Parent, C. Synthesizing proofs from programs in the Calculus of Inductive Constructions. in: Proceedings of Mathematics for Programs Constructions. Lecture Notes in Computer Science, vol. 947, 1995.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....mind the conception of such method preceded the proof by co induction. Furthermore, we remark that there is no explicit mention of the invariant in the first proof of Eq trans, where it is left completely implicit. On the contrary, as can be verified from different experiments with this principle [48, 62], most of the effort in proofs by co induction consists in searching for the appropriate invariant [48, Section 6.2] Finally, the distinction imposed by the formulation of this principle between the type of ex tensional equality and the (isomorphic ) type (Feq ) of pproximations from objects ....

C. Parent. Synthesizing proofs from programs in the Calculus of Inductive Constructions. In Mathematics for Programs Costructios'95, LNCS 947, pages 351 379, 1995.

....kind of statement will be easier to manipulate to build a proof from which we can extract the program. So we should nd a framework for our programming language where the full power of the system is accessible not to limit the possibility of the users. This approach is identical to Parent s work [12] using the Calculus of Inductive Constructions, but we hope to have a more exible (and thus powerful) way of annotating programs using the expressive power of our system. 7.2 Theoretical progress. Although we got in the previous section a subject reduction result for data types which is what is ....

Catherine Parent. Synthesizing proofs from programs in the calculus of inductive constructions. In Mathematics for Programs Constructions, volume 947 of Lecture Notes in Computer Science. Springer Verlag, 1995. 18

....This embedding concerns both the dynamic and the static semantics of the language, such that synchrony analysis is obtained for free. Moreover, it gives us a denotational semantics of LS in Coq and is thus a good starting point for designing a prover for LS programs in Coq, following [Fil99, Par95] approach. This semantics can also be used to experiment with the language: we have used it here to propose a notion of recursive functions for LS, as a generalization of recursive streams. The main originality of this work is to apply the clocks as types paradigm (see [Cas92] in the ....

....of recursive constructions of LS in Coq. But, this semantics is very simple, and we will actually use it to present LS operators to the reader. A simpli ed presentation of this paper can be found in [BH01] This semantics seems suitable for proving properties on LS programs: following [Fil99, Par95] approach, it could be a starting point for designing a prover of LS programs into Coq. It could be also the basis to prove the LS compiler: indeed such a proof may consist in showing formally that implementations of LS constructions re ne their descriptions given here. We also use this ....

[Article contains additional citation context not shown here]

Catherine Parent. Synthesizing proofs from programs in the calculus of inductive constructions. In Mathematics for Programs Constructions'95, number 947 in Lecture Notes in Computer Science, 1995.

....Qed. 6 Conclusion The practical result of this work is a tool to generate an equation that is usually diOEcult to obtain. In its simplest form, the equation can be as simple as the function denitions that can be obtained with the Program tactic, where proof information also disappears [10]. The desire to produce proofs of x point equalities without using extensionality looks very much like a theoretic rather than pragmatic question. As mere users of a type theory based proof system, we do not know how well or how badly the axiom of extensionality interferes with other aspects of ....

....and mutual recursion. We also want to provide a simplied version of the x point equation where proof arguments do not appear, following the example of logsimpleequation. This improvement can be implemented by a simple partial evaluation. It should also be possible to re use the results of Parent [10] and Slind [15] towards the support of plain functional programming in proof systems. ....

Catherine Parent. Synthesizing proofs from programs in the Calculus of Inductive Constructions. In Mathematics of Program Construction, volume 947 of Lecture Notes in Computer Science. Springer-Verlag, July 1995.

....all the logical argumentation has been erased as a comment. Conversely, the proof term may be obtained from the algorithm by just restoring this logical argumentation about the data, without modifyng the control structure. This methodology has been successfully implemented by Catherine Parent [22, 23] as a package of specialised tactics, whose aim is to help the user into constructing the proof from the algorithm. We shall not describe this facility in detail here, and will just show by example what happens for the treesort example. The algorithm language we use is still under design. It is ....

C. Parent. "Synthesizing proofs from programs in the Calculus of Inductive Constructions". Third International Conference on the Mathematics of Program Construction, Springer-Verlag LNCS 947, July 1995.

