat m (sum ms); E Θ code generation E P Suc (Suc Zero_nat) u identification u Code generator basics 8 / 18
17 Code generation using shallow embedding Correctness criterion: semantics of generated target language program P describes a term rewrite system where each derivation can be simulated in the theory Θ of the logic: sum [Suc Zero_nat, Suc Zero_nat] t identification t datatype nat = Suc of nat Zero_nat; fun plus_nat (Suc m) n = plus_nat m (Suc n) plus_nat Zero_nat n = n; fun sum [] = Zero_nat sum (m :: ms) = plus_nat m (sum ms); E Θ code generation E P Suc (Suc Zero_nat) u identification u (partial correctness) Code generator basics 8 / 18
18 Examples amortised queues amortised queues with poor man s datatype abstraction algebra with type classes Code generator basics 9 / 18
19 A closer look at code generation
20 How does a code generator look like? A closer look at code generation 11 / 18
21 How does a code generator look like? A closer look at code generation 11 / 18
22 Architecture Isabelle/HOL tools Isabelle theory selection SML OCaml... Haskell serialisation preprocessing code equations translation intermediate language A closer look at code generation 12 / 18
23 Intermediate language purpose: add structure to bare logical equations A closer look at code generation 13 / 18
24 Intermediate language purpose: add structure to bare logical equations data κ α k = f 1 of τ 1... f n of τ n fun f :: α::s k. τ where f [α::s k ] t 1 = t 1... f [α::s k ] t k = t k class c c 1... c m where f 1 :: α. τ 1,..., f n :: α. τ n inst κ α::s k :: c where f 1 [κ α::s k ] = t 1,..., f n [κ α::s k ] = t n... a kind of Mini-Haskell A closer look at code generation 13 / 18
25 Intermediate language purpose: add structure to bare logical equations data κ α k = f 1 of τ 1... f n of τ n fun f :: α::s k. τ where f [α::s k ] t 1 = t 1... f [α::s k ] t k = t k class c c 1... c m where f 1 :: α. τ 1,..., f n :: α. τ n inst κ α::s k :: c where f 1 [κ α::s k ] = t 1,..., f n [κ α::s k ] = t n... a kind of Mini-Haskell... not All-gol, but Thin-gol A closer look at code generation 13 / 18
26 Selecting Two degrees of freedom: code equations by default: definition, primrec, fun, function explicitly: attribute [code] datatype constructors by default: datatype, record explicitly: code-datatype A closer look at code generation 14 / 18
27 Preprocessing Interface to plugin arbitrary theorem transformations: rewrites simpset function transformators theory -> thm list -> thm list A closer look at code generation 15 / 18
28 Serialising Adaption to target-language specifics: improving readability and aesthetics of generated code (bools, tuples, lists,... ) gaining efficiency (target-language integers) interface with language parts which have no direct counterpart in HOL (imperative data structures) A closer look at code generation 16 / 18
29 Serialising Adaption to target-language specifics: improving readability and aesthetics of generated code (bools, tuples, lists,... ) gaining efficiency (target-language integers) interface with language parts which have no direct counterpart in HOL (imperative data structures)... but: know what you are doing! A closer look at code generation 16 / 18
30 Serialising Adaption to target-language specifics: improving readability and aesthetics of generated code (bools, tuples, lists,... ) gaining efficiency (target-language integers) interface with language parts which have no direct counterpart in HOL (imperative data structures)... but: know what you are doing! Remember the fundamental rule of software engineering: Don t write your own foo; if you can, use somebody else s. A closer look at code generation 16 / 18
31 Serialising Adaption to target-language specifics: improving readability and aesthetics of generated code (bools, tuples, lists,... ) gaining efficiency (target-language integers) interface with language parts which have no direct counterpart in HOL (imperative data structures)... but: know what you are doing! Remember the fundamental rule of software engineering: Don t write your own foo; if you can, use somebody else s. foo { operating system, garabage collector, cryptographic algorithm, concurrency framework, theorem prover,... } A closer look at code generation 16 / 18
