Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sparkle a functional theorem prover

Published byDana Cox Modified over 6 years ago

Similar presentations

Presentation on theme: "Sparkle a functional theorem prover"— Presentation transcript:

1 Sparkle a functional theorem prover
Maarten de Mol, Marko van Eekelen, Rinus Plasmeijer September 2001 University of Nijmegen

2 Overview Design goals: make it possible to formally reason about programs written in Clean Introduction to Sparkle: implementation characterization: specification language, logic, tactical language, user interface Towards the realization of design goals: feasibility of specification language proving styles (hint mechanism) Preliminary results and conclusions

3 Overview (1) Design goals: make it possible to formally reason about programs written in Clean Introduction to Sparkle: implementation characterization: specification language, logic, tactical language, user interface Towards the realization of design goals: feasibility of specification language proving styles (hint mechanism) Preliminary results and conclusions

4 Design goals (1) Make it possible to formally prove properties of programs written in Clean should be easier than with existing provers should be possible for both smaller programs (certificates) and larger programs (partial correctness) Make it possible for programmers to formally reason about Clean-programs: focus on proofs of small programs should be possible to do in short time should require little expertise

5 Design goals (2) IDE Integrate Sparkle in the Clean system:
code generator editor compiler IDE theorem prover linker profilers

6 Overview (2) Design goals: make it possible to formally reason about programs written in Clean Introduction to Sparkle: implementation characterization: specification language, logic, tactical language, user interface Towards the realization of design goals: feasibility of specification language proving styles (hint mechanism) Preliminary results and conclusions

7 Implementation of Sparkle
Programming language: Clean 1.3 (will be upgraded to 2.0) ‘Libraries’ used: Object I/O Library Clean 2.0 Compiler (frontend only) Size (counted in lines of source code): theorem prover:  compiler frontend:  Object I/O:  total: 

8 Specification of programs (1)
Specification language: Core-Clean subset of Clean 2.0 (and Haskell) basic functional programming language lazy evaluation, strictness, sharing, basic values … no syntactical sugar (functions; case; let) translation of Clean to Core-Clean is possible overloading is translated to dictionaries ZF/dotdot-expressions are translated to functions pattern matching is translated to case distinction local functions are translated to global functions ….

9 Specification of programs (2)
Reasoning takes place in Core-Clean richness of Clean makes it difficult to reason Translation of Clean to Core-Clean is performed by the compiler frontend of Clean 2.0 Compiler programming language (Clean) reasoning language (Core-Clean)

10 Specification of properties
Specification language: Core-Logic equalities on expressions logical connectives: not (), and (), or (), implies (), iff () logical quantors: universal () over propositions over arbitrary expressions existential ()

11 Semantics of Core-Logic
Semantics for = (operational, bisimilar): [| E = F |] = E  E’F  F’[E’  F’]  F  F’E  E’[F’  E’] Rules for  : (C x1…xn) is only smaller-equal than something of the form (C y1…yn) where x1  y1  …  xn  yn a basic value is only smaller-equal than itself _|_ is only smaller-equal than itself any other E is smaller-equal than anything else Semantics for other constructs: standard

12 Tactical language Tactics: Composition of tactics:
currently a total of 42 different tactics logic tactics: Introduce, Split, Witness, …. programming tactics: Induction, Reduce, SplitCase, …. similar to well-known theorem provers Composition of tactics: repeat compose (;)

13 User interface: proving styles
Three different ways of applying tactics: select from displayed list of tactics and manually choose arguments in the tactic dialog use the command prompt (keyboard only) select from suggestion list (hint mechanism) suggestions are based on the current goal suggestions are sorted by a probability score (hard-coded in Sparkle and based on personal experience with proving properties of functional programs) suggestions can be applied with a hot-key suggestions with a high enough probability score can be applied automatically

14 Overview (3) Design goals: make it possible to formally reason about programs written in Clean Introduction to Sparkle: implementation characterization: specification language, logic, tactical language, user interface Towards the realization of design goals: feasibility of specification language proving styles (hint mechanism) Preliminary results and conclusions

15 Realization of design goals
Similar programming and reasoning language: same semantics (and syntax) translation preserves program structure Specialized tactics Three different proving styles: hint mechanism: fast, no expertise needed prompt: powerful tactic dialogs: in between Sophisticated user interface

16 Overview (4) Design goals: make it possible to formally reason about programs written in Clean Introduction to Sparkle: implementation characterization: specification language, logic, tactical language, user interface Towards the realization of design goals: feasibility of specification language proving styles (hint mechanism) Preliminary results and conclusions

17 Preliminary results No final results available yet:
not tested on bigger examples yet Tested on 49 basic theorems: basic theorems on lists many inspired by ‘Introduction to Functional Programming’ (Bird) Proving effort: (biased) little expertise needed (except for basic values) little time needed (several hours for an expert) many can be proved automatically

18 Conclusions A working implementation is available.
Not tested enough for definite conclusions. Proving properties of smaller programs seems very easy using Sparkle: Usable by programmers: probably. Better than existing systems: yes. Proving properties of larger programs: to be done.

19 Examples of proved theorems
1. map f (xs++ys) = map f xs ++ map f ys 2. foldr (+) 0 = sum 3. ~(n = _|_) -> take n xs ++ drop n xs = xs 4. (map f) o reverse = reverse o (map f) 5. length (reverse xs) = length xs 6. infinite xs = False -> reverse (xs++ys) = reverse ys ++ reverse xs 7. n >= 0 -> m >= 0 -> (take m) o (drop n) = (drop n) o (take (m+n))

Download ppt "Sparkle a functional theorem prover"

Similar presentations

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Introduction A function is called higher-order if it takes a function as an argument or returns a function as a result. twice :: (a  a)  a  a twice.

Introduction A function is called higher-order if it takes a function as an argument or returns a function as a result. twice :: (a  a)  a  a twice.
Primitive Recursive Functions (Chapter 3)

Primitive Recursive Functions (Chapter 3)
1 Dependent Types for Termination Verification Hongwei Xi University of Cincinnati.

1 Dependent Types for Termination Verification Hongwei Xi University of Cincinnati.
Chapter 11 Proof by Induction. Induction and Recursion Two sides of the same coin.  Induction usually starts with small things, and then generalizes.

Chapter 11 Proof by Induction. Induction and Recursion Two sides of the same coin.  Induction usually starts with small things, and then generalizes.
Clean 2.0 Rinus Plasmeijer University of Nijmegenwww.cs.kun.nl/~clean At last…..

Clean 2.0 Rinus Plasmeijer University of Nijmegenwww.cs.kun.nl/~clean At last…..
VIDE als voortzetting van Cocktail SET Seminar 11 september 2008 Dr. ir. Michael Franssen.

VIDE als voortzetting van Cocktail SET Seminar 11 september 2008 Dr. ir. Michael Franssen.
ISBN 0-321-33025-0 Chapter 3 Describing Syntax and Semantics.

ISBN Chapter 3 Describing Syntax and Semantics.
1 Conditional XPath, the first order complete XPath dialect Maarten Marx Presented by: Einav Bar-Ner.

1 Conditional XPath, the first order complete XPath dialect Maarten Marx Presented by: Einav Bar-Ner.
1 Operational Semantics Mooly Sagiv Tel Aviv University 640-6706 Textbook: Semantics with Applications.

1 Operational Semantics Mooly Sagiv Tel Aviv University Textbook: Semantics with Applications.
0 PROGRAMMING IN HASKELL Chapter 7 - Higher-Order Functions.

0 PROGRAMMING IN HASKELL Chapter 7 - Higher-Order Functions.
Higher-Order Functions Koen Lindström Claessen. What is a “Higher Order” Function? A function which takes another function as a parameter. Examples map.

Higher-Order Functions Koen Lindström Claessen. What is a “Higher Order” Function? A function which takes another function as a parameter. Examples map.
Generic Haskell Where to start from. Issues Touched Language Ideas Tools Pitfalls.

Generic Haskell Where to start from. Issues Touched Language Ideas Tools Pitfalls.
true (any other value but zero) false (zero) expression Statement 2

true (any other value but zero) false (zero) expression Statement 2
0 PROGRAMMING IN HASKELL Chapter 6 - Recursive Functions Most of this should be review for you.

0 PROGRAMMING IN HASKELL Chapter 6 - Recursive Functions Most of this should be review for you.
0 PROGRAMMING IN HASKELL Chapter 6 - Recursive Functions.

0 PROGRAMMING IN HASKELL Chapter 6 - Recursive Functions.
Sparkle A theorem prover for the functional language Clean Maarten de Mol University of Nijmegen February 2002.

Sparkle A theorem prover for the functional language Clean Maarten de Mol University of Nijmegen February 2002.
After today Week 9 –Tu: Pat Rondon –Th: Ravi/Nathan Week 10 –Tu: Nathan/Ravi –Th: Class canceled Finals week –Th: Zach, John.

After today Week 9 –Tu: Pat Rondon –Th: Ravi/Nathan Week 10 –Tu: Nathan/Ravi –Th: Class canceled Finals week –Th: Zach, John.
Describing Syntax and Semantics

Describing Syntax and Semantics
Programming Language Semantics Denotational Semantics Chapter 5 Part III Based on a lecture by Martin Abadi.

Programming Language Semantics Denotational Semantics Chapter 5 Part III Based on a lecture by Martin Abadi.

Similar presentations

Ads by Google