verifying type class laws with equational reasoning
play

Verifying Type Class Laws with Equational Reasoning A description - PowerPoint PPT Presentation

Sep 23, 2023 •201 likes •652 views

Verifying Type Class Laws with Equational Reasoning A description by example Lukas Hofmaier lukas.hofmaier@hsr.ch June 12, 2015 Progam Analysis and Transformation Seminar FS15 Outline Motivation Equational Reasoning Referential Transparency

  1. Verifying Type Class Laws with Equational Reasoning A description by example Lukas Hofmaier lukas.hofmaier@hsr.ch June 12, 2015 Progam Analysis and Transformation Seminar FS15

  2. Outline Motivation Equational Reasoning Referential Transparency Reasoning about algebraic properties Reasoning about programs Type Classes Example Proof for a Monoid Law

  3. Why I’m interested in the topic? An often touted property of pure functional languages is referential transparency.

  4. What is referential transparency? Computation yields the same value each time it is invoked y = f x g = h y y We can replace the definition of g with g = h (f x) (f x) and get the same result.

  5. What is equational reasoning? Equational reasoning is a method originally used in algebra. It’s the process of proving a given property by substituting equal expressions. ( x + a )( x + b ) = x 2 + ( a + b ) x + ab 0 Example taken from Graham Hutton, Programming in Haskell

  6. What is equational reasoning? Equational reasoning is a method originally used in algebra. It’s the process of proving a given property by substituting equal expressions. ( x + a )( x + b ) = x 2 + ( a + b ) x + ab ( x + a )( x + b ) = x 2 + ax + xb + ab (use distributivity) 0 Example taken from Graham Hutton, Programming in Haskell

  7. What is equational reasoning? Equational reasoning is a method originally used in algebra. It’s the process of proving a given property by substituting equal expressions. ( x + a )( x + b ) = x 2 + ( a + b ) x + ab ( x + a )( x + b ) = x 2 + ax + xb + ab (use distributivity) x 2 + ax + xb + ab = x 2 + ax + bx + ab (use commutativity) 0 Example taken from Graham Hutton, Programming in Haskell

  8. What is equational reasoning? Equational reasoning is a method originally used in algebra. It’s the process of proving a given property by substituting equal expressions. ( x + a )( x + b ) = x 2 + ( a + b ) x + ab ( x + a )( x + b ) = x 2 + ax + xb + ab (use distributivity) x 2 + ax + xb + ab = x 2 + ax + bx + ab (use commutativity) x 2 + ax + bx + ab = x 2 + ( a + b ) x + ab (use distributivity) 0 Example taken from Graham Hutton, Programming in Haskell

  9. Reasoning about programs We can reason the same way about programs. For instance, we want to verify the following property. length [x] = 1 Given the function definition of length . length [] = 0 length (x:xs) = 1 + length xs

  10. Reasoning about programs Definitions length [] = 0 length (x:xs) = 1 + length xs Step-by-step substitution Begin from the left-hand side length [x] and try to get to the right-hand side 1 by substituting equals-for-equals. length [x] -- [x] is the same as x:[]

  11. Reasoning about programs Definitions length [] = 0 length (x:xs) = 1 + length xs Step-by-step substitution Begin from the left-hand side length [x] and try to get to the right-hand side 1 by substituting equals-for-equals. length [x] -- [x] is the same as x:[] = length (x:[]) -- apply definition

  12. Reasoning about programs Definitions length [] = 0 length (x:xs) = 1 + length xs Step-by-step substitution Begin from the left-hand side length [x] and try to get to the right-hand side 1 by substituting equals-for-equals. length [x] -- [x] is the same as x:[] = length (x:[]) -- apply definition = 1 + length [] -- apply definition

  13. Reasoning about programs Definitions length [] = 0 length (x:xs) = 1 + length xs Step-by-step substitution Begin from the left-hand side length [x] and try to get to the right-hand side 1 by substituting equals-for-equals. length [x] -- [x] is the same as x:[] = length (x:[]) -- apply definition = 1 + length [] -- apply definition = 1 + 0 -- 1 + 0 = 1 = 1

  14. Type Classes Type classes ◮ Describes the behavior of a type. ◮ Type class is a construct that supports overloaded functions and ad hoc polymorphism ◮ An overloaded function uses different function definitions depending on the types of the arguments ◮ constrains the type variable in the type signature declaration t . t has to be a member of Show . Example showlist :: Show t => [t] -> String showlist [] = "" showlist (x:xs) = show x ++ showlist xs

  15. Relation of type classes, types and values * 1 * * type type class value

  16. Type class laws ◮ Type classes exhibit type class laws ◮ Laws ensures expected behavior (e.g. associativity) ◮ The Haskell compiler does not enforce type class laws. ◮ We can use laws to apply equational reasoning

  17. Relation of type classes with equational reasoning

  18. Example Proof for a Monoid Law Suppose we want to build a plugin system Plugin A plugin in our example is an IO action that takes a Char value and does some work with it (e.g. log to a file) It has type Char -> IO () . Usage main = do c <- getChar logto c

  19. Requirements Composability composedPlugin :: Char -> IO () composedPlugin = logto ‘mappend‘ print2stdout -- mappend :: Plugin -> Plugin -> Plugin Both arguments are of type Char -> IO () . The return value is also of type Char -> IO () . Associativity The order of evaluation must not matter. composed1 = logto ‘mappend‘ (print2stdout ‘mappend‘ donothing) composed2 = (logto ‘mappend‘ print2stdout) ‘mappend‘ donothing

  20. Monoids to the rescue There is a type class for this behavior. ◮ A monoid is when you have an associative binary function and a value which acts as an identity. Types which behave like monoids can be part of the type class Monoid . For example list [] under concatenation is a Monoid . ◮ The monoid laws state that mappend must be associative. ◮ If mappend satisfies the monoid laws then we are able to add plugins without concerning about the order of evaluation.

  21. Example Proof for a Monoid Law Instance implementation Members of the type class Monoid have to implement the functions mempty and mappend . instance (Applicative f, Monoid a) => Monoid (f a) where mempty = pure mempty mappend = liftA2 mappend Left identity law The left identity law states that mempty has to behave like the identity element with respect to mappend . mappend mempty x = x

  22. Proof of the monoid laws mappend mempty x -- apply def. mappend Example from www.haskellforall.com

  23. Proof of the monoid laws mappend mempty x -- apply def. mappend = liftA2 mappend mempty x -- apply def. mempty Example from www.haskellforall.com

  24. Proof of the monoid laws mappend mempty x -- apply def. mappend = liftA2 mappend mempty x -- apply def. mempty = liftA2 mappend (pure mempty) x -- apply def. of liftA2 Example from www.haskellforall.com

  25. Proof of the monoid laws mappend mempty x -- apply def. mappend = liftA2 mappend mempty x -- apply def. mempty = liftA2 mappend (pure mempty) x -- apply def. of liftA2 = (pure mappend <*> pure mempty) <*> x Example from www.haskellforall.com

  26. Proof of the monoid laws Applicative type class instances satisfy the following laws: ◮ pure f <*> pure x = pure (f x) ◮ pure id <*> x = x We can use this property to substitute the left-hand side. (pure mappend <*> pure mempty) <*> x

  27. Proof of the monoid laws Applicative type class instances satisfy the following laws: ◮ pure f <*> pure x = pure (f x) ◮ pure id <*> x = x We can use this property to substitute the left-hand side. (pure mappend <*> pure mempty) <*> x = pure (mappend mempty) <*> x -- transform to lambda

  28. Proof of the monoid laws Applicative type class instances satisfy the following laws: ◮ pure f <*> pure x = pure (f x) ◮ pure id <*> x = x We can use this property to substitute the left-hand side. (pure mappend <*> pure mempty) <*> x = pure (mappend mempty) <*> x -- transform to lambda = pure (\a -> mappend mempty a) <*> x -- 1. monoid law

  29. Proof of the monoid laws Applicative type class instances satisfy the following laws: ◮ pure f <*> pure x = pure (f x) ◮ pure id <*> x = x We can use this property to substitute the left-hand side. (pure mappend <*> pure mempty) <*> x = pure (mappend mempty) <*> x -- transform to lambda = pure (\a -> mappend mempty a) <*> x -- 1. monoid law = pure (\a -> a) <*> x -- a -> a = id

  30. Proof of the monoid laws Applicative type class instances satisfy the following laws: ◮ pure f <*> pure x = pure (f x) ◮ pure id <*> x = x We can use this property to substitute the left-hand side. (pure mappend <*> pure mempty) <*> x = pure (mappend mempty) <*> x -- transform to lambda = pure (\a -> mappend mempty a) <*> x -- 1. monoid law = pure (\a -> a) <*> x -- a -> a = id = pure id <*> x -- applicative law = x

  31. Conclusion ◮ Referential transparency makes it possible to conduct equational reasoning ◮ The process of proving a property is cumbersome and difficult ◮ Equational reasoning provides certainty that a program has particular properties.

  32. For Further Reading Graham Hutton, Programming in Haskell, Cambridge University Press, 2007. Gabriel Gonzales, Equational reasoning at scale, http://www.haskellforall.com .

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Fast Equational Reasoning with W ALDMEISTER Thomas Hillenbrand Max-Planck-Institut f ur

Fast Equational Reasoning with W ALDMEISTER Thomas Hillenbrand Max-Planck-Institut f ur

Fast Equational Reasoning with W ALDMEISTER Thomas Hillenbrand Max-Planck-Institut f ur Informatik Saarbr ucken Th. Hillenbrand FAST EQUATIONAL REASONING p.1 Aim of this Talk RTA organizers: ... would be nice to show how a

1.02k views • 67 slides
mdmax at School Learning Selection in Equational Reasoning Sarah Winkler University of

mdmax at School Learning Selection in Equational Reasoning Sarah Winkler University of

mdmax at School Learning Selection in Equational Reasoning Sarah Winkler University of Innsbruck 4th Conference on Artificial Intelligence and Theorem Proving 10 April 2019 1 Equational Theorem Proving 0 + x x ( x ) + x 0 x + (

761 views • 58 slides
Provably Correct Development of Reconfigurable Hardware Designs via Equational Reasoning Ian

Provably Correct Development of Reconfigurable Hardware Designs via Equational Reasoning Ian

Provably Correct Development of Reconfigurable Hardware Designs via Equational Reasoning Ian Graves, Adam Procter, Bill Harrison &amp; Gerard Allwein FPT 2015 Introduction Provably Correct Development, Bird-Wadler Style Reference

397 views • 24 slides
Verifying Automated Reasoning Results Marijn J.H. Heule http://www.cs.cmu.edu/~mheule/15816-f19/

Verifying Automated Reasoning Results Marijn J.H. Heule http://www.cs.cmu.edu/~mheule/15816-f19/

Verifying Automated Reasoning Results Marijn J.H. Heule http://www.cs.cmu.edu/~mheule/15816-f19/ https://github.com/marijnheule/proof-demo Automated Reasoning and Satisfiability, October 10, 2019 1 / 53 Outline Introduction Proof Checking

825 views • 80 slides
Equational Reasoning with Applicative Functors Andreas Lochbihler Joshua Schneider Institute of

Equational Reasoning with Applicative Functors Andreas Lochbihler Joshua Schneider Institute of

Equational Reasoning with Applicative Functors Andreas Lochbihler Joshua Schneider Institute of Information Security Equational Reasoning with Applicative Functors Andreas Lochbihler Joshua Schneider Institute of Information Security model

461 views • 35 slides
Objectives State Describe the property of referential transparency . Dr. Mattox Beckman

Objectives State Describe the property of referential transparency . Dr. Mattox Beckman

-- well, mostly Objectives Equational Reasoning References Objectives Equational Reasoning References Objectives State Describe the property of referential transparency . Dr. Mattox Beckman Explain how stateful computations

359 views • 3 slides
State Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department of Computer

State Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department of Computer

Objectives Equational Reasoning References State Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department of Computer Science Objectives Equational Reasoning References Objectives Describe the property of referential

558 views • 11 slides
Central Problems of Equational Reasoning 22.06.2010 Theory 1 - Foundation of Programming

Central Problems of Equational Reasoning 22.06.2010 Theory 1 - Foundation of Programming

15 Foundation of Programming Languages and Software Engineering: The Word Problem The Word Problem Summer Term 2010 Robert Elssser Robert Elssser Central Problems of Equational Reasoning 22.06.2010 Theory 1 - Foundation of Programming

873 views • 24 slides
Reasoning and Derivation of Monadic Programs Shin-Cheng Mu Tom Schrijvers Koen Pauwels Content

Reasoning and Derivation of Monadic Programs Shin-Cheng Mu Tom Schrijvers Koen Pauwels Content

Reasoning and Derivation of Monadic Programs Shin-Cheng Mu Tom Schrijvers Koen Pauwels Content Equational reasoning Reasoning with monads Goal of the paper Our contribution (a + b) * (a - b) [distr: forall x y z. x * (y + z) =

493 views • 25 slides
verifying SHA using VST Freek Wiedijk last paper in the reading list of Type Theory &amp; Coq

verifying SHA using VST Freek Wiedijk last paper in the reading list of Type Theory &amp; Coq

verifying SHA using VST Freek Wiedijk last paper in the reading list of Type Theory &amp; Coq 20152016 Radboud University Nijmegen June 16, 2016 0 SHA and VST SHA = Secure Hash Algorithm VST = Verified Software

740 views • 69 slides
Conditionals: between language and reasoning Class 1 - Introduction

Conditionals: between language and reasoning Class 1 - Introduction

Conditionals: between language and reasoning Class 1 - Introduction www.ivanociardelli.altervista.org/conditionals2019 ivano.ciardelli@lrz.uni-muenchen.de Class: Tuesday at 12.15 Please ask questions at any time! Class: Tuesday at

719 views • 58 slides
Verifying Object Construction How to use the builder pattern with the type safety of constructors

Verifying Object Construction How to use the builder pattern with the type safety of constructors

Verifying Object Construction How to use the builder pattern with the type safety of constructors Martin Kellogg a , Manli Ran b , Manu Sridharan b , Martin Schf c , Michael D. Ernst a,c a University of Washington b University of California,

849 views • 55 slides
3/14/16 Review Class/Object Type Class Keyword class class Point

3/14/16 Review Class/Object Type Class Keyword class class Point

3/14/16 Review Class/Object Type Class Keyword class class Point { // Fields int x; Object Declares a new type int y; color c; Data fields ( class variables)

318 views • 3 slides
Bayesian Reasoning Todays Class Probability theory Posteriors and priors What is

Bayesian Reasoning Todays Class Probability theory Posteriors and priors What is

Bookkeeping Probabilistic Reasoning HW 2 Due 10/3, 11:59pm AI Class 9 (Ch. 13) Blackboard assignment open Friday Important : understand the math in Chapter 13 thoroughly Underpins future work Also basically all of modern AI A

560 views • 6 slides
Automated Reasoning Model Checking with SPIN (II) Alan Bundy Automated Reasoning SPIN (II)

Automated Reasoning Model Checking with SPIN (II) Alan Bundy Automated Reasoning SPIN (II)

Automated Reasoning Model Checking with SPIN (II) Alan Bundy Automated Reasoning SPIN (II) page 1 Verifying Global Properties Assertions can be used to verify a property locally locally For example, place assert(MemReturned) at the

441 views • 25 slides
Equational Logic. Part 1 Roland Backhouse February 6th, 2001 2 Outline The Logical

Equational Logic. Part 1 Roland Backhouse February 6th, 2001 2 Outline The Logical