32 Serialising Adaption to target-language specifics: improving readability and aesthetics of generated code (bools, tuples, lists,... ) gaining efficiency (target-language integers) interface with language parts which have no direct counterpart in HOL (imperative data structures)... but: know what you are doing! Remember the fundamental rule of software engineering: Don t write your own foo; if you can, use somebody else s. foo { operating system, garabage collector, cryptographic algorithm, concurrency framework, theorem prover,... } {serialisation} A closer look at code generation 16 / 18
33 What remains Not mentioned here implementing equality code extraction from proofs Ongoing work and research turning inductive predicates into equations Haskabelle: importing Haskell files Quickcheck concept for datatype abstraction Further reading Tutorials in the Isabelle distribution for functions, code generation etc. PhD thesis on code generation (under heavy construction... )... A closer look at code generation 17 / 18
34 Happy proving, happy hacking Thanks for your attention
Programs and Proofs in Isabelle/HOL
Programs and Proofs in Isabelle/HOL Makarius Wenzel http://sketis.net March 2016 = Isabelle λ β α Introduction What is Isabelle? Hanabusa Itcho : Blind monks examining an elephant Introduction 2 History:
More informationPreuves Interactives et Applications
Preuves Interactives et Applications Christine Paulin & Burkhart Wolff http://www.lri.fr/ paulin/preuvesinteractives Université Paris-Saclay HOL and its Specification Constructs 10/12/16 B. Wolff - M2
More informationTurning inductive into equational specifications
Turning inductive into equational specifications Stefan Berghofer and Lukas Bulwahn and Florian Haftmann Technische Universität München Institut für Informatik, Boltzmannstraße 3, 85748 Garching, Germany
More informationTheorem Proving Principles, Techniques, Applications Recursion
NICTA Advanced Course Theorem Proving Principles, Techniques, Applications Recursion 1 CONTENT Intro & motivation, getting started with Isabelle Foundations & Principles Lambda Calculus Higher Order Logic,
More informationInductive datatypes in HOL. lessons learned in Formal-Logic Engineering
Inductive datatypes in HOL lessons learned in Formal-Logic Engineering Stefan Berghofer and Markus Wenzel Institut für Informatik TU München = Isabelle λ β HOL α 1 Introduction Applications of inductive
More informationFrom Types to Sets in Isabelle/HOL
From Types to Sets in Isabelle/HOL Extented Abstract Ondřej Kunčar 1 and Andrei Popescu 1,2 1 Fakultät für Informatik, Technische Universität München, Germany 2 Institute of Mathematics Simion Stoilow
More informationIsabelle s meta-logic. p.1
Isabelle s meta-logic p.1 Basic constructs Implication = (==>) For separating premises and conclusion of theorems p.2 Basic constructs Implication = (==>) For separating premises and conclusion of theorems
More informationFunctional Programming and Modeling
Chapter 2 2. Functional Programming and Modeling 2.0 2. Functional Programming and Modeling 2.0 Overview of Chapter Functional Programming and Modeling 2. Functional Programming and Modeling 2.1 Overview
More informationIntegration of SMT Solvers with ITPs There and Back Again
Integration of SMT Solvers with ITPs There and Back Again Sascha Böhme and University of Sheffield 7 May 2010 1 2 Features: SMT-LIB vs. Yices Translation Techniques Caveats 3 4 Motivation Motivation System
More informationCode generation from Isabelle/HOL theories
= Isabelle λ β Isar α Code generation from Isabelle/HOL theories Florian Haftmann with contributions from Lukas Bulwahn 8 October 2017 Abstract This tutorial introduces the code generator facilities of
More informationIsabelle/HOL:Selected Features and Recent Improvements
/: Selected Features and Recent Improvements webertj@in.tum.de Security of Systems Group, Radboud University Nijmegen February 20, 2007 /:Selected Features and Recent Improvements 1 2 Logic User Interface
More informationOverview. A Compact Introduction to Isabelle/HOL. Tobias Nipkow. System Architecture. Overview of Isabelle/HOL
