Implementing and reasoning about hash-consed data structures in Coq

We report on four different approaches to implementing hash-consing in Coq programs. The use cases include execution inside Coq, or execution of the extracted OCaml code. We explore the different trade-offs between faithful use of pristine extracted code, and code that is fine-tuned to make use of OCaml programming constructs not available in Coq. We discuss the possible consequences in terms of performances and guarantees. We use the running example of binary decision diagrams and then demonstrate the generality of our solutions by applying them to other examples of hash-consed data structures

Monadic Augment And Generalized Short Cut Fusion

Monads are commonplace programming devices that are used to uniformly structure computations;in particular, they are often used to mimic the effects of impure features suchas state, error handling, and I/O. This paper further develops the monadic programmingparadigm by investigating the extent to which monadic computations can be optimisedby using generalisations of short cut fusion to eliminate monadic structures whose solepurpose is to \glue together" monadic program components.Ghani, Uustalu, and Vene have recently shown that every inductive type has an associatedbuild combinator and an associated short cut fusion rule. They have also used thenotion of a parameterised monad to describe those monads that give rise to inductive types,and have shown that the standard augment combinators and cata/augment fusion rulesfor algebraic data types can be generalised to xed points of all parameterised monads.We revisit these augment combinators and generalised short cut fusion rules for such typesbut consider them from a functional programming perspective, rather than a categoricalone. In addition to making the category-theoretic ideas of