## PROGRAM-ing finger trees in Coq (2007)

Venue: | In ACM SIGPLAN International Conference on Functional Programming. Association for Computing Machinery |

Citations: | 12 - 0 self |

### BibTeX

@INPROCEEDINGS{Sozeau07program-ingfinger,

author = {Matthieu Sozeau},

title = {PROGRAM-ing finger trees in Coq},

booktitle = {In ACM SIGPLAN International Conference on Functional Programming. Association for Computing Machinery},

year = {2007}

}

### OpenURL

### Abstract

Finger Trees (Hinze and Paterson 2006) are a general purpose persistent data structure with good performance. Their genericity permits developing a wealth of structures like ordered sequences or interval trees on top of a single implementation. However, the type systems used by current functional languages do not guarantee the coherent parameterization and specialization of Finger Trees, let alone the correctness of their implementation.We present a certified implementation of Finger Trees solving these problems using the PROGRAM extension of COQ. We not only implement the structure but also prove its invariants along the way, which permit building certified structures on top of Finger Trees in an elegant way. Categories and Subject Descriptors D.2.4 [Software/Program

### Citations

70 | Dependently Typed Functional Programs and their Proofs
- McBride
- 1999
(Show Context)
Citation Context ...r case, we want to say that an arbitrary tree t of measure s with view nil L must be the Empty tree, but those two trees do not have the same type. We apply the usual trick of heterogeneous equality (=-=McBride 1999-=-) : prove they must be in the same type. The inductive JMeq defines an heterogeneous equality (previously denoted by ≃) in COQ. It is used to compare objects which are not of the same type. Its sole c... |

69 | Languages of the future
- Sheard
- 2004
(Show Context)
Citation Context ...g (e.g. Pressburger arithmetic in DML) or there is no limit but proofs and code are intermingled in the same language (for EPIGRAM, COQ and AGDA) or a mix of the two styles in ATS (Xi 2004) or ΩMEGA (=-=Sheard 2004-=-) for example. 3.2 RUSSELL’s incarnation: PROGRAM Using RUSSELL we can write arbitrarily complex code with arbitrarily complex specifications, it will typecheck only if it is “structurally” well-typed... |

47 |
A New Extraction for Coq
- Letouzey
- 2002
(Show Context)
Citation Context ... as the type of computational types (e.g. naturals, lists) then we can immediately see whether something is a proof or a program just by looking at its sort. This is used by the extraction mechanism (=-=Letouzey 2002-=-) to extract only the algorithmical code from a COQ term. However, the extraction is not used directly inside the proof-checker, so computations in COQ may freeze because of irreducible proofs in the ... |

38 | Subset Coercions in Coq
- Sozeau
(Show Context)
Citation Context ... by solving obligations which are generated after the type-checking procedure of RUSSELL terms by an interpretation into CIC. For a detailed presentation of this procedure, the reader is directed to (=-=Sozeau 2007-=-). The generation of obligations is done in a similar way as in PVS (Owre and Shankar 1997), using subsets to carry propositions. We will describe this essential feature of the RUSSELL type system and... |

37 | Inductive families need not store their indices - Brady, McBride, et al. - 2004 |

36 | Applied Type System (extended abstract - Xi |

21 | Synthesizing proofs from programs in the Calculus of Inductive Constructions - Parent - 1995 |

20 |
The Implicit Calculus of Constructions
- Miquel
- 2001
(Show Context)
Citation Context ...han Prop/Type has to be found to distinguish between algorithmical and non-algorithmical content. Current work by B. Barras and B. Bernardo on an adaptation of the Calculus of Implicit Constructions (=-=Miquel 2001-=-) as the core calculus of a dependentlytyped language ought to give the expressivity we seek. We conclude that RUSSELL is not overly verbose and that doing the proofs is actually not a insurmountable ... |

15 | Finger trees: a simple general-purpose data structure - Hinze, Paterson - 2006 |

7 |
Inductive definitions in the system COQ
- Paulin-Mohring
- 1993
(Show Context)
Citation Context .... For example we may declare vectors (lists of fixed length) as: Inductive vector (A : Type) : nat → Type := | vnil : vector A 0 | vcons : A → ∀ n, vector A n → vector A (S n). The inductives of COQ (=-=Paulin-Mohring 1993-=-) are in fact parameterized, possibly nested, mutually recursive inductive families. An inductive family is a family of types indexed by a type or a value. Here for example, vector is a family paramet... |

2 | Emir Pasalic, Jeremy Siek, and Walid Taha. Concoqtion: indexed types now - Fogarty - 2007 |

1 | Position paper: Thoughts on programming with proof assistants
- Chlipala
- 2006
(Show Context)
Citation Context ...not so much support for incremental refinement in COQ, unlike in AGDA (Coquand 2006) or EPIGRAM (McBride and McKinna 2004), although the refine tactic can give the same flavor of program development (=-=Chlipala 2006-=-). RUSSELL is a programming language built on top of COQ which permits writing only the algorithmical code of strongly specified functions and forgetting about the required proofs which COQ needs to e... |

1 | Hongwei Xi and Frank Pfenning. Dependent types in practical programming - LNCS - 2004 |