Overview A Compact Introduction to Isabelle/HOL Tobias Nipkow TU München 1. Introduction 2. Datatypes 3. Logic 4. Sets p.1 p.2 System Architecture Overview of Isabelle/HOL ProofGeneral Isabelle/HOL Isabelle
More informationCOMP4161: Advanced Topics in Software Verification. fun. Gerwin Klein, June Andronick, Ramana Kumar S2/2016. data61.csiro.au
COMP4161: Advanced Topics in Software Verification fun Gerwin Klein, June Andronick, Ramana Kumar S2/2016 data61.csiro.au Content Intro & motivation, getting started [1] Foundations & Principles Lambda
More informationFinite Model Generation for Isabelle/HOL Using a SAT Solver
Finite Model Generation for / Using a SAT Solver Tjark Weber webertj@in.tum.de Technische Universität München Winterhütte, März 2004 Finite Model Generation for / p.1/21 is a generic proof assistant: Highly
More informationInduction in Coq. Nate Foster Spring 2018
Induction in Coq Nate Foster Spring 2018 Review Previously in 3110: Functional programming in Coq Logic in Coq Curry-Howard correspondence (proofs are programs) Today: Induction in Coq REVIEW: INDUCTION
More informationBasic Foundations of Isabelle/HOL
Basic Foundations of Isabelle/HOL Peter Wullinger May 16th 2007 1 / 29 1 Introduction into Isabelle s HOL Why Type Theory Basic Type Syntax 2 More HOL Typed λ Calculus HOL Rules 3 Example proof 2 / 29
More informationHaskell-style type classes with Isabelle/Isar
= Isabelle λ β Isar α Haskell-style type classes with Isabelle/Isar Florian Haftmann 8 October 2017 Abstract This tutorial introduces Isar type classes, which are a convenient mechanism for organizing
More informationHow Efficient Can Fully Verified Functional Programs Be - A Case Study of Graph Traversal Algorithms
How Efficient Can Fully Verified Functional Programs Be - A Case Study of Graph Traversal Algorithms Mirko Stojadinović Faculty of Mathematics, University of Belgrade Abstract. One approach in achieving
More informationCoq, a formal proof development environment combining logic and programming. Hugo Herbelin
Coq, a formal proof development environment combining logic and programming Hugo Herbelin 1 Coq in a nutshell (http://coq.inria.fr) A logical formalism that embeds an executable typed programming language:
More informationAutomatic Proof and Disproof in Isabelle/HOL
Automatic Proof and Disproof in Isabelle/HOL Jasmin Blanchette, Lukas Bulwahn, Tobias Nipkow Fakultät für Informatik TU München 1 Introduction 2 Isabelle s Standard Proof Methods 3 Sledgehammer 4 Quickcheck:
More informationA CRASH COURSE IN SEMANTICS
LAST TIME Recdef More induction NICTA Advanced Course Well founded orders Slide 1 Theorem Proving Principles, Techniques, Applications Slide 3 Well founded recursion Calculations: also/finally {P}... {Q}
More informationDependent Types and Irrelevance
Dependent Types and Irrelevance Christoph-Simon Senjak Technische Universität München Institut für Informatik Boltzmannstraße 3 85748 Garching PUMA Workshop September 2012 Dependent Types Dependent Types
More informationA Verified Compiler from Isabelle/HOL to CakeML
A Verified Compiler from Isabelle/HOL to CakeML Lars Hupel and Tobias Nipkow Technische Universität München lars.hupel@tum.de, nipkow@in.tum.de Abstract. Many theorem provers can generate functional programs
More informationProgramming and Proving in
Programming and Proving in = λ β Isabelle HOL α Tobias Nipkow Fakultät für Informatik Technische Universität München 1 Notation Implication associates to the right: A = B = C means A = (B = C) Similarly
More informationProvably Correct Software
Provably Correct Software Max Schäfer Institute of Information Science/Academia Sinica September 17, 2007 1 / 48 The Need for Provably Correct Software BUT bugs are annoying, embarrassing, and cost gazillions
More informationFormalization of Incremental Simplex Algorithm by Stepwise Refinement
Formalization of Incremental Simplex Algorithm by Stepwise Refinement Mirko Spasić, Filip Marić Faculty of Mathematics, University of Belgrade FM2012, 30. August 2012. Overview 1 Introduction 2 Approach
More informationIntroduction to dependent types in Coq
October 24, 2008 basic use of the Coq system In Coq, you can play with simple values and functions. The basic command is called Check, to verify if an expression is well-formed and learn what is its type.
More informationThe Isabelle/HOL type-class hierarchy
= Isabelle λ β Isar α The Isabelle/HOL type-class hierarchy Florian Haftmann 8 October 2017 Abstract This primer introduces corner stones of the Isabelle/HOL type-class hierarchy and gives some insights
More informationCSCI-GA Scripting Languages
CSCI-GA.3033.003 Scripting Languages 12/02/2013 OCaml 1 Acknowledgement The material on these slides is based on notes provided by Dexter Kozen. 2 About OCaml A functional programming language All computation
More informationCoq with Classes. Matthieu Sozeau. Journées PPS 2011 September 5th 2011 Trouville, France. Project Team πr 2 INRIA Paris
Coq with Classes Matthieu Sozeau Project Team πr 2 INRIA Paris Journées PPS 2011 September 5th 2011 Trouville, France This talk A quick overview of Coq Elaboration Type Classes Matthieu Sozeau - Coq with
More informationUnit- and Sequence Test Generation with HOL-TestGen
Unit- and Sequence Test Generation with HOL-TestGen Tests et Methodes Formelles Prof. Burkhart Wolff Univ - Paris-Sud / LRI 16.6.2015 B.Wolff - HOL-TestGen 1 Overview HOL-TestGen and its Business-Case
More informationFirst-Class Type Classes
First-Class Type Classes Matthieu Sozeau Joint work with Nicolas Oury LRI, Univ. Paris-Sud - Démons Team & INRIA Saclay - ProVal Project Gallium Seminar November 3rd 2008 INRIA Rocquencourt Solutions for
More informationEncoding Object-Z in Isabelle/HOL
Encoding Object-Z in Isabelle/HOL Graeme Smith 1, Florian Kammüller 2, and Thomas Santen 2 1 Software Verification Research Centre University of Queensland 4072, Australia smith@svrc.uq.edu.au 2 Technische
More informationConcrete Semantics. A Proof Assistant Approach. Tobias Nipkow Fakultät für Informatik Technische Universität München
Concrete Semantics A Proof Assistant Approach Tobias Nipkow Fakultät für Informatik Technische Universität München 2014-1-26 1 Part I Isabelle 2 Chapter 2 Programming and Proving 3 1 Overview of Isabelle/HOL
More informationCOMP 4161 NICTA Advanced Course. Advanced Topics in Software Verification. Toby Murray, June Andronick, Gerwin Klein
COMP 4161 NICTA Advanced Course Advanced Topics in Software Verification Toby Murray, June Andronick, Gerwin Klein λ 1 Last time... λ calculus syntax free variables, substitution β reduction α and η conversion
More informationPattern Matching and Abstract Data Types
Pattern Matching and Abstract Data Types Tom Murphy VII 3 Dec 2002 0-0 Outline Problem Setup Views ( Views: A Way For Pattern Matching To Cohabit With Data Abstraction, Wadler, 1986) Active Patterns (
More informationReasoning Using Higher-Order Abstract Syntax in a Higher-Order Logic Proof Environment: Improvements to Hybrid and a Case Study
Reasoning Using Higher-Order Abstract Syntax in a Higher-Order Logic Proof Environment: Improvements to Hybrid and a Case Study Alan J. Martin Thesis Submitted to the Faculty of Graduate and Postdoctoral
More informationSpecification, Verification, and Interactive Proof
Specification, Verification, and Interactive Proof SRI International May 23, 2016 PVS PVS - Prototype Verification System PVS is a verification system combining language expressiveness with automated tools.
