APPSEM II, Nottingham, March 2003 1 Combining Higher Order Abstract Syntax with Tactical Theorem Proving & (Co)Induction Simon J. Ambler & Roy L. Crole & Alberto Momigliano University of Leicester, UK
✁ � ✁ � ✁ APPSEM II, Nottingham, March 2003 2 An Introduction to Our Work The subjects which under-pin our research are Programming Language Semantics, Functional Programming, Theorem Proving (in Isabelle HOL), and Categorical Logic. Our long term aims are to develop and improve technology for encoding operational semantics in a theorem prover; discover new methods for reasoning about variable binding which are amenable to automated theorem proving; develop mathematical models which under-pin such methods.
� ✁ ✁ ✁ APPSEM II, Nottingham, March 2003 3 More specific long term aims are develop mechanizations of higher order abstract syntax which are consistent with principles of induction and coinduction; to carry out such work in Isabelle HOL; to encode object level (programming) languages for which mechanized reasoning is likely to be practically useful; example is MIL-lite, a compiler intermediate language.
� ✁ � � ✆ ✂ � � APPSEM II, Nottingham, March 2003 4 The Talk Review how to implement object level syntax such as Q :: V i Q Q V i Q QPL ✁☎✄ in a logical framework, and the associated problems Motivate a system called H YBRID which addresses some of the problems Give a sketch of H YBRID Outline recent work
☎ ☛ ✄ ✟ ✟ ☛ ✁ ☞ ☛ ✌ ☞ � ✆ ✝ ✞ ☞ ✠✡ ☛ ☞ ☛ ✍ ✂ ☞ � ✠ ✡ ✡ ✄ ✂ ☛ ☞ ✡ ☎ ✄ ✆✝ � ☎ ✁ ✂ ✁ � ✟ ✁ ✞ � ✟ � APPSEM II, Nottingham, March 2003 5 How to Implement Object Logic Syntax Implement once and for all the λ -calculus Λ V i E :: c V i E E E Define once and for all substitution and α βη -equivalence. This gives a logical framework infrastructure – a metalanguage with binding To encode QPL specify constants expr and :: expr expr expr . One can define an encoding function :: expr expr , where def def Λ v i Q 1 Q 2 Q 1 Q 2 V i Q Q
✠ ✏ ☛ ✆ ✝ ✝ ✞ ✆ ☞✌ � ✍ ✎ ✑ ✟ ✏ ✝ ✒ ✏ ✆ ✝ ✝ ✞ ✆ ✠ ✡ ✁ ✞ � � � � ✄ ✠ ☎ � ✟ ✝ ✝ APPSEM II, Nottingham, March 2003 6 Advantage: Substitution (etc) defined once only Disadvantages: We cannot have a (Isabelle HOL) datatype expr :: expr exprexpr expr expr ✁ ✂✁ ✁ ✂✆ hence there is no principal of structural induction expr contains contains functions which are not expr in the image of , so the encoding is not adequate Λ x Λ z x u u z
� � � � � � � � APPSEM II, Nottingham, March 2003 7 Motivating H YBRID Desiderata: Represent syntax, HOAS style, up to αβη -equivalence; deploy principles of recursion & induction; utilize Isabelle HOL tactics. Key Ideas: Object level binders will be represented as Isabelle (HOL) meta-binders; this is achieved by a (hidden) translation into a de Bruijn datatype of λ -calculus terms; our approach is definitional thus consistent.
