Results 1  10
of
15
Fast and Loose Reasoning is Morally Correct
, 2006
"... Functional programmers often reason about programs as if they were written in a total language, expecting the results to carry over to nontotal (partial) languages. We justify such reasoning. ..."
Abstract

Cited by 28 (1 self)
 Add to MetaCart
Functional programmers often reason about programs as if they were written in a total language, expecting the results to carry over to nontotal (partial) languages. We justify such reasoning.
Proof Methods for Corecursive Programs
 Fundamenta Informaticae Special Issue on Program Transformation
, 1999
"... This article is a tutorial on four methods for proving properties of corecursive programs: fixpoint induction, the approximation lemma, coinduction, and fusion. ..."
Abstract

Cited by 23 (8 self)
 Add to MetaCart
This article is a tutorial on four methods for proving properties of corecursive programs: fixpoint induction, the approximation lemma, coinduction, and fusion.
Value Recursion in Monadic Computations
 OGI School of Science and Engineering, OHSU
, 2002
"... viii 1 ..."
(Show Context)
Proof Methods for Structured Corecursive Programs
, 1999
"... Corecursive programs produce values of greatest fixpoint types, in contrast to recursive programs, which consume values of least fixpoint types. There are a number of widely used methods for proving properties of corecursive programs, including fixpoint induction, the take lemma, and coinduction. Ho ..."
Abstract

Cited by 10 (3 self)
 Add to MetaCart
(Show Context)
Corecursive programs produce values of greatest fixpoint types, in contrast to recursive programs, which consume values of least fixpoint types. There are a number of widely used methods for proving properties of corecursive programs, including fixpoint induction, the take lemma, and coinduction. However, these methods are all rather lowlevel, in the sense that they do not exploit the common structure that is often present in corecursive definitions. We argue for a more structured approach to proving properties of corecursive programs. In particular, we show that by writing corecursive programs using an operator called unfold that encapsulates a common pattern of corecursive de nition, we can then use highlevel algebraic properties of this operator to conduct proofs in a purely calculational style that avoids the use of either induction or coinduction.
Chasing bottoms: A case study in program verification in the presence of partial and infinite values
 In MPC 2004, volume 3125 of LNCS
, 2004
"... Abstract. This work is a case study in program verification: We have written a simple parser and a corresponding prettyprinter in a nonstrict functional programming language with lifted pairs and functions (Haskell). A natural aim is to prove that the programs are, in some sense, each other’s inver ..."
Abstract

Cited by 9 (2 self)
 Add to MetaCart
(Show Context)
Abstract. This work is a case study in program verification: We have written a simple parser and a corresponding prettyprinter in a nonstrict functional programming language with lifted pairs and functions (Haskell). A natural aim is to prove that the programs are, in some sense, each other’s inverses. The presence of partial and infinite values in the domains makes this exercise interesting, and having lifted types adds an extra spice to the task. We have tackled the problem in different ways, and this is a report on the merits of those approaches. More specifically, we first describe a method for testing properties of programs in the presence of partial and infinite values. By testing before proving we avoid wasting time trying to prove statements that are not valid. Then we prove that the programs we have written are in fact (more or less) inverses using first fixpoint induction and then the approximation lemma. 1
Algebras, Coalgebras, Monads and Comonads
, 2001
"... Whilst the relationship between initial algebras and monads is wellunderstood, the relationship between nal coalgebras and comonads is less well explored. This paper shows that the problem is more subtle and that final coalgebras can just as easily form monads as comonads and dually, that initial a ..."
Abstract

Cited by 7 (3 self)
 Add to MetaCart
Whilst the relationship between initial algebras and monads is wellunderstood, the relationship between nal coalgebras and comonads is less well explored. This paper shows that the problem is more subtle and that final coalgebras can just as easily form monads as comonads and dually, that initial algebras form both monads and comonads. In developing these theories we strive to provide them with an associated notion of syntax. In the case of initial algebras and monads this corresponds to the standard notion of algebraic theories consisting of signatures and equations: models of such algebraic theories are precisely the algebras of the representing monad. We attempt to emulate this result for the coalgebraic case by defining a notion cosignature and coequation and then proving the models of this syntax are precisely the coalgebras of the representing comonad.
HOLCF ’11: A Definitional Domain Theory for Verifying Functional Programs
, 2012
"... HOLCF is an interactive theorem proving system that uses the mathematics of domain theory to reason about programs written in functional programming languages. This thesis introduces HOLCF ’11, a thoroughly revised and extended version of HOLCF that advances the state of the art in program verificat ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
HOLCF is an interactive theorem proving system that uses the mathematics of domain theory to reason about programs written in functional programming languages. This thesis introduces HOLCF ’11, a thoroughly revised and extended version of HOLCF that advances the state of the art in program verification: HOLCF ’11 can reason about many program definitions that are beyond the scope of other formal proof tools, while providing a high degree of proof automation. The soundness of the system is ensured by adhering to a definitional approach: New constants and types are defined in terms of previous concepts, without introducing new axioms. Major features of HOLCF ’11 include two highlevel definition packages: the Fixrec package for defining recursive functions, and the Domain package for defining recursive datatypes. Each of these uses the domaintheoretic concept of least fixed points to translate usersupplied recursive specifications into safe lowlevel definitions. Together, these tools make it easy for users to translate a wide variety of functional programs into the formalism of HOLCF. Theorems generated by the tools also make it easy for users to reason about their programs, with a very high level of confidence in the soundness of the results. As a case study, we present a fully mechanized verification of a model of concurrency based on powerdomains. The formalization depends on many features unique to HOLCF ’11, and is the first verification of such a model in a formal proof tool. ii ACKNOWLEDGMENTS I would like to thank my advisor, John Matthews, for having continued to devote so much time to working with me, even as a parttime professor; and for motivating me to keep studying domain theory (and enjoying it!) these past years. iii
Formal verification of monad transformers
 In ICFP’12
, 2012
"... We present techniques for reasoning about constructor classes that (like the monad class) fix polymorphic operations and assert polymorphic axioms. We do not require a logic with firstclass type constructors, firstclass polymorphism, or type quantification; instead, we rely on a domaintheoretic m ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
We present techniques for reasoning about constructor classes that (like the monad class) fix polymorphic operations and assert polymorphic axioms. We do not require a logic with firstclass type constructors, firstclass polymorphism, or type quantification; instead, we rely on a domaintheoretic model of the type system in a universal domain to provide these features. These ideas are implemented in the Tycon library for the Isabelle theorem prover, which builds on the HOLCF library of domain theory. The Tycon library provides various axiomatic type constructor classes, including functors and monads. It also provides automation for instantiating those classes, and for defining further subclasses. We use the Tycon library to formalize three Haskell monad transformers: the error transformer, the writer transformer, and the resumption transformer. The error and writer transformers do not universally preserve the monad laws; however, we establish datatype invariants for each, showing that they are valid monads when viewed as abstract datatypes.