We propose the use of explicit proof plans to guide the search for a proof in automatic theorem proving. By representing proof plans as the specifications of LCF-like tactics, [Gordon et al 79], and by recording these specifications in a sorted meta-logic, we are able to reason about the conjectures to be proved and the methods available to prove them. In this way we can build proof plans of wide generality, formally account for and predict their successes and failures, apply them flexibly, recover from their failures, and learn them from example proofs. We illustrate this technique by building a proof plan based on a simple subset of the implicit proof plan embedded in the Boyer-Moore theorem prover, [Boyer & Moore 79]. Keywords Proof plans, inductive proofs, theorem proving, automatic programming, formal methods, planning. Acknowledgements I am grateful for many long conversations with other members of the mathematical reasoning group, from which many of the ideas in this paper e...

Explanation-Based Learning (EBL) is a widely-used technique for acquiring searchcontrol knowledge. Recently, Prieditis, van Harmelen, and Bundy pointed to the similarity between Partial Evaluation (PE) and EBL. However, EBL utilizes training examples whereas PE does not. It is natural to inquire, therefore, whether PE can be used to acquire searchcontrol knowledge, and if so at what cost? This paper answers these questions by means of a case study comparing prodigy/ebl, a state-of-the-art EBL system, and static, a PEbased analyzer of problem-space definitions. When tested in prodigy/ebl's benchmark problem spaces, static generated search-control knowledge that was up to three times as effective as the knowledge learned by prodigy/ebl, and did so from twenty-six to seventyseven times faster. The paper describes static's algorithms, compares its performance to prodigy/ebl's, noting when static's superior performance will scale up and when it will not. The paper concludes with several le...

Program transformation is a means to formally develop efficient programs from lucid specifications. A representative sample of the diverse range of program transformation research is classified into several different approaches based upon the motivations for and styles of constructing such formal developments. Individual techniques for supporting construction of developments are also surveyed, and are related to the various approaches.

Abstract not found

This paper describes a formal approach to domain-oriented software design environments, based on declarative domain theories, formal specifications, and deductive program synthesis. A declarative domain theory defines the semantics of a domain-oriented specification language and its relationship to implementation-level subroutines. Formal specification development and reuse is made accessible to users through an intuitive graphical interface that guides them in creating diagrams denoting formal specifications. Deductive program synthesis ensures that specifications are correctly implemented. This approach has been implemented in AMPHION, a generic KBSE system that targets scientific subroutine libraries. AMPHION has been applied to the domain of solar system kinematics. AMPHION enables space scientists to develop, modify, and reuse specifications an order of magnitude more rapidly than manual program development. Program synthesis is efficient and completely automatic.

Computer programs may be regarded as formal mathematical objects whose properties are subject to mathematical proof. Program verification is the use of formal, mathematical techniques to debug software and software specifications. 1. Code Verification How are the properties of computer programs proved? We discuss three approaches in this article: inductive invariants, functional semantics, and explicit semantics. Because the first approach has received by far the most attention, it has produced the most impressive results to date. However, the field is now moving away from the inductive invariant approach. 1.1. Inductive Assertions The so-called Floyd-Hoare inductive assertion method of program verification [25, 33] has its roots in the classic Goldstine and von Neumann reports [53] and handles the usual kind of programming language, of which FORTRAN is perhaps the best example. In this style of verification, the specifier "annotates " certain points in the program with mathematical assertions that are supposed to describe relations that hold between the program variables and the initial input values each time "control " reaches the annotated point. Among these assertions are some that characterize acceptable input and the desired output. By exploring all possible paths from one assertion to the next and analyzing the effects of intervening program statements it is possible to reduce the correctness of the program to the problem of proving certain derived formulas called verification conditions. Below we illustrate the idea with a simple program for computing the factorial of its integer input N flowchart assertion start with input(N) input N A: = 1 N = 0 yes stop with? answer A

We describe a novel technique for the automatic synthesis of tail-recursive programs. The technique is to specify the required program using the standard equations and then synthesise the tail-recursive program using the proofs as programs technique. This requires the specification to be proved realisable in a constructive logic. Restrictions on the form of the proof ensure that the synthesised program is tail-recursive. The

Wadler's deforestation algorithm eliminates intermediate data structures from functional programs. To be suitable for inclusion in a compiler, it must terminate on all programs. Several techniques to ensure termination of deforestation on all first-order programs are known, but a technique for higher-order programs was only recently introduced by Hamilton, and elaborated and implemented in the Glasgow Haskell compiler by Marlow. We introduce a new technique for ensuring termination of deforestation on all higher-order programs that allows useful transformation steps prohibited in Hamilton's and Marlowe's techniques. 1 Introduction Lazy, higher-order, functional programming languages lend themselves to a certain style of programming which uses intermediate data structures [28]. Example 1 Consider the following program. letrec a = x; y:case x of [] ! y (h : t) ! h : a t y in u; v; w: a (a u v) w The term u; v; w:a (a u v) w appends the three lists u, v, and w. Appending u and v ...

. Deforestation is a transformation of functional programs to remove intermediate data structures. It is based on outermost unfolding of function calls where folding occurs when unfolding takes place within the same nested function call. Since unrestricted unfolding may encounter arbitrarily many terms, a termination analysis has to determine those subterms where unfolding is possibly dangerous. We show that such an analysis can be obtained from a control flow analysis by an extension with integer constraints -- essentially at no loss in efficiency. 1 Introduction The key idea of flow analysis for functional languages is to define an abstract meaning in terms of program points , i.e., subexpressions of the program possibly evaluated during program execution [Pa95]. Such analysises have been invented for tasks like type recovery [Sh91], binding time analysis [Co93], or safety analysis [PS95]. Conceptually, these are closely related to A. Deutsch's store--based alias analysis [D...

Tupling is a transformation tactic to obtain new functions, without redundant calls and/or multiple traversals of common inputs. It achieves this feat by allowing each set (tuple) of function calls to be computed recursively from its previous set. In previous works by Chin and Khoo [8, 9], a safe (terminating) fold/unfold transformation algorithm was developed for some classes of functions which are guaranteed to be successfully tupled. However, these classes of functions currently use static-sized tables for eliminating the redundant calls. As shown by Richard Bird in [3], there are also other classes of programs whose redundant calls could only be eliminated by using dynamic-sized tabulation. This paper proposes a new solution to dynamic-sized tabulation by an extension to the tupling tactic. Our extension uses lambda abstractions which can be viewed as either dynamic-sized tables or applications of the higher-order generalisation technique to facilitate tupling. Significant speedups could be obtained after the transformed programs were vectorised, as confirmed by experiment.