✞ ✆ � � ✆ ✝ ✁ �✁ ✆ ✆ ✂ ✁ ✂ �✁ � ✄ � ✁ ✆ ✁ ✂✠ ✆ ✁ ✁ ✆ ✁ ✟ � ✡ ✁ � � ✆ APPSEM II, Nottingham, March 2003 8 What H YBRID Provides System should provide a metalanguage (HOAS) Λ V i E :: c V i E E E H YBRID does provide e :: e 1 $$ e 2 c i v e H λ ✁ ☎✄ These terms can be converted to terms of type expr expr :: expr $$ expr con var bnd expr ✁ ☎✟ H λ is a hybrid of λ -calculus and de Bruijn notation
✝ ✄☎ ✞ ✆ ✞ ✞ ✆ ✆ ✞ � ✠ ✝ ✆ ✑ ✝ ✆ ✆ ✑ ✄☎ ✂ ✁ � ✠ ✝ ✆ � ✞ � ✆ ✝ APPSEM II, Nottingham, March 2003 9 How H YBRID Represents the λ -calculus H λ terms are definitions of H YBRID terms of type expr Roughly speaking we have implemented conversion functions DB H λ If user inputs where v 1 $$ v 0 v 1 v 0 v i e is binder syntax, Isabelle HOL converts it to a de Bruijn term ...
✠ ✡ ✂ ☞ ✑ ✁ ✞ ✆ ✞ ✆ ✟ ✞ ✞ ✞ ✟ ✂✠ ✠ ✠ ✠ ✠ ✠ � ✝ ✡ ✟ ✞ ✞ ✆ ✟ ✡ ✝ ✂ ☞ ✑ ✁ ✆ ✟ ✞ ✠ ✠ ✠ ✠ ✠ ✠ � ✆ ✆ ✡ ✞ ✟ ✠ ✠ ✠ � ✆ ✟ ✡ ✞ ✆ ✡ ✠ ✞ ✟ ✂✠ ✞ ✟ ✂ ✠ ✠ ✠ ✠ ✂ ✞ ✞ ✆ ✟ ✡ ✞ ✝ ✂ ☞ ✑ ✁ ✆ ✟ ✠ ✞ ✝ ✂ ☞ ✑ ✁ ✞ ✆ ✆ ✞ ✁ ☞ ✂ � ✆ ✟ ✡ ✞ ✝ ✂ ✑ ✁ ✁ ✠ ✝ ✆ ✞ ✞ ✝ ✆ ✞ ✁ ✂ ✞ ✄ � ✁ ✂ ✄☎ ✑ ✆ � ✝ ✁ ✂ ✄ ✁ ✁ ✝ ✂ ☞ ✑ ✁ ✝ ✁ ✆ ✆ ✠ ✠ ✄ ✂ ✁ ✁ ✆ ✞ ✠ ✠ ✠ ✝ � ✆ ✟ ✡ ✞ ✝ ✂ ☞ ✑ ✁ ✞ ✁ � ✂ ✆ ✄ ✁ ✠ ✞ ✁ ✝ ✞ APPSEM II, Nottingham, March 2003 which calls a function def The function v 1 λ v 1 0 0 v 0 λ v 1 λ v 1 v 1 $$ v 0 1 1 $$ λ v 1 : ξ : H λ λ v 0 v 1 v 1 $$ $$ 0 v 1 $$ v 0 DB calls a function 0 λ v 0 1 0 ξ 0 v 1 $$ v 0 λ v 1 0 , 10
� � � � � � APPSEM II, Nottingham, March 2003 11 What we have done Proved that the “constructors” of H λ are injective and have disjoint images on suitable subsets of their domains ... so H λ “is” a datatype and this leads to a consistent principle of structural induction. For the lazy λ -calculus we have automated proofs of determinacy and subject reduction by induction; divergence by coinduction; bisimulation is a congruence by coinduction.
� � � � � � APPSEM II, Nottingham, March 2003 12 For the higher order π -calculus H YBRID captures higher order quantification over processes – sometimes problematic in other settings; automated proof that reduction preserves well-formedness of processes. We have implemented a very general combinator for primitive recursion , consistent with HOAS. We have developed a presheaf topos model, which validates a family of recursion principles by realizing them as initial algebras. Started to apply these ideas to MIL-lite ...
Recommend
More recommend
