Results 11  20
of
59
Idris — systems programming meets full dependent types
 In Proc. 5th ACM workshop on Programming languages meets program verification, PLPV ’11
, 2011
"... Dependent types have emerged in recent years as a promising approach to ensuring program correctness. However, existing dependently typed languages such as Agda and Coq work at a very high level of abstraction, making it difficult to map verified programs to suitably efficient executable code. Thi ..."
Abstract

Cited by 8 (2 self)
 Add to MetaCart
(Show Context)
Dependent types have emerged in recent years as a promising approach to ensuring program correctness. However, existing dependently typed languages such as Agda and Coq work at a very high level of abstraction, making it difficult to map verified programs to suitably efficient executable code. This is particularly problematic for programs which work with bit level data, e.g. network packet processing, binary file formats or operating system services. Such programs, being fundamental to the operation of computers in general, may stand to benefit significantly from program verification techniques. This paper describes the use of a dependently typed programming language, IDRIS, for specifying and verifying properties of lowlevel systems programs, taking network packet processing as an extended example. We give an overview of the distinctive features of IDRIS which allow it to interact with external systems code, with precise types. Furthermore, we show how to integrate tactic scripts and plugin decision procedures to reduce the burden of proof on application developers. The ideas we present are readily adaptable to languages with related type systems.
Formal verification of monad transformers
 In ICFP’12
, 2012
"... We present techniques for reasoning about constructor classes that (like the monad class) fix polymorphic operations and assert polymorphic axioms. We do not require a logic with firstclass type constructors, firstclass polymorphism, or type quantification; instead, we rely on a domaintheoretic m ..."
Abstract

Cited by 6 (2 self)
 Add to MetaCart
(Show Context)
We present techniques for reasoning about constructor classes that (like the monad class) fix polymorphic operations and assert polymorphic axioms. We do not require a logic with firstclass type constructors, firstclass polymorphism, or type quantification; instead, we rely on a domaintheoretic model of the type system in a universal domain to provide these features. These ideas are implemented in the Tycon library for the Isabelle theorem prover, which builds on the HOLCF library of domain theory. The Tycon library provides various axiomatic type constructor classes, including functors and monads. It also provides automation for instantiating those classes, and for defining further subclasses. We use the Tycon library to formalize three Haskell monad transformers: the error transformer, the writer transformer, and the resumption transformer. The error and writer transformers do not universally preserve the monad laws; however, we establish datatype invariants for each, showing that they are valid monads when viewed as abstract datatypes.
Hints in unification
"... Abstract. Several mechanisms such as Canonical Structures [14], Type Classes [16,13], or Pullbacks [10] have been recently introduced with the aim to improve the power and flexibility of the type inference algorithm for interactive theorem provers. We claim that all these mechanisms are particular i ..."
Abstract

Cited by 6 (3 self)
 Add to MetaCart
(Show Context)
Abstract. Several mechanisms such as Canonical Structures [14], Type Classes [16,13], or Pullbacks [10] have been recently introduced with the aim to improve the power and flexibility of the type inference algorithm for interactive theorem provers. We claim that all these mechanisms are particular instances of a simpler and more general technique, just consisting in providing suitable hints to the unification procedure underlying type inference. This allows a simple, modular and not intrusive implementation of all the above mentioned techniques, opening at the same time innovative and unexpected perspectives on its possible applications. 1
Program Calculation in Coq
 In Thirteenth International Conference on Algebraic Methodology And Software Technology (AMAST2010), LNCS 6486
, 2010
"... Abstract. Program calculation, being a programming technique that derives programs from specification by means of formula manipulation, is a challenging activity. It requires human insights and creativity, and needs systems to help human to focus on clever parts of the derivation by automating tedio ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
(Show Context)
Abstract. Program calculation, being a programming technique that derives programs from specification by means of formula manipulation, is a challenging activity. It requires human insights and creativity, and needs systems to help human to focus on clever parts of the derivation by automating tedious ones and verifying correctness of transformations. Different from many existing systems, we show in this paper that Coq, a popular theorem prover, provides a cheap way to implement a powerful system to support program calculation, which has not been recognized so far. We design and implement a set of tactics for the Coq proof assistant to help the user to derive programs by program calculation and to write proofs in calculational form. The use of these tactics is demonstrated through program calculations in Coq based on the theory of lists. 1
Formalizing Projective Plane Geometry in Coq
, 2008
"... We investigate how projective plane geometry can be formalized in a proof assistant such as Coq. Such a formalization increases the reliability of textbook proofs whose details and particular cases are often overlooked and left to the reader as exercises. Projective plane geometry is described thro ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
We investigate how projective plane geometry can be formalized in a proof assistant such as Coq. Such a formalization increases the reliability of textbook proofs whose details and particular cases are often overlooked and left to the reader as exercises. Projective plane geometry is described through two different axiom systems which are formally proved equivalent. Usual properties such as decidability of equality of points (and lines) are then proved in a constructive way. The duality principle as well as formal models of projective plane geometry are then studied and implemented in Coq. Finally, we formally prove in Coq that Desargues’ property is independent of the axioms of projective plane geometry.
Composing and Decomposing Data Types A Closed Type Families Implementation of Data Types a ̀ la Carte
"... Wouter Swierstra’s data types a ̀ la carte is a technique to modularise data type definitions in Haskell. We give an alternative implementation of data types a ̀ la carte that offers more flexibility in composing and decomposing data types. To achieve this, we refine the subtyping constraint, whi ..."
Abstract

