Results 1 
7 of
7
Ynot: Dependent types for imperative programs
 In Proceedings of ICFP 2008
, 2008
"... We describe an axiomatic extension to the Coq proof assistant, that supports writing, reasoning about, and extracting higherorder, dependentlytyped programs with sideeffects. Coq already includes a powerful functional language that supports dependent types, but that language is limited to pure, t ..."
Abstract

Cited by 36 (10 self)
 Add to MetaCart
We describe an axiomatic extension to the Coq proof assistant, that supports writing, reasoning about, and extracting higherorder, dependentlytyped programs with sideeffects. Coq already includes a powerful functional language that supports dependent types, but that language is limited to pure, total functions. The key contribution of our extension, which we call Ynot, is the added support for computations that may have effects such as nontermination, accessing a mutable store, and throwing/catching exceptions. The axioms of Ynot form a small trusted computing base which has been formally justified in our previous work on Hoare Type Theory (HTT). We show how these axioms can be combined with the powerful type and abstraction mechanisms of Coq to build higherlevel reasoning mechanisms which in turn can be used to build realistic, verified software components. To substantiate this claim, we describe here a representative series of modules that implement imperative finite maps, including support for a higherorder (effectful) iterator. The implementations range from simple (e.g., association lists) to complex (e.g., hash tables) but share a common interface which abstracts the implementation details and ensures that the modules properly implement the finite map abstraction.
Ynot: Reasoning with the awkward squad
 In ACM SIGPLAN International Conference on Functional Programming
, 2008
"... We describe an axiomatic extension to the Coq proof assistant, that supports writing, reasoning about, and extracting higherorder, dependentlytyped programs with sideeffects. Coq already includes a powerful functional language that supports dependent types, but that language is limited to pure, t ..."
Abstract

Cited by 16 (0 self)
 Add to MetaCart
We describe an axiomatic extension to the Coq proof assistant, that supports writing, reasoning about, and extracting higherorder, dependentlytyped programs with sideeffects. Coq already includes a powerful functional language that supports dependent types, but that language is limited to pure, total functions. The key contribution of our extension, which we call Ynot, is the added support for computations that may have effects such as nontermination, accessing a mutable store, and throwing/catching exceptions. The axioms of Ynot form a small trusted computing base which has been formally justified in our previous work on Hoare Type Theory (HTT). We show how these axioms can be combined with the powerful type and abstraction mechanisms of Coq to build higherlevel reasoning mechanisms which in turn can be used to build realistic, verified software components. To substantiate this claim, we describe here a representative series of modules that implement imperative finite maps, including support for a higherorder (effectful) iterator. The implementations range from simple (e.g., association lists) to complex (e.g., hash tables) but share a common interface which abstracts the implementation details and ensures that the modules properly implement the finite map abstraction.
Extraction in Coq: An overview
 In CiE ’08, volume 5028 of Lecture
"... Abstract. The extraction mechanism of Coq allows one to transform Coq proofs and functions into functional programs. We illustrate the behavior of this tool by reviewing several variants of Coq de nitions for Euclidean division, as well as some more advanced examples. We then continue with a more ge ..."
Abstract

Cited by 7 (0 self)
 Add to MetaCart
Abstract. The extraction mechanism of Coq allows one to transform Coq proofs and functions into functional programs. We illustrate the behavior of this tool by reviewing several variants of Coq de nitions for Euclidean division, as well as some more advanced examples. We then continue with a more general description of this tool: key features, main examples, strengths, limitations and perspectives. hal00338973, version 1 14 Nov 2008 1
TRX: A formally verified parser interpreter
 LOGICAL METHODS IN COMPUTER SCIENCE 7(2
, 2011
"... Parsing is an important problem in computer science and yet surprisingly little attention has been devoted to its formal verification. In this paper, we present TRX: a parser interpreter formally developed in the proof assistant Coq, capable of producing formally correct parsers. We are using parsi ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
Parsing is an important problem in computer science and yet surprisingly little attention has been devoted to its formal verification. In this paper, we present TRX: a parser interpreter formally developed in the proof assistant Coq, capable of producing formally correct parsers. We are using parsing expression grammars (PEGs), a formalism essentially representing recursive descent parsing, which we consider an attractive alternative to contextfree grammars (CFGs). From this formalization we can extract a parser for an arbitrary PEG grammar with the warranty of total correctness, i.e., the resulting parser is terminating and correct with respect to its grammar and the semantics of PEGs; both properties formally proven in Coq.
Implicit and noncomputational arguments using monads
, 2005
"... Abstract. We provide a monadic view on implicit and noncomputational arguments. This allows us to treat Berger’s noncomputational quantifiers in the Coqsystem. We use Tait’s normalization proof and the concatenation of vectors as case studies for the extraction of programs. With little effort one ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
Abstract. We provide a monadic view on implicit and noncomputational arguments. This allows us to treat Berger’s noncomputational quantifiers in the Coqsystem. We use Tait’s normalization proof and the concatenation of vectors as case studies for the extraction of programs. With little effort one can eliminate noncomputational arguments from extracted programs. One thus obtains extracted code that is not only closer to the intended one, but also decreases both the running time and the memory usage dramatically. We also study the connection between Harrop formulas, lax modal logic and the Coq type theory.
Tool Support for Proof Engineering
"... Modern integrated development environments (IDEs) provide programmers with a variety of sophisticated tools for program visualization and manipulation. These tools assist the programmer in understanding legacy code and making coordinated changes across large parts of a program. Similar tools incorpo ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
Modern integrated development environments (IDEs) provide programmers with a variety of sophisticated tools for program visualization and manipulation. These tools assist the programmer in understanding legacy code and making coordinated changes across large parts of a program. Similar tools incorporated into an integrated proof environment (IPE) would assist proof developers in understanding and manipulating the increasingly larger proofs that are being developed. In this paper we propose some tools and techniques developed for software engineering that we believe would be equally applicable in proof engineering.
Case Studies in Model Manipulation for Scientific Computing
, 2008
"... The same methodology is used to develop 3 different applications. We begin by using a very expressive, appropriate Domain Specific Language, to write down precise problem definitions, using their most natural formulation. Once defined, the problems form an implicit definition of a unique solution. ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
The same methodology is used to develop 3 different applications. We begin by using a very expressive, appropriate Domain Specific Language, to write down precise problem definitions, using their most natural formulation. Once defined, the problems form an implicit definition of a unique solution. From the problem statement, our model, we use mathematical transformations to make the problem simpler to solve computationally. We call this crucial step “model manipulation.” With the model rephrased in more computational terms, we can also derive various quantities directly from this model, which greatly simplify traditional numeric solutions, our eventual goal. From all this data, we then use standard code generation and code transformation techniques to generate lowerlevel code to perform the final numerical steps. This methodology is very flexible, generates faster code, and generates code that would have been all but impossible for a human programmer to get correct.