Results 1 
9 of
9
Foundational, Compositional (Co)datatypes for HigherOrder Logic  Category Theory Applied to Theorem Proving
"... Higherorder logic (HOL) forms the basis of several popular interactive theorem provers. These follow the definitional approach, reducing highlevel specifications to logical primitives. This also applies to the support for datatype definitions. However, the internal datatype construction used in H ..."
Abstract

Cited by 8 (4 self)
 Add to MetaCart
Higherorder logic (HOL) forms the basis of several popular interactive theorem provers. These follow the definitional approach, reducing highlevel specifications to logical primitives. This also applies to the support for datatype definitions. However, the internal datatype construction used in HOL4, HOL Light, and Isabelle/HOL is fundamentally noncompositional, limiting its efficiency and flexibility, and it does not cater for codatatypes. We present a fully modular framework for constructing (co)datatypes in HOL, with support for mixed mutual and nested (co)recursion. Mixed (co)recursion enables type definitions involving both datatypes and codatatypes, such as the type of finitely branching trees of possibly infinite depth. Our framework draws heavily from category theory. The key notion is that of a rich type constructor—a functor satisfying specific properties preserved by interesting categorical operations. Our ideas are formalized in Isabelle and implemented as a new definitional package, answering a longstanding user request.
Formalizing Domains, Ultrametric Spaces and Semantics of Programming Languages
 UNDER CONSIDERATION FOR PUBLICATION IN MATH. STRUCT. IN COMP. SCIENCE
, 2010
"... We describe a Coq formalization of constructive ωcpos, ultrametric spaces and ultrametricenriched categories, up to and including the inverselimit construction of solutions to mixedvariance recursive equations in both categories enriched over ωcppos and categories enriched over ultrametric spac ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
We describe a Coq formalization of constructive ωcpos, ultrametric spaces and ultrametricenriched categories, up to and including the inverselimit construction of solutions to mixedvariance recursive equations in both categories enriched over ωcppos and categories enriched over ultrametric spaces. We show how these mathematical structures may be used in formalizing semantics for three representative programming languages. Specifically, we give operational and denotational semantics for both a simplytyped CBV language with recursion and an untyped CBV language, establishing soundness and adequacy results in each case, and then use a Kripke logical relation over a recursivelydefined metric space of worlds to give an interpretation of types over a stepcounting operational semantics for a language with recursive types and general references.
Formal verification of monad transformers
 In ICFP’12
, 2012
"... We present techniques for reasoning about constructor classes that (like the monad class) fix polymorphic operations and assert polymorphic axioms. We do not require a logic with firstclass type constructors, firstclass polymorphism, or type quantification; instead, we rely on a domaintheoretic m ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
We present techniques for reasoning about constructor classes that (like the monad class) fix polymorphic operations and assert polymorphic axioms. We do not require a logic with firstclass type constructors, firstclass polymorphism, or type quantification; instead, we rely on a domaintheoretic model of the type system in a universal domain to provide these features. These ideas are implemented in the Tycon library for the Isabelle theorem prover, which builds on the HOLCF library of domain theory. The Tycon library provides various axiomatic type constructor classes, including functors and monads. It also provides automation for instantiating those classes, and for defining further subclasses. We use the Tycon library to formalize three Haskell monad transformers: the error transformer, the writer transformer, and the resumption transformer. The error and writer transformers do not universally preserve the monad laws; however, we establish datatype invariants for each, showing that they are valid monads when viewed as abstract datatypes.
Recursive definitions of monadic functions
 In Proc. of PAR 2010
, 2010
"... Using standard domaintheoretic fixedpoints, we present an approach for defining recursive functions that are formulated in monadic style. The method works both in the simple option monad and the stateexception monad of Isabelle/HOL’s imperative programming extension, which results in a convenient ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Using standard domaintheoretic fixedpoints, we present an approach for defining recursive functions that are formulated in monadic style. The method works both in the simple option monad and the stateexception monad of Isabelle/HOL’s imperative programming extension, which results in a convenient definition principle for imperative programs, which were previously hard to define. For such monadic functions, the recursion equation can always be derived without preconditions, even if the function is partial. The construction is easy to automate, and convenient induction principles can be derived automatically. 1
HOLCF ’11: A Definitional Domain Theory for Verifying Functional Programs
, 2012
"... HOLCF is an interactive theorem proving system that uses the mathematics of domain theory to reason about programs written in functional programming languages. This thesis introduces HOLCF ’11, a thoroughly revised and extended version of HOLCF that advances the state of the art in program verificat ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
HOLCF is an interactive theorem proving system that uses the mathematics of domain theory to reason about programs written in functional programming languages. This thesis introduces HOLCF ’11, a thoroughly revised and extended version of HOLCF that advances the state of the art in program verification: HOLCF ’11 can reason about many program definitions that are beyond the scope of other formal proof tools, while providing a high degree of proof automation. The soundness of the system is ensured by adhering to a definitional approach: New constants and types are defined in terms of previous concepts, without introducing new axioms. Major features of HOLCF ’11 include two highlevel definition packages: the Fixrec package for defining recursive functions, and the Domain package for defining recursive datatypes. Each of these uses the domaintheoretic concept of least fixed points to translate usersupplied recursive specifications into safe lowlevel definitions. Together, these tools make it easy for users to translate a wide variety of functional programs into the formalism of HOLCF. Theorems generated by the tools also make it easy for users to reason about their programs, with a very high level of confidence in the soundness of the results. As a case study, we present a fully mechanized verification of a model of concurrency based on powerdomains. The formalization depends on many features unique to HOLCF ’11, and is the first verification of such a model in a formal proof tool. ii ACKNOWLEDGMENTS I would like to thank my advisor, John Matthews, for having continued to devote so much time to working with me, even as a parttime professor; and for motivating me to keep studying domain theory (and enjoying it!) these past years. iii
Witnessing (Co)datatypes
"... Abstract. Datatypes and codatatypes are very useful for specifying and reasoning about (possibly infinite) computational processes. The interactive theorem prover Isabelle/HOL has been extended with a definitional package that supports both. Here we describe a complete procedure for deriving nonempt ..."
Abstract
 Add to MetaCart
Abstract. Datatypes and codatatypes are very useful for specifying and reasoning about (possibly infinite) computational processes. The interactive theorem prover Isabelle/HOL has been extended with a definitional package that supports both. Here we describe a complete procedure for deriving nonemptiness witnesses in the general mutually recursive, nested case—nonemptiness being a proviso for introducing new types in higherorder logic. The nonemptiness problem also provides an illuminating case study that shows the package in action, tracing its journey from abstract category theory to handson functionality. 1
Coinductive Pearl: Modular FirstOrder Logic Completeness
"... Codatatypes are regrettably absent from many programming languages and proof assistants. We make a case for their usefulness by revisiting a classic result: the completeness theorem for firstorder logic established through a Gentzen system. Codatatypes help capture the essence of the proof, which e ..."
Abstract
 Add to MetaCart
Codatatypes are regrettably absent from many programming languages and proof assistants. We make a case for their usefulness by revisiting a classic result: the completeness theorem for firstorder logic established through a Gentzen system. Codatatypes help capture the essence of the proof, which establishes an abstract property of derivation trees independently of the concrete syntax or inference rules. This separation of concerns simplifies the presentation, especially for readers acquainted with lazy data structures. The proof is formalized in Isabelle/HOL and demonstrates the recently introduced definitional package for codatatypes and its integration with Isabelle’s Haskell code generator.
Witnessing (Co)datatypes
"... Datatypes and codatatypes are useful for specifying and reasoning about (possibly infinite) computational processes. The interactive theorem prover Isabelle/HOL has recently been extended with a definitional package that supports both. Here we describe a complete procedure for deriving nonemptiness ..."
Abstract
 Add to MetaCart
Datatypes and codatatypes are useful for specifying and reasoning about (possibly infinite) computational processes. The interactive theorem prover Isabelle/HOL has recently been extended with a definitional package that supports both. Here we describe a complete procedure for deriving nonemptiness witnesses in the general mutually recursive, nested case—nonemptiness being a proviso for introducing new types in higherorder logic. The nonemptiness problem also provides an illuminating case study that shows the package in action, tracing its journey from abstract category theory to handson functionality.
Contents
, 2013
"... We apply Andy Pitts’s methods of defining relations over domains to several classical results in the literature. We show that the Y combinator coincides with the domaintheoretic fixpoint operator, that parallelor and the Plotkin existential are not definable in PCF, that the continuation semantics ..."
Abstract
 Add to MetaCart
We apply Andy Pitts’s methods of defining relations over domains to several classical results in the literature. We show that the Y combinator coincides with the domaintheoretic fixpoint operator, that parallelor and the Plotkin existential are not definable in PCF, that the continuation semantics for PCF coincides with the direct semantics, and that our domaintheoretic semantics for PCF is adequate for reasoning about contextual equivalence in an operational semantics. Our version of PCF is untyped and has both strict and nonstrict function abstractions. The development is carried out in HOLCF.