....so that each time the user enters an oracle tree, he she learns which message is broadcasted. Before building the proof, we used this interpreter to gain a better understanding of the protocol. As a by side product of the expertiment, we also validated it in Coq using the Program family of tactics [14, 15]. These tactics provide assistance to the user in the task of verifying already written programs with respect to certain initial specification of them. The proof consisted in showing that the stream of messages yielded by the interpreter is actually a discourse, i.e. that it actually comes from a ....

C. Parent. Synthesizing proofs from programs in the Calculus of Inductive Constructions. In Mathematics for Programs Constructions'95, LNCS 947, pages 351--379, 1995.

....mind the conception of such method preceded the proof by co induction. Furthermore, we remark that there is no explicit mention of the invariant in the first proof of Eq trans, where it is left completely implicit. On the contrary, as can be verified from different experiments with this principle [48, 62], most of the effort in proofs by co induction consists in searching for the appropriate invariant [48, Section 6.2] Finally, the distinction imposed by the formulation of this principle between the type of extensional equality and the (isomorphic ) type (Feq 1 = of approximations from ....

C. Parent. Synthesizing proofs from programs in the Calculus of Inductive Constructions. In Mathematics for Programs Constructions'95, LNCS 947, pages 351--379, 1995.

....is a potentially practical spin o in the form of program extraction. In case a statement of the form 8x9y:A(x; y) has been proved constructively, an algorithm nding the y in terms of the x can be extracted automatically from the proof. See Mohring [1986] Paulin Mohring and Werner [1993] and Parent [1995]. For a general discussion of issues related to (the future of) proof assistants, see also the QED manifesto in Bundy [1994] 238 251. Acknowledgement The European Workgroup Types, sponsored by grant xxxxxx, has provided contact with other research groups. In particular we thank the following ....

Parent, C. [1995]. Synthesizing proofs from programs in the calculus of inductive constructions, in: B. Moller (ed.), Proceedings 3rd Intl. Conf. on Mathematics of Program Construction, MPC'95, Kloster Irsee, Germany, 17-21 July 1995, Lecture Notes in Computer Science 947, Springer-Verlag, Berlin, pp. 351-379.

....and constructive type theories but instead focus on the practical application of these ideas. Some steps have been taken towards such a connection. Howe has developed a modified semantics for Nuprl to allow HOL theorems to be used within Nuprl proofs [6] Coq s Program tactic, described in [11, 12], provides automatic assistance for program verification. The approach described there can be viewed as the inverse of the program extraction process and is related to the discussion below in section 3.1. Another comparison of a constructive proof with its classical counterpart can be found in ....

C. Parent. Synthesizing proofs from programs in the Calculus of Inductive Constructions. In Mathematics for Programs Constructions'95, volume 947 of LNCS, July 1995.

....functional language to remain relatively pure, so that it is possible to effectively reason about program properties within a type theory. Some progress has been made towards bridging this gap, for example, by extracting CAML programs from Coq proofs, by synthesizing proofs from CAML like programs [15], or by embedding fragments of ML into NuPrl [8] In this paper we take a different approach, conservatively refining the type system of ML by allowing some dependencies, without destroying the desirable properties of ML such as practical and unintrusive type checking. Note that this is quite ....

....ascribe multiple types to terms in a uniform way, dependent types can express properties such as these two argument lists have the same length which are not recognizable by tree automata (the basis for type refinements) We plan to consider a combination of these ideas in future work. Parent[15] proposed to reverse the process of extracting programs from constructive proofs in Coq[2] synthesizing proof skeletons from annotated programs. Such proof skeletons contain holes corresponding to logical propositions not unlike our constraint formulas. In order to limit the verbosity of the ....

Parent, C. Synthesizing proofs from programs in the Calculus of Inductive Constructions. in: Proceedings of Mathematics for Programs Constructions. Lecture Notes in Computer Science, vol. 947, 1995.

....language to remain relatively pure, so that it is possible to effectively reason about program properties within a type theory. Some progress has been made towards bridging this gap, for example, by extracting Caml programs from Coq proofs, by synthesizing proof skeletons from Caml programs (Parent 1995), or by embedding fragments of ML into NuPrl (Kreitz, Hayden, and Hickey 1998) In this paper, we address the issue of designing a type system for practical programming in which a restricted form of dependent types is available, allowing more program invariants to be captured by types. We ....