More informationContext aware Calculation and Deduction
Context aware Calculation and Deduction Ring Equalities via Gröbner Bases in Isabelle Amine Chaieb and Makarius Wenzel Technische Universität München Institut für Informatik, Boltzmannstraße 3, 85748 Garching,
More informationInduction Schemes. Math Foundations of Computer Science
Induction Schemes Math Foundations of Computer Science Topics Induction Example Induction scheme over the naturals Termination Reduction to equational reasoning ACL2 proof General Induction Schemes Induction
More informationVector Clocks in Coq
Vector Clocks in Coq An Experience Report Christopher Meiklejohn Basho Technologies, Inc. Cambridge, MA 02139 cmeiklejohn@basho.com March 6, 2014 Outline of the talk Introduction Background Implementation
More informationLecture #13: Type Inference and Unification. Typing In the Language ML. Type Inference. Doing Type Inference
Lecture #13: Type Inference and Unification Typing In the Language ML Examples from the language ML: fun map f [] = [] map f (a :: y) = (f a) :: (map f y) fun reduce f init [] = init reduce f init (a ::
More informationSynthesis of distributed mobile programs using monadic types in Coq
Synthesis of distributed mobile programs using monadic types in Coq Marino Miculan Marco Paviotti Dept. of Mathematics and Computer Science University of Udine ITP 2012 August 13th, 2012 1 / 22 The problem
More informationAn Isabelle/HOL-based Model of Stratego-like Traversal Strategies
An Isabelle/HOL-based Model of Stratego-like Traversal Strategies Markus Kaiser and Ralf Lämmel Software Languages Team, Universität Koblenz-Landau Abstract Traversal strategies are at the heart of transformational
More informationA Brief Introduction to Standard ML
A Brief Introduction to Standard ML Specification and Verification with Higher-Order Logic Arnd Poetzsch-Heffter (Slides by Jens Brandt) Software Technology Group Fachbereich Informatik Technische Universität
More informationReasoning about programs. Chapter 9 of Thompson
Reasoning about programs Chapter 9 of Thompson Proof versus testing A proof will state some property of a program that holds for all inputs. Testing shows only that a property holds for a particular set
More informationParametricity of Inductive Predicates
Proposal for a Master s thesis Parametricity of Inductive Predicates Supervisors: Dr. Andreas Lochbihler, Dr. Dmitriy Traytel Professor: Prof. David Basin Issue date: May 19, 2017 Prerequisites Good skills
More informationtype classes & locales
Content Rough timeline Intro & motivation, getting started [1] COMP 4161 NICTA Advanced Course Advanced Topics in Software Verification Gerwin Klein, June Andronick, Toby Murray type classes & locales
More informationStructural polymorphism in Generic Haskell
Structural polymorphism in Generic Haskell Andres Löh andres@cs.uu.nl 5 February 2005 Overview About Haskell Genericity and other types of polymorphism Examples of generic functions Generic Haskell Overview
More informationPartiality and Recursion in Interactive Theorem Provers - An Overview
Partiality and Recursion in Interactive Theorem Provers - An Overview Ana Bove, Alexander Krauss, Matthieu Sozeau To cite this version: Ana Bove, Alexander Krauss, Matthieu Sozeau. Partiality and Recursion
More informationProgramming and Proving in Isabelle/HOL
Programming and Proving in Isabelle/HOL Tobias Nipkow Fakultät für Informatik Technische Universität München 2013 MOD Summer School 1 Notation Implication associates to the right: A = B = C means A = (B
More informationLecture #23: Conversion and Type Inference
Lecture #23: Conversion and Type Inference Administrivia. Due date for Project #2 moved to midnight tonight. Midterm mean 20, median 21 (my expectation: 17.5). Last modified: Fri Oct 20 10:46:40 2006 CS164:
More informationConversion vs. Subtyping. Lecture #23: Conversion and Type Inference. Integer Conversions. Conversions: Implicit vs. Explicit. Object x = "Hello";
Lecture #23: Conversion and Type Inference Administrivia. Due date for Project #2 moved to midnight tonight. Midterm mean 20, median 21 (my expectation: 17.5). In Java, this is legal: Object x = "Hello";
More informationIsabelle Tutorial: System, HOL and Proofs
Isabelle Tutorial: System, HOL and Proofs Burkhart Wolff, Makarius Wenzel Université Paris-Sud What we will talk about What we will talk about Isabelle with: its System Framework the Logical Framework