Cited by 4 (1 self)
 Add to MetaCart
(Show Context)
Wouter Swierstra’s data types a ̀ la carte is a technique to modularise data type definitions in Haskell. We give an alternative implementation of data types a ̀ la carte that offers more flexibility in composing and decomposing data types. To achieve this, we refine the subtyping constraint, which is at the centre of data types a ̀ la carte. On the one hand this refinement is more general, allowing subtypings that intuitively should hold but were not derivable beforehand. This aspect of our implementation removes previous restrictions on how data types can be combined. On the other hand our refinement is more restrictive, disallowing subtypings that lead to more than one possible injection and should therefore be considered programming errors. Furthermore, from this refined subtyping constraint we derive a new constraint to express type isomorphism. We show how this isomorphism constraint allows us to decompose data types and to define extensible functions on data types in an ad hoc manner. The implementation makes essential use of closed type families in Haskell. The use of closed type families instead of type classes comes with a set of tradeoffs, which we review in detail. Finally, we show that our technique can be used for other similar problem domains.
Tactics for reasoning modulo AC in Coq
 In First International Conf. on Certified Programs and Proofs
, 2011
"... Abstract. We present a set of tools for rewriting modulo associativity and commutativity (AC) in Coq, solving a longstanding practical problem. We use two building blocks: first, an extensible reflexive decision procedure for equality modulo AC; second, an OCaml plugin for pattern matching modulo ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
(Show Context)
Abstract. We present a set of tools for rewriting modulo associativity and commutativity (AC) in Coq, solving a longstanding practical problem. We use two building blocks: first, an extensible reflexive decision procedure for equality modulo AC; second, an OCaml plugin for pattern matching modulo AC. We handle associative only operations, neutral elements, uninterpreted function symbols, and userdefined equivalence relations. By relying on typeclasses for thereification phase, we can infer these properties automatically, so that endusers do not need to specify which operation is A or AC, or which constant is a neutral element. 1
Mechanized Verification with Sharing
, 2010
"... We consider software verification of imperative programs by theorem proving in higherorder separation logic. Of particular interest are the difficulties of encoding and reasoning about sharing and aliasing in pointerbased data structures. Both of these are difficulties for reasoning in separatio ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
(Show Context)
We consider software verification of imperative programs by theorem proving in higherorder separation logic. Of particular interest are the difficulties of encoding and reasoning about sharing and aliasing in pointerbased data structures. Both of these are difficulties for reasoning in separation logic because they rely, fundamentally, on nonseparate heaps. We show how sharing can be achieved while preserving abstraction using mechanized reasoning about fractional permissions in Hoare type theory.
Formalizing Domains, Ultrametric Spaces and Semantics of Programming Languages
 UNDER CONSIDERATION FOR PUBLICATION IN MATH. STRUCT. IN COMP. SCIENCE
, 2010
"... We describe a Coq formalization of constructive ωcpos, ultrametric spaces and ultrametricenriched categories, up to and including the inverselimit construction of solutions to mixedvariance recursive equations in both categories enriched over ωcppos and categories enriched over ultrametric spac ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
We describe a Coq formalization of constructive ωcpos, ultrametric spaces and ultrametricenriched categories, up to and including the inverselimit construction of solutions to mixedvariance recursive equations in both categories enriched over ωcppos and categories enriched over ultrametric spaces. We show how these mathematical structures may be used in formalizing semantics for three representative programming languages. Specifically, we give operational and denotational semantics for both a simplytyped CBV language with recursion and an untyped CBV language, establishing soundness and adequacy results in each case, and then use a Kripke logical relation over a recursivelydefined metric space of worlds to give an interpretation of types over a stepcounting operational semantics for a language with recursive types and general references.