....can thus ascribe multiple types to terms in a uniform way, dependent types can express properties such as these two argument lists have the same length which are not recognizable by tree automata (the basis for type refinements) We plan to consider a combination of these ideas in future work. Parent (Parent 1995) proposed to reverse the process of extracting programs from constructive proofs in Coq (Dowek, Felty, Herbelin, Huet, Murthy, Parent, Paulin Mohring, and Werner 1993) synthesizing proof skeletons from annotated programs. Such proof skeletons contain holes corresponding to logical propositions ....

Parent, C. (1995). Synthesizing proofs from programs in the calculus of inductive constructions. In Proceedings of the International Conference on Mathematics for Programs Constructions. Springer-Verlag LNCS 947.

....functional language to remain relatively pure, so that it is possible to effectively reason about program properties within a type theory. Some progress has been made towards bridging this gap, for example, by extracting CAML programs from Coq proofs, by synthesizing proofs from CAML like programs [14], or by embedding fragments of ML into NuPrl [8] In this paper we take a different approach, conservatively refining the type system of ML by allowing some dependencies, without destroying the desirable properties of ML such as practical and unintrusive type checking. Note that this is quite ....

....thus ascribe multiple types to terms in a uniform way, dependent types can express properties such as these two argument lists have the same length which are not recognizable by tree automata (the basis for type refinements) We plan to consider a combination of these ideas in future work. Parent[14] recently proposed to reverse the process of extracting programs from constructive proofs in Coq[2] synthesizing proof skeletons from annotated programs. Such proof skeletons contain holes corresponding to logical propositions not unlike our constraint formulas. In order to limit the verbosity ....

Parent, C. Synthesizing proofs from programs in the Calculus of Inductive Constructions. in: Proceedings of Mathematics for Programs Constructions. Lecture Notes in Computer Science, vol. 947, 1995.

....would be nice to consider more natural programs, that is, programs with fewer specifications. In fact, we would like the programmer to write F Ind programs and the method to use unification to retrieve subspecifications. This is the goal of a tactic implemented in Coq and presented in [Par93, Par95b, Par95a] This heuristic approach should follow the same method as the deterministic method, but the use of unification introduces non determinism. Nevertheless, we introduce annotations in F Ind programs that the heuristic method could use and that allow keeping a certain notion of ....

C. Parent. Synthesizing proofs from programs in the Calculus of Inductive Constructions. In Mathematics for Programs Constructions'95, volume 947 of LNCS, 1995.

....contain logical and computational parts. Programs can be seen as computational parts of proofs. They can thus be extracted from proofs and be certified to be correct. The inverse problem can be solved: it is possible to reconstruct proof obligations from a program and its specification [Par95a, Par95b] The framework is a type theory where a proof can be represented as a typed term [Bar91, ML84] and, particularly, the Calculus of Inductive Constructions [Coq85] This paper shows how programs can be simplified in order to be written in a much closer way to the ML one s. Indeed, proofs ....

....[Coq85, Coq89] and a particular implementation that is the Coq system [CCF 94] Programs can be extracted from proofs, but an other possible way is to synthesize proofs from programs. This consists in inverting the program extraction of [PM89a] and has been detailed in [Par93, Par95a, Par95b] given a specification and a functional program, it is possible to reconstruct a proof of the specification whose algorithmic contents corresponds to the given program. This problem is clearly undecidable. The best way is to generate proof obligations on atomic parts of the program. Such ....

[Article contains additional citation context not shown here]

C. Parent. Synthesizing proofs from programs in the Calculus of Inductive Constructions. In Mathematics for Programs Constructions '95, volume 947 of LNCS, July 1995.

No context found.

Parent, C. Synthesizing proofs from programs in the Calculus of Inductive Constructions. in: Proceedings of Mathematics for Programs Constructions. Lecture Notes in Computer Science, vol. 947, 1995.

No context found.

Parent, C. Synthesizing proofs from programs in the Calculus of Inductive Constructions. in: Proceedings of Mathematics for Programs Constructions. Lecture Notes in Computer Science, vol. 947, 1995.

No context found.

Parent, C. (1995). Synthesizing proofs from programs in the calculus of inductive constructions. In Proceedings of the International Conference on Mathematics for Programs Constructions. Springer-Verlag LNCS 947.

No context found.

C. Parent. Synthesizing proofs from programs in the Calculus of Inductive Constructions. In Mathematics of Program Construction'95, volume 947 of LNCS. Springer-Verlag, 1995.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC