Presentation is loading. Please wait.

Presentation is loading. Please wait.

Generic Programming and Proving for Programming Language Metatheory

Published byCarol Rich Modified over 7 years ago

Similar presentations

Presentation on theme: "Generic Programming and Proving for Programming Language Metatheory"— Presentation transcript:

1 Generic Programming and Proving for Programming Language Metatheory
Adam Chlipala WMM 2007

2 POPLmark 1A Solutions Using Coq
(from Aydemir/Chargueraud/Pierce/Pollack/Weirich 2007)

3 The Realm of the Obvious
What's Wrong? The Realm of the Obvious (basic facts about variables, typing judgments, etc.) Your Proof Everyone at POPL believes these lemmas without even needing to see them stated formally.... The Interesting Part

4 Substitution operation,
What We Really Want Substitution operation, weakening lemma, permutation lemma, .... Language syntax and type system Metatheory Wizard

5 But Isn't That Twelf?

6 Substitution operation,
Write It in OCaml? You really don't want to write a code generator this complicated in ML. Substitution operation, weakening lemma, permutation lemma, .... Language syntax and type system Metatheory Wizard

7 Write It with Dependent Types?
Once you satisfy the type checker, you know your “wizard” is sound! We can do this in Coq itself! Substitution operation, weakening lemma, permutation lemma, .... Language syntax and type system Metatheory Wizard

8 Generic Programming with Universes in Type Theory
Altenkirch and McBride with Oleg Pfeifer and Rueß with Lego Benke et al. with Agda

9 Universes Universe Type Class C of Types Implementations of Generic
(A type that can be used to represent the types in C) Class C of Types Injection function (written in the same type theory!) Inverse Injection Function (implemented outside the type theory) Generic Function F (written in the same type theory!) Types Guarantee Compatibility! Implementations of Generic Function F for Class C In past work, implemented for: Simple inductive types Polymorphic inductive types Indexed dependent type families ....

10 Universes for ASTs (* De Bruijn indices *) type dbvar = int
(* Untyped lambda calculus terms *) type term = | Const of int | Var of dbvar | App of term * term | Lam of term (* Universe for AST constructors *) type constructor = { vars : int; (* How many variables? *) terms : int list; (* How many new binders around each subterm? *) data : Type; (* What other arguments? *) } (* Universe for AST languages *) type language = constructor list [const; var; app; lam] const = {vars = 0; terms = []; data = int } var = {vars = 1; terms = []; data = unit} app = {vars = 0; terms = [0; 0]; data = unit} lam = {vars = 0; terms = [1]; data = unit}

11 Evidence What is the type of evidence that would convince us that con is really a constructor of term? type term = | Const of int | Var of dbvar | App of term * term | Lam of term (* What do we need to know about a constructor? *) let constructor_evidence (con : constructor) (term : Type) : Type = repeat dbvar con.vars -> type_map (fun _ -> term) con.terms -> con.data -> term (* What do we need to know about an AST language? *) let language_evidence (lang : language) (term : Type) : Type = type_map (fun con -> constructor_evidence con term) lang (const_in, (var_in, (app_in, (lam_in, ())))) const_in = fun _ _ n -> Const n var_in = fun (v, ()) _ _ -> Var v app_in = fun _ (e1, (e2, ())) _ -> App (e1, e2) lam_in = fun _ (e, ()) _ -> Lam e lam_in : constructor_evidence lam term term_rep : language_evidence lang term let rec repeat (t : Type) (n : int) : Type = match n with | 0 -> unit | _ -> t * repeat t (n - 1) let rec type_map (f : 'a -> Type) (ls : 'a list) : Type = match ls with | [] -> unit | h :: t -> f h * type_map f t

12 The recursive value on each subterm...
Reflecting Recursion let term_rec _ (const, (var, (app, (lam, ())))) = let rec f = function | Const n -> const () () n | Var x -> var (x, ()) () () | App (e1, e2) -> app () ((e1, f e1), ((e2, f e2), ())) () | Lam e -> app () ((e, f e), ()) () in f type term = | Const of int | Var of dbvar | App of term * term | Lam of term (* Build the type of one branch of a recursive definition. *) let branch (con : constructor) (term : Type) (result : Type) : Type = repeat dbvar con.vars -> type_map (fun _ -> term * result) con.terms -> con.data -> result (* Build the type of a recursor for an AST language. *) let recursor_of_language (lang : language) (term : Type) : Type = forall result : Type. type_map (fun con -> branch con term result) lang -> (term -> result) let rec f : term -> result = function | Const n -> (* type = branch const term result *) | Var x -> (* type = branch var term result *) | App (e1, e2) -> (* type = branch app term result *) | Lam e -> (* type = branch lam term result *) The recursive value on each subterm...

13 Reflecting Recursion type term = | Const of int | Var of dbvar
| App of term * term | Lam of term (* What do we need to know about an AST language? *) let language_evidence (lang : language) (term : Type) : Type = type_map (fun con -> constructor_evidence con term) lang * recursor_of_language lang term term_rep : language_evidence lang term = (const_in, (var_in, (app_in, (lam_in, ())))), term_rec

14 A Generic Lift Function
Loop over the constructors' evidence packages, using each to produce a pattern matching branch.... A Generic Lift Function let lift'_var (min : int) (x : dbvar) : dbvar = if x >= min then x + 1 else x (* Helper function that lifts within a range of De Bruijn indices *) let lift' (lang : language) (term : Type) ((builders, recurse) : language_evidence lang term) : int -> term -> term = recurse term (type_remap (fun (con : constructor) (build : constructor_evidence con term) -> fun vars terms data (min : int) -> build (repeat_map (lift'_var min) vars) (type_remap (fun binders (_, call) -> call (min + binders)) terms) data) (* Increment De Bruijn index of every free variable. *) let lift (lang : language) (term : Type) (ev : language_evidence lang term) : term -> term = lift' lang term ev 0 Use each subterm's recursive function with min incremented by the number of new binders.... Tweak every variable's index.... Keep the same uninterpreted data.... let rec type_remap (f : 'a -> Type) (ls : 'a list) (f' : 'a -> Type) (trans : forall 'a. f 'a -> f' 'a) (vs : type_map f ls) : type_map f' ls = match ls with | [] -> () | h :: t -> let (x, rest) = vs in (trans x, type_remap f t f' trans rest) let rec repeat_map (t : Type) (n : int) (f : t -> 'a) (vs : repeat t n) : repeat 'a n = match n with | 0 -> () | _ -> let (x, rest) = vs in (f x, repeat_map t (n-1) f rest)

15 Generic Proofs We have generic lift.
lift e = e with every free variable's De Bruijn index incremented Assume we also have generic subst: subst x e1 e2 = e2 with e1 substituted for free variable x Theorem subst_lift_commute : 8 e1 e2. lift (subst 0 e1 e2) = subst 1 (lift e1) (lift e2) Proof shouldn't depend in any deep way on specific language! We can prove this generically if we force language evidence to include proofs of a theorem like this: recursor branches (c vars terms data) = branches.c vars (map (fun term -> (term, recursor branches term)) terms) data

16 Dependently-Typed ASTs
Prove theorems like this generically: term_denote (lift e) (x, ¾) = term_denote e ¾ type ty = | Int | Arrow of ty * ty type (¡, ¿) var = ... (* Type of a variable of type ¿ found within ¡ *) type (¡, ¿) term = | Const : forall ¡. (¡, Int) term | Var : forall ¡ ¿. (¡, ¿) var -> (¡, ¿) term | App : forall ¡ ¿1 ¿2. (¡, Arrow (¿1, ¿2)) term -> (¡, ¿1) term -> (¡, ¿2) term | Lam : forall ¡ ¿1 ¿2. (¿1 :: ¡, ¿2) term -> (¡, Arrow (¿1, ¿2)) term let ty_denote : ty -> Type = ... (* Denotational semantics of types *) let subst_denote : ty list -> Type = type_map ty_denote (* Denotational semantics of contexts *) let term_denote : forall ¡ ¿. term ¡ ¿ -> subst_denote ¡ -> ty_denote ¿ = ... (* Denotational semantics of terms *)

17 Implemented in Lambda Tamer System
Used in the construction of a certified type-preserving compiler from lambda calculus to assembly language [PLDI07] Flagship example: A certified CPS transformation for simply-typed lambda calculus in 250 LoC

18 Code and documentation on the web at:
Summary Write generic functions that operate on AST universes. [entirely inside the type theory] Write generic proofs about those functions. [entirely inside the type theory] Then reflect individual language definitions into the AST universe type. [outside the type theory] Construct evidence that your reflection is sound. [outside the type theory] Start using the generic functions and theorems! [entirely inside the type theory] Code and documentation on the web at:

Download ppt "Generic Programming and Proving for Programming Language Metatheory"

Similar presentations

Transposing F to C Transposing F to C Andrew Kennedy & Don Syme Microsoft Research Cambridge, U.K.

Transposing F to C Transposing F to C Andrew Kennedy & Don Syme Microsoft Research Cambridge, U.K.
Types and Programming Languages Lecture 4 Simon Gay Department of Computing Science University of Glasgow 2006/07.

Types and Programming Languages Lecture 4 Simon Gay Department of Computing Science University of Glasgow 2006/07.
Types and Programming Languages Lecture 7 Simon Gay Department of Computing Science University of Glasgow 2006/07.

Types and Programming Languages Lecture 7 Simon Gay Department of Computing Science University of Glasgow 2006/07.
Type Inference David Walker COS 320. Criticisms of Typed Languages Types overly constrain functions & data polymorphism makes typed constructs useful.

Type Inference David Walker COS 320. Criticisms of Typed Languages Types overly constrain functions & data polymorphism makes typed constructs useful.
Closures & Environments CS153: Compilers Greg Morrisett.

Closures & Environments CS153: Compilers Greg Morrisett.
Type Checking, Inference, & Elaboration CS153: Compilers Greg Morrisett.

Type Checking, Inference, & Elaboration CS153: Compilers Greg Morrisett.
COS 441 Exam Stuff David Walker. TAL 2 Logistics take-home exam will become available on the course web site Jan 15-18 write down when you download &

COS 441 Exam Stuff David Walker. TAL 2 Logistics take-home exam will become available on the course web site Jan write down when you download &
Certified Typechecking in Foundational Certified Code Systems Susmit Sarkar Carnegie Mellon University.

Certified Typechecking in Foundational Certified Code Systems Susmit Sarkar Carnegie Mellon University.
Proofs and Programs Wei Hu 11/01/2007. Outline  Motivation  Theory  Lambda calculus  Curry-Howard Isomorphism  Dependent types  Practice  Coq Wei.

Proofs and Programs Wei Hu 11/01/2007. Outline  Motivation  Theory  Lambda calculus  Curry-Howard Isomorphism  Dependent types  Practice  Coq Wei.
1 How to transform an analyzer into a verifier. 2 OUTLINE OF THE LECTURE a verification technique which combines abstract interpretation and Park’s fixpoint.

1 How to transform an analyzer into a verifier. 2 OUTLINE OF THE LECTURE a verification technique which combines abstract interpretation and Park’s fixpoint.
March 4, 2005Susmit Sarkar 1 A Cost-Effective Foundational Certified Code System Susmit Sarkar Thesis Proposal.

March 4, 2005Susmit Sarkar 1 A Cost-Effective Foundational Certified Code System Susmit Sarkar Thesis Proposal.
1 Dependent Types for Termination Verification Hongwei Xi University of Cincinnati.

1 Dependent Types for Termination Verification Hongwei Xi University of Cincinnati.
Semantics Syntax Lunch: Strongly-typed term representations in Coq Andrew Kennedy Microsoft Research Cambridge TexPoint fonts used in EMF. Read the TexPoint.

Semantics Syntax Lunch: Strongly-typed term representations in Coq Andrew Kennedy Microsoft Research Cambridge TexPoint fonts used in EMF. Read the TexPoint.
Distributed Meta- Programming Rui Shi, Chiyan Chen and Hongwei Xi Boston University.

Distributed Meta- Programming Rui Shi, Chiyan Chen and Hongwei Xi Boston University.
A Type System for Well-Founded Recursion Derek Dreyer Carnegie Mellon University POPL 2004 Venice, Italy.

A Type System for Well-Founded Recursion Derek Dreyer Carnegie Mellon University POPL 2004 Venice, Italy.
1 Meta-Programming through Typeful Code Representation Chiyan Chen and Hongwei Xi Boston University.

1 Meta-Programming through Typeful Code Representation Chiyan Chen and Hongwei Xi Boston University.
Parametric Polymorphism COS 441 Princeton University Fall 2004.

Parametric Polymorphism COS 441 Princeton University Fall 2004.
Twelf: The Quintessential Proof Assistant for Language Metatheory Karl Crary Carnegie Mellon University Joint work with Robert Harper and Michael Ashley-Rollman.

Twelf: The Quintessential Proof Assistant for Language Metatheory Karl Crary Carnegie Mellon University Joint work with Robert Harper and Michael Ashley-Rollman.
POPLmark 1A in Cinic Evan Austin, Aaron Stump, and Edwin Westbrook 1.

POPLmark 1A in Cinic Evan Austin, Aaron Stump, and Edwin Westbrook 1.
Catriel Beeri Pls/Winter 2004/5 inductive-revisited 1 Inductive definitions revisited  Generated and Freely generated sets oPattern match, unification.

Catriel Beeri Pls/Winter 2004/5 inductive-revisited 1 Inductive definitions revisited  Generated and Freely generated sets oPattern match, unification.

Similar presentations

Ads by Google