## Formal Verification of Logic Programs: Foundations and Implementation (1997)

Venue: | In Logical Foundations of Computer Science LFCS '97 --- Logic at Yaroslavl |

Citations: | 4 - 0 self |

### BibTeX

@INPROCEEDINGS{Stärk97formalverification,

author = {Robert F. Stärk},

title = {Formal Verification of Logic Programs: Foundations and Implementation},

booktitle = {In Logical Foundations of Computer Science LFCS '97 --- Logic at Yaroslavl},

year = {1997},

pages = {354--368},

publisher = {Springer-Verlag}

}

### OpenURL

### Abstract

. We present the theoretical foundations of LPTP, a logic program theorem prover implemented in Prolog by the author. LPTP is an interactive theorem prover in which one can prove termination and correctness properties of pure Prolog programs that contain negation and built-in predicates like is/2 and call/n. The largest program that has been verified using LPTP is 635 lines long including its specification. The full formal correctness proof is 13128 lines long (133 pages). The formal theory underlying LPTP is the inductive extension of pure Prolog programs. This is a first-order theory that contains induction principles corresponding to the definition of the predicates in the program plus appropriate axioms for built-in predicates. 1

### Citations

977 |
Negation as failure
- Clark
- 1978
(Show Context)
Citation Context ...in the interactive theorem prover LPTP. 3 The inductive extension of pure Prolog programs The inductive extension of a logic program P is, roughly speaking, Clark’s completion of a logic program (cf=-=. [3]-=-) plus induction along the definition of the predicates. However, there are essential differences. For instance, the inductive extension is consistent for arbitrary programs. This is not the case for ... |

258 |
The Gödel Programming Language
- Hill, Lloyd
- 1994
(Show Context)
Citation Context ...ery G1 & . . . & Gn & true. The existential quantifier some x G binds the variable x in the goal G. Existential quantification is implicit in Prolog. It is explicit in extensions of Prolog like Gödel=-= [7]-=- and Mercury [9]. Free and bound variables in goals are defined as usual. We use the vector notation x for a finite list x1, . . . , xn. We write G[x] to express that all free variables of G are among... |

201 | The execution algorithm of Mercury: an efficient purely declarative logic programming language. volume 29
- Somogyi, Henderson, et al.
- 1996
(Show Context)
Citation Context ... Gn & true. The existential quantifier some x G binds the variable x in the goal G. Existential quantification is implicit in Prolog. It is explicit in extensions of Prolog like Gödel [7] and Mercury=-= [9]-=-. Free and bound variables in goals are defined as usual. We use the vector notation x for a finite list x1, . . . , xn. We write G[x] to express that all free variables of G are among the list x; G(x... |

198 |
From Logic Programming to Prolog
- Apt
- 1997
(Show Context)
Citation Context ...e verification of pure Prolog programs. First of all, we wanted to show that results of [8,10,11] about the foundations of logic programming are not only of theoretical interest. In the spirit of Apt =-=[1]-=- we wanted to show that the results can be extended to a rather large subset of Prolog. Secondly, we believe that if computer programs become bigger and more complex, it will be inevitable that parts ... |

126 | Reasoning about termination of pure Prolog programs
- Apt, Pedreschi
- 1993
(Show Context)
Citation Context ... report an error message. Rule 8 says that the left goal is selected in a conjunction. This corresponds to a left-most goal selection rule in standard terminology or to so-called LDNF-resolution (see =-=[2]-=-). Rule 9 and 10 are nondeterministic. This is the only place where nondeterminism occurs. To solve a disjunction E or F means either to solve first E and then F or to solve first F and then E. In bot... |

88 |
Signed data dependencies in logic programs
- Kunen
- 1989
(Show Context)
Citation Context ...edicates. 1 Introduction There are several reasons that we have implemented an interactive theorem prover for the verification of pure Prolog programs. First of all, we wanted to show that results of =-=[8,10,11]-=- about the foundations of logic programming are not only of theoretical interest. In the spirit of Apt [1] we wanted to show that the results can be extended to a rather large subset of Prolog. Second... |

55 | Denotational and operational semantics for Prolog
- Debray, Mishra
- 1988
(Show Context)
Citation Context .... States are defined in the following way: An environment is a finite set of bindings {t1/x1, . . . , tn/xn} such that the xi’s are pairwise different variables. It is not required that ti �≡ xi=-= (cf. [4]). A -=-frame consists of a query G and an idempotent environment η. Idempotent means that if ti �≡ xi then xi does not occur in t1, . . . , tn. Remember that a query is a list of goals. A frame stack co... |

23 |
Logics for termination and correctness of functional programs II: Logics of strength PRA
- Feferman
- 1992
(Show Context)
Citation Context ...for G terminate but also that there are no errors in calls of builtin predicates during the computation. There is an interesting analogy between the T operator and the logic of partial terms (cf. eg. =-=[5,6]).-=- In the logic of partial terms the expression t↓ means that the functional program t terminates and that during the evaluation there are no type conflicts, i.e. the program is dynamically well-typed... |

20 | The theoretical foundations of LPTP (a logic program theorem prover
- Stark
- 1998
(Show Context)
Citation Context ..., z(S integer(x) ∧ S integer(y) ∧ S integer(z) ∧ S x < y ∧ S y < z → S x < z). Note, that axioms like x = 7 ↔ S(x is 3 + 4) are included in the fixed point axioms VI. The full version of t=-=his article [14]-=- contains an exact definition of what it means that an axiom is true. VIII. The simultaneous induction scheme expresses the minimality of the Rs predicates. Note, that the formulas S DP R are positive... |

19 | Input/output dependencies of normal logic programs
- Stärk
- 1994
(Show Context)
Citation Context ...edicates. 1 Introduction There are several reasons that we have implemented an interactive theorem prover for the verification of pure Prolog programs. First of all, we wanted to show that results of =-=[8,10,11]-=- about the foundations of logic programming are not only of theoretical interest. In the spirit of Apt [1] we wanted to show that the results can be extended to a rather large subset of Prolog. Second... |

10 | The declarative semantics of the Prolog selection rule
- Stark
- 1993
(Show Context)
Citation Context ...edicates. 1 Introduction There are several reasons that we have implemented an interactive theorem prover for the verification of pure Prolog programs. First of all, we wanted to show that results of =-=[8,10,11]-=- about the foundations of logic programming are not only of theoretical interest. In the spirit of Apt [1] we wanted to show that the results can be extended to a rather large subset of Prolog. Second... |

4 | First-order theories for pure Prolog programs with negation
- Stärk
- 1995
(Show Context)
Citation Context ...trates how LPTP can be used to prove the correctness of an algorithm for inserting elements in AVL trees. There are essential differences between this article and the first-order theory introduced in =-=[12]-=-. We are now working with general goals and not only with sequences of literals. This makes it possible to treat built-in predicates in a uniform and simple way. Mode assignments are no longer needed.... |

1 | The finite stages of inductive definitions
- Stärk
- 1996
(Show Context)
Citation Context ...r. It means that the evaluation of the goal G terminates and that there are no error messages caused by non-ground negative goals or wrongly typed built-in atomic goals. The next theorem is proved in =-=[13]-=- using standard methods like partial cutelimination for infinitary systems and asymmetric interpretations. Theorem 3. Without built-in predicates, IND(P ) has the same proof-theoretic strength as Pean... |