1 Equational Logic. Part 1 Roland Backhouse February 6th, 2001 2 Outline The Logical Connectives. Properties of Equality. Properties of Equivalence. Negation 3 Logical Connectives Proofs involve two components: Reasoning

523 views • 27 slides
Chapter Seven 1 1998 Morgan Kaufmann Publishers Memories: Review SRAM: value is

Chapter Seven 1 1998 Morgan Kaufmann Publishers Memories: Review SRAM: value is

Chapter Seven 1 1998 Morgan Kaufmann Publishers Memories: Review SRAM: value is stored on a pair of inverting gates very fast but takes up more space than DRAM (4 to 6 transistors) DRAM: value is stored as a charge on

821 views • 36 slides
Confederation of African Football (CAF) Senior Official linked to another marketing rights scandal

Confederation of African Football (CAF) Senior Official linked to another marketing rights scandal

Confederation of African Football (CAF) Senior Official linked to another marketing rights scandal CAF President Isaa Hayatou and Secretary General Hicham el Amrani held accountable for breach of Egyptian Competition Law (ECL) Criminal

663 views • 3 slides
Presentation on Mary Rutter Towle Delivered by Lisa Zornberg, Chief of the Criminal Division,

Presentation on Mary Rutter Towle Delivered by Lisa Zornberg, Chief of the Criminal Division,

Presentation on Mary Rutter Towle Delivered by Lisa Zornberg, Chief of the Criminal Division, to the United States Attorneys Office for the Southern District of New York on March 20, 2018. In honor of Mary Rutter Towles contributions to

651 views • 16 slides
EVERTON SHAREHOLDERS ASSOCIATION ANNUAL GENERAL MEETING Goodison Park, 19 th August 2016

EVERTON SHAREHOLDERS ASSOCIATION ANNUAL GENERAL MEETING Goodison Park, 19 th August 2016

EVERTON SHAREHOLDERS ASSOCIATION ANNUAL GENERAL MEETING Goodison Park, 19 th August 2016 Agenda Approve Minutes of 2015 AGM Receive and Consider Executive Committee Report of 2015 Receive and Approve the audited Balance Sheet and

383 views • 21 slides
Solution of Algebraic Equations by Using Autonomous Computational Methods Andrew Pownuk 1 , Jose

Solution of Algebraic Equations by Using Autonomous Computational Methods Andrew Pownuk 1 , Jose

Solution of Algebraic Equations by Using Autonomous Computational Methods Andrew Pownuk 1 , Jose Gonzalez 2 1 Department of Mathematical Sciences, University of Texas at El Paso, El Paso, Texas, ampownuk@utep.edu 2 Undergraduate Student at the

634 views • 37 slides
performant category-theory library in Coq Jason Gross, Adam Chlipala, David I. Spivak

performant category-theory library in Coq Jason Gross, Adam Chlipala, David I. Spivak

Experience implementing a performant category-theory library in Coq Jason Gross, Adam Chlipala, David I. Spivak Massachusetts Institute of Technology How should theorem provers work? 2 How theorem provers should work: 1 = 0 1 = 0 No;

1.56k views • 87 slides
Specifying and Analysing Networks of Processes in CSP T (or In Search of Associativity) Paul

Specifying and Analysing Networks of Processes in CSP T (or In Search of Associativity) Paul

Specifying and Analysing Networks of Processes in CSP T (or In Search of Associativity) Paul Howells Mark dInverno University of Westminster Goldsmiths, University of London Communicating Process Architectures (CPA 2013) Outline of Talk

750 views • 20 slides
MATHEMATICAL THINKING A guest lecture by Mr. Chase Is mathematics invented or discovered?

MATHEMATICAL THINKING A guest lecture by Mr. Chase Is mathematics invented or discovered?

MATHEMATICAL THINKING A guest lecture by Mr. Chase Is mathematics invented or discovered? Aristotle Plato Is mathematics invented or discovered? Options: Poll! 1. Invented 2. Discovered 3. Unresolvable 4. I dont know Newton and

341 views • 18 slides

More recommend