More informationlocales ISAR IS BASED ON CONTEXTS CONTENT Slide 3 Slide 1 proof - fix x assume Ass: A. x and Ass are visible Slide 2 Slide 4 inside this context
LAST TIME Syntax and semantics of IMP Hoare logic rules NICTA Advanced Course Soundness of Hoare logic Slide 1 Theorem Proving Principles, Techniques, Applications Slide 3 Verification conditions Example
More informationType Theory meets Effects. Greg Morrisett
Type Theory meets Effects Greg Morrisett A Famous Phrase: Well typed programs won t go wrong. 1. Describe abstract machine: M ::= 2. Give transition relation: M 1 M 2
More informationIntrinsically Typed Reflection of a Gallina Subset Supporting Dependent Types for Non-structural Recursion of Coq
Intrinsically Typed Reflection of a Gallina Subset Supporting Dependent Types for Non-structural Recursion of Coq Akira Tanaka National Institute of Advanced Industrial Science and Technology (AIST) 2018-11-21
More informationMLW. Henk Barendregt and Freek Wiedijk assisted by Andrew Polonsky. March 26, Radboud University Nijmegen
1 MLW Henk Barendregt and Freek Wiedijk assisted by Andrew Polonsky Radboud University Nijmegen March 26, 2012 inductive types 2 3 inductive types = types consisting of closed terms built from constructors
More informationWhy3 where programs meet provers
Why3 where programs meet provers Jean-Christophe Filliâtre CNRS KeY Symposium 2017 Rastatt, Germany October 5, 2017 history started in 2001, as an intermediate language in the process of verifying C and
More informationProgramming Languages Lecture 14: Sum, Product, Recursive Types
CSE 230: Winter 200 Principles of Programming Languages Lecture 4: Sum, Product, Recursive Types The end is nigh HW 3 No HW 4 (= Final) Project (Meeting + Talk) Ranjit Jhala UC San Diego Recap Goal: Relate
More informationProving Inequalities over Reals with Computation in Isabelle/HOL
Proving Inequalities over Reals with Computation in Isabelle/HOL Johannes Hölzl Technische Universität München hoelzl@in.tum.de Abstract When verifying numerical algorithms, it is often necessary to estimate
More informationFunctional Programming
The Meta Language (ML) and Functional Programming Daniel S. Fava danielsf@ifi.uio.no Department of informatics University of Oslo, Norway Motivation ML Demo Which programming languages are functional?
More informationCom S 541. Programming Languages I
Programming Languages I Lecturer: TA: Markus Lumpe Department of Computer Science 113 Atanasoff Hall http://www.cs.iastate.edu/~lumpe/coms541.html TR 12:40-2, W 5 Pramod Bhanu Rama Rao Office hours: TR
More informationSimply-Typed Lambda Calculus
#1 Simply-Typed Lambda Calculus #2 Back to School What is operational semantics? When would you use contextual (small-step) semantics? What is denotational semantics? What is axiomatic semantics? What
More informationPartiality and Recursion in Interactive Theorem Provers An Overview
Under consideration for publication in Math. Struct. in Comp. Science Partiality and Recursion in Interactive Theorem Provers An Overview A N A B O V E 1, A L E X A N D E R K R A U S S 2, and M A T T H
More informationCS 6110 S11 Lecture 25 Typed λ-calculus 6 April 2011
CS 6110 S11 Lecture 25 Typed λ-calculus 6 April 2011 1 Introduction Type checking is a lightweight technique for proving simple properties of programs. Unlike theorem-proving techniques based on axiomatic
More informationThe Isabelle/Isar Reference Manual
= Isabelle λ β Isar α The Isabelle/Isar Reference Manual Makarius Wenzel With Contributions by Clemens Ballarin, Stefan Berghofer, Jasmin Blanchette, Timothy Bourke, Lukas Bulwahn, Amine Chaieb, Lucas
More informationVerifying Concurrent ML programs
Verifying Concurrent ML programs a research proposal Gergely Buday Eszterházy Károly University Gyöngyös, Hungary Synchron 2016 Bamberg December 2016 Concurrent ML is a synchronous language a CML program
More informationInteractive Theorem Proving in Higher-Order Logics
Interactive Theorem Proving in Higher-Order Logics Partly based on material by Mike Gordon, Tobias Nipkow, and Andrew Pitts Jasmin Blanchette Automatic Interactive What are proof assistants? Proof assistants
More information1 Introduction. 3 Syntax
CS 6110 S18 Lecture 19 Typed λ-calculus 1 Introduction Type checking is a lightweight technique for proving simple properties of programs. Unlike theorem-proving techniques based on axiomatic semantics,
More informationNumerical Computations and Formal Methods
Program verification Formal arithmetic Decision procedures Proval, Laboratoire de Recherche en Informatique INRIA Saclay IdF, Université Paris Sud, CNRS October 28, 2009 Program verification Formal arithmetic
More informationCS 4110 Programming Languages & Logics. Lecture 28 Recursive Types
CS 4110 Programming Languages & Logics Lecture 28 Recursive Types 7 November 2014 Announcements 2 Foster office hours 11-12pm Guest lecture by Fran on Monday Recursive Types 3 Many languages support recursive
More informationGeneric Constructors and Eliminators from Descriptions
DRAFT Generic Constructors and Eliminators from Descriptions Type Theory as a Dependently Typed Internal DSL Larry Diehl Tim Sheard Portland State University {ldiehl,sheard}@cs.pdx.edu Abstract Dependently
More informationFormal proofs and certified computation in Coq
Formal proofs and certified computation in Coq Érik Martin-Dorel http://erik.martin-dorel.org Équipe ACADIE, Laboratoire IRIT Université Toulouse III - Paul Sabatier French Symposium on Games 26 30 May
More informationHOL DEFINING HIGHER ORDER LOGIC LAST TIME ON HOL CONTENT. Slide 3. Slide 1. Slide 4. Slide 2 WHAT IS HIGHER ORDER LOGIC? 2 LAST TIME ON HOL 1
LAST TIME ON HOL Proof rules for propositional and predicate logic Safe and unsafe rules NICTA Advanced Course Forward Proof Slide 1 Theorem Proving Principles, Techniques, Applications Slide 3 The Epsilon
More informationCombining Static and Dynamic Contract Checking for Curry
Michael Hanus (CAU Kiel) Combining Static and Dynamic Contract Checking for Curry LOPSTR 2017 1 Combining Static and Dynamic Contract Checking for Curry Michael Hanus University of Kiel Programming Languages
More informationλ calculus is inconsistent
Content Rough timeline COMP 4161 NICTA Advanced Course Advanced Topics in Software Verification Gerwin Klein, June Andronick, Toby Murray λ Intro & motivation, getting started [1] Foundations & Principles
More informationVerification of an LCF-Style First-Order Prover with Equality
Verification of an LCF-Style First-Order Prover with Equality Alexander Birch Jensen, Anders Schlichtkrull, and Jørgen Villadsen DTU Compute, Technical University of Denmark, 2800 Kongens Lyngby, Denmark
More informationVerified Firewall Policy Transformations for Test Case Generation
Verified Firewall Policy Transformations for Test Case Generation Achim D. Brucker 1 Lukas Brügger 2 Paul Kearney 3 Burkhart Wolff 4 1 SAP Research, Germany 2 Information Security, ETH Zürich, Switzerland
More informationMe and my research. Wouter Swierstra Vector Fabrics, 6/11/09
Me and my research Wouter Swierstra Vector Fabrics, 6/11/09 Brief bio MSc in Software Technology (Utrecht); PhD entitled A Functional Specification of Effects (University of Nottingham); Postdoc position
More information10 Years of Partiality and General Recursion in Type Theory
10 Years of Partiality and General Recursion in Type Theory Ana Bove Chalmers University of Technology DTP 10 July 9th 2010 Claims and Disclaims I know that I know nothing Socrates Ana Bove DTP 10 July
More informationAdding GADTs to OCaml the direct approach
Adding GADTs to OCaml the direct approach Jacques Garrigue & Jacques Le Normand Nagoya University / LexiFi (Paris) https://sites.google.com/site/ocamlgadt/ Garrigue & Le Normand Adding GADTs to OCaml 1
More informationA unified machine-checked model for multithreaded Java
A unified machine-checked model for multithreaded Java Andre Lochbihler IPD, PROGRAMMING PARADIGMS GROUP, COMPUTER SCIENCE DEPARTMENT KIT - University of the State of Baden-Wuerttemberg and National Research
More informationProgramming with dependent types: passing fad or useful tool?
Programming with dependent types: passing fad or useful tool? Xavier Leroy INRIA Paris-Rocquencourt IFIP WG 2.8, 2009-06 X. Leroy (INRIA) Dependently-typed programming 2009-06 1 / 22 Dependent types In
More informationCS Lecture 6: Map and Fold. Prof. Clarkson Spring Today s music: Selections from the soundtrack to 2001: A Space Odyssey
CS 3110 Lecture 6: Map and Fold Prof. Clarkson Spring 2015 Today s music: Selections from the soundtrack to 2001: A Space Odyssey Review Course so far: Syntax and semantics of (most of) OCaml Today: No
More informationMPRI course 2-4 Functional programming languages Exercises
MPRI course 2-4 Functional programming languages Exercises Xavier Leroy October 13, 2016 Part I: Interpreters and operational semantics Exercise I.1 (**) Prove theorem 2 (the unique decomposition theorem).
More informationTheorem proving. PVS theorem prover. Hoare style verification PVS. More on embeddings. What if. Abhik Roychoudhury CS 6214
Theorem proving PVS theorem prover Abhik Roychoudhury National University of Singapore Both specification and implementation can be formalized in a suitable logic. Proof rules for proving statements in
More informationNatural Numbers. We will use natural numbers to illustrate several ideas that will apply to Haskell data types in general.
Natural Numbers We will use natural numbers to illustrate several ideas that will apply to Haskell data types in general. For the moment we will ignore that fact that each type in Haskell includes possible
More informationThe design of a programming language for provably correct programs: success and failure
The design of a programming language for provably correct programs: success and failure Don Sannella Laboratory for Foundations of Computer Science School of Informatics, University of Edinburgh http://homepages.inf.ed.ac.uk/dts
More informationLecture 8: Summary of Haskell course + Type Level Programming
Lecture 8: Summary of Haskell course + Type Level Programming Søren Haagerup Department of Mathematics and Computer Science University of Southern Denmark, Odense October 31, 2017 Principles from Haskell
More informationMathematics for Computer Scientists 2 (G52MC2)
Mathematics for Computer Scientists 2 (G52MC2) L07 : Operations on sets School of Computer Science University of Nottingham October 29, 2009 Enumerations We construct finite sets by enumerating a list
More informationAn Introduction to Isabelle/HOL 2008
An Introduction to Isabelle/HOL 2008 Tobias Nipkow TU München p.1 Overview of Isabelle/HOL p.2 System Architecture ProofGeneral Isabelle/HOL Isabelle Standard ML (X)Emacs based interface Isabelle instance
More informationEmbedding Cryptol in Higher Order Logic
Embedding Cryptol in Higher Order Logic Joe Hurd Computer Laboratory Cambridge University joe.hurd@cl.cam.ac.uk 10 March 2007 Abstract This report surveys existing approaches to embedding Cryptol programs
More informationProgramming and Proving in Isabelle/HOL
Tobias Nipkow Programming and Proving in Isabelle/HOL = Isabelle λ β α February 12, 2013 Contents 1 Introduction 1 2 Programming and Proving 3 21 Basics 3 22 Types bool, nat and list 5 23 Type and function
More informationCS-XXX: Graduate Programming Languages. Lecture 9 Simply Typed Lambda Calculus. Dan Grossman 2012
CS-XXX: Graduate Programming Languages Lecture 9 Simply Typed Lambda Calculus Dan Grossman 2012 Types Major new topic worthy of several lectures: Type systems Continue to use (CBV) Lambda Caluclus as our
More informationType Classes and Overloading in Higher-Order Logic
Type Classes and Overloading in Higher-Order Logic Markus Wenzel Technische Universität München Institut für Informatik, Arcisstraße 21, 80290 München, Germany http://www4.informatik.tu-muenchen.de/~wenzelm/
More informationProgramming with Universes, Generically
Programming with Universes, Generically Andres Löh Well-Typed LLP 24 January 2012 An introduction to Agda Agda Functional programming language Static types Dependent types Pure (explicit effects) Total
More informationModular dependent induction in Coq, Mendler-style. Paolo Torrini
Modular dependent induction in Coq, Mendler-style Paolo Torrini Dept. of Computer Science, KU Leuven ITP 16, Nancy, 22.08.2016 * The Author left the Institution in April 2016 motivation: cost-effective
More informationUser-Defined Algebraic Data Types
72 Static Semantics User-Defined Types User-Defined Algebraic Data Types An algebraic data type declaration has the general form: data cx T α 1... α k = K 1 τ 11... τ 1k1... K n τ n1... τ nkn introduces
More informationProving Properties on Programs From the Coq Tutorial at ITP 2015
Proving Properties on Programs From the Coq Tutorial at ITP 2015 Reynald Affeldt August 29, 2015 Hoare logic is a proof system to verify imperative programs. It consists of a language of Hoare triples
More information