Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sparkle A theorem prover for the functional language Clean Maarten de Mol University of Nijmegen February 2002.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Sparkle A theorem prover for the functional language Clean Maarten de Mol University of Nijmegen February 2002."— Presentation transcript:

1 Sparkle A theorem prover for the functional language Clean Maarten de Mol University of Nijmegen February 2002

2 22-02-2002Proof Tools Day 20022 / 18 Introduction Sparkle: Yet Another Theorem Prover: Design goals. Why build a new theorem prover? Short description of Sparkle: Specification language (Clean). Logic and semantics. Tactic language. Support for building proofs. User interface. Current status.

3 22-02-2002Proof Tools Day 20023 / 18 Design goals Basic idea: integrate theorem prover with a programming language. Use theorem prover to annotate written programs with useful properties. Goal: enhance programs. Intended users: mainly programmers. “Program” and “Prove”: same person. Proving is side activity. Important: small proofs should be easy.

4 22-02-2002Proof Tools Day 20024 / 18 Why own theorem prover? Integration with Clean: Reason on source code level:  Semantics.  Syntax.  Project structure. Store properties and proofs in programs. Link theorem prover to existing tools, such as editor. Distribute with Clean.

5 22-02-2002Proof Tools Day 20025 / 18 Specification language Clean: Functional programming language.  Referential transparency allows equational reasoning. Developed at University of Nijmegen. Very similar to Haskell. Some concepts:  Higher-order, curried and partial functions.  Lazy evaluation.  User-defined strict evaluation.  Sharing / Overloading / Comprehensions / Uniqueness.

6 22-02-2002Proof Tools Day 20026 / 18 Example program map :: (a  b) [a]  [b] map f [x:xs]= [f x : map f xs] map f []= [] increase :: [Int]  [Int] increase list= map (+ 1) list

7 22-02-2002Proof Tools Day 20027 / 18 Partial functions If in a program the expression “hd []” is evaluated, the program will terminate immediately (and an error message will be shown). hd :: [a]  a hd [x:xs]= x

8 22-02-2002Proof Tools Day 20028 / 18 Lazy evaluation Only parts of expressions that are really needed will actually be built. Allows for infinite intermediate results: Nothing wrong with using “hd (nats 7)”. The evaluation of “last (nats 7)” will either ‘hang’ a program or halt it with an error message (out of resources). nats :: Int  [Int] nats n= [n: nats (n+1)]

9 22-02-2002Proof Tools Day 20029 / 18 Strictness annotations Strictness annotations: argument must be reduced before function is entered. Only changes reduction order. May change termination properties. hd :: ![a]  a hd [x:xs]= x K :: !a b  a K x y= y

10 22-02-2002Proof Tools Day 200210 / 18 Logic First-order propositional logic: Basic units: True, False, e 1 = e 2, x. Operators: , , , , . Quantors: , . No predicates allowed. Quantification allowed over: Expressions of arbitrary type. Propositions.

11 22-02-2002Proof Tools Day 200211 / 18 Semantics (1) Total semantics: The constant expression  is used to represent error values. Reduction may have  as result:  The erronous application of a partial function leads to . hd [] reduces to   Error values propagate stepwise to the outermost level: (hd []) + 7 reduces to  + 7 reduces to .

12 22-02-2002Proof Tools Day 200212 / 18 Semantics (2) Semantics of equality: Based on reduction, but not dependent on reduction strategy. Based on observations:  The observation of an expression is obtained by replacing all its redexes by . e 1 = e 2 is true iff:  for all (e 1 reduces to r 1 )  there exists (e 2 reduces to r 2 )  such that r 1 and r 2 are observationally equal  (and vice-versa)

13 22-02-2002Proof Tools Day 200213 / 18 Semantics (3) Properties of equality: Copes with finite equalities. Copes with infinite equalities. Copes with infinite reductions (equal to  ). Semantics of quantors: All expressions of valid type may be substituted, including:  ‘infinite’ expressions.  the error value .

14 22-02-2002Proof Tools Day 200214 / 18 Semantics: examples xs ++ (ys ++ zs) = (xs ++ ys) ++ zs True for all values of xs, ys and zs, including all finite values, all infinite values and . reverse (reverse xs) = xs True for all finite values of xs. True for xs = . Not true for any infinite values of xs. xs = ones  last xs = 1 (ones = [1:ones]) True for all values of xs, except: Not true for xs = ones!!

15 22-02-2002Proof Tools Day 200215 / 18 Tactics Standard, borrowed from logic and other theorem provers: Intros; Split; Apply; Rewrite; … Special for Clean: Induction. Reduce; SplitCase; Case; ChooseCase; … Only 42 in total; no high-level automated tactics available.

16 22-02-2002Proof Tools Day 200216 / 18 Proving support Command prompt. Tactic list (prove by clicking). Hint mechanism: Sparkle automatically searches for applicable tactics. A score is assigned to each hint. Hints are displayed and can be applied:  Manually.  Automatically (with threshold).

17 22-02-2002Proof Tools Day 200217 / 18 Current status Alpha-version, but fully operational. Released in Clean distribution: http://www.cs.kun.nl/~clean Tested on examples found in the book “Introduction to Functional Programming”: Promising results:  Proofs were easily made in Sparkle.  Many proofs were found automatically by Sparkle. Not tested yet by programmers. Not tested yet on larger examples. Largest program: 8Queens

18 22-02-2002Proof Tools Day 200218 / 18 Future plans Development on Sparkle continues. User interface. Tactical language. Hint mechanism. Enhance integration with Clean: Allow properties to be specified in programs. Allow proofs to be stored in programs. Prove the (partial) correctness of a large application written in Clean. Scalability?

Download ppt "Sparkle A theorem prover for the functional language Clean Maarten de Mol University of Nijmegen February 2002."

Similar presentations

Technologies for finding errors in object-oriented software K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 1 Summer school on Formal Models.

Technologies for finding errors in object-oriented software K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 1 Summer school on Formal Models.
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Functional Programming Lecture 13 - induction on lists.

Functional Programming Lecture 13 - induction on lists.
Introduction to Compilation of Functional Languages Wanhe Zhang Computing and Software Department McMaster University 16 th, March, 2004.

Introduction to Compilation of Functional Languages Wanhe Zhang Computing and Software Department McMaster University 16 th, March, 2004.
Semantics Static semantics Dynamic semantics attribute grammars

Semantics Static semantics Dynamic semantics attribute grammars
11.1 11. Computational Models The exam. Models of computation. –The Turing machine. –The Von Neumann machine. –The calculus. –The predicate calculus. Turing.

Computational Models The exam. Models of computation. –The Turing machine. –The Von Neumann machine. –The calculus. –The predicate calculus. Turing.
Copyright 2003-04, Doron Peled and Cesare Tinelli. These notes are based on a set of lecture notes originally developed by Doron Peled at the University.

Copyright , Doron Peled and Cesare Tinelli. These notes are based on a set of lecture notes originally developed by Doron Peled at the University.
© M. Winter COSC 4P41 – Functional Programming 10. 1 Testing vs Proving Testing –uses a set of “typical” examples, –symbolic testing, –may find errors,

© M. Winter COSC 4P41 – Functional Programming Testing vs Proving Testing –uses a set of “typical” examples, –symbolic testing, –may find errors,
8. Introduction to Denotational Semantics. © O. Nierstrasz PS — Denotational Semantics 8.2 Roadmap Overview:  Syntax and Semantics  Semantics of Expressions.

8. Introduction to Denotational Semantics. © O. Nierstrasz PS — Denotational Semantics 8.2 Roadmap Overview:  Syntax and Semantics  Semantics of Expressions.
Formal Semantics of Programming Languages 虞慧群 Topic 5: Axiomatic Semantics.

Formal Semantics of Programming Languages 虞慧群 Topic 5: Axiomatic Semantics.
Chapter 11 Proof by Induction. Induction and Recursion Two sides of the same coin.  Induction usually starts with small things, and then generalizes.

Chapter 11 Proof by Induction. Induction and Recursion Two sides of the same coin.  Induction usually starts with small things, and then generalizes.
MP IP Strategy 2005-06-22 Stateye-GUI Provided by Edotronik Munich, May 05, 2006.

MP IP Strategy Stateye-GUI Provided by Edotronik Munich, May 05, 2006.
VIDE als voortzetting van Cocktail SET Seminar 11 september 2008 Dr. ir. Michael Franssen.

VIDE als voortzetting van Cocktail SET Seminar 11 september 2008 Dr. ir. Michael Franssen.
ISBN 0-321-33025-0 Chapter 3 Describing Syntax and Semantics.

ISBN Chapter 3 Describing Syntax and Semantics.
CSE 425: Logic Programming I Logic and Programs Most programs use Boolean expressions over data Logic statements can express program semantics –I.e., axiomatic.

CSE 425: Logic Programming I Logic and Programs Most programs use Boolean expressions over data Logic statements can express program semantics –I.e., axiomatic.
0 PROGRAMMING IN HASKELL Chapter 7 - Higher-Order Functions.

0 PROGRAMMING IN HASKELL Chapter 7 - Higher-Order Functions.
0 PROGRAMMING IN HASKELL Chapter 6 - Recursive Functions Most of this should be review for you.

0 PROGRAMMING IN HASKELL Chapter 6 - Recursive Functions Most of this should be review for you.
0 PROGRAMMING IN HASKELL Chapter 6 - Recursive Functions.

0 PROGRAMMING IN HASKELL Chapter 6 - Recursive Functions.
Some administrative stuff Class mailing list: –send to with the command “subscribe”

Some administrative stuff Class mailing list: –send to with the command “subscribe”
Copyright © 2006 The McGraw-Hill Companies, Inc. Programming Languages 2nd edition Tucker and Noonan Chapter 18 Program Correctness To treat programming.

Copyright © 2006 The McGraw-Hill Companies, Inc. Programming Languages 2nd edition Tucker and Noonan Chapter 18 Program Correctness To treat programming.

Similar presentations

Ads by Google