Isabelle/HOL has recently acquired new versions of definitional packages for inductive datatypes and primitive recursive functions. In contrast to its predecessors and most other implementations, Isabelle/HOL datatypes may be mutually and indirect recursive, even infinitely branching. We also support inverted datatype definitions for characterizing existing types as being inductive ones later. All our constructions are fully definitional according to established HOL tradition. Stepping back from the logical details, we also see this work as a typical example of what could be called "Formal-Logic Engineering". We observe that building realistic theorem proving environments involves further issues rather than pure logic only. 1

Abstract not found

We present a formalization of the central parts of the Java Virtual Machine (JVM) with the theorem prover Isabelle/HOL. We formalize the class file format and give an operational semantics for a nontrivial subset of JVM instructions, covering the central parts of object oriented programming.

In this article we present Bali, the formalization of a large (hitherto sequential) sublanguage of Java. We give its abstract syntax, type system, well-formedness conditions, and an operational evaluation semantics. Based on these definitions, we can express soundness of the type system, an important design goal claimed to be reached by the designers of Java, and prove that Bali is indeed type-safe. All definitions and proofs have been done formally in the theorem prover Isabelle/HOL. Thus this article demonstrates that machine-checking the design of non-trivial programming languages has become a reality.

We introduce a simple functional language foetus (lambda calculus with tuples, constructors and pattern matching) supplied with a termination checker. This checker tries to find a well-founded structural order on the parameters on the given function to prove termination. The components of the check algorithm are: function call extraction out of the program text, call graph completion and finding a lexical order for the function parameters. The HTML version of this paper contains many ready-to-run Web-based examples.

The need to use partial functions arises frequently in formal descriptions of computer systems. However, most proof assistants are based on logics of total functions. One way to address this mismatch is to invent and mechanize a new logic. Another is to develop practical workarounds in existing settings. In this paper we take the latter course: we survey and compare methods used to support partiality in a mechanization of a higher order logic featuring only total functions. The techniques we discuss are generally applicable and are illustrated by relatively large examples. 1.

Functions specified by nested recursions are difficult to define and reason about. We present several ameliorative techniques that use deduction in a classical higher-order logic. First, we discuss how an apparent circular dependency between the proof of nested termination conditions and the definition of the specified function can be avoided. Second, we propose a method that allows the specified function to be defined in the absence of a termination relation. Finally, we show how our techniques extend to nested program schemes, where a termination relation cannot be found until schematic parameters have been filled in. In each of these techniques, suitable induction theorems are automatically derived.

Abstract not found

Abstract. The Accellera standards-promoting organisation has selected Sugar 2.0, IBM’s formal specification language, as a standard that it says will drive assertion-based verification. Sugar 2.0 combines aspects of Interval Temporal Logic (ITL), Linear Temporal Logic (LTL) and Computation Tree Logic (CTL) into a property language suitable for both formal verification and use with simulation test benchs. As industrial strength languages go it is remarkably elegant, consisting of a small kernel conservatively extended by numerous definitions. We are constructing a semantic embedding of Sugar 2.0 in the version of higher order logic supported by the HOL system. To ‘sanity check ’ the semantics we tried to prove some simple properties and as a result a few bugs were discovered. Further analysis may well reveal more. We are contemplating a variety of applications of the mechanised semantics, including the exploitation of existing work to build a Sugar model checker inside HOL. In the longer term we want to investigate the use

This tutorial describes the use of the new function package, which provides general recursive function definitions for Isabelle/HOL. We start with very simple examples and then gradually move on to more advanced topics such as manual termination proofs, nested recursion, partiality, tail recursion and congruence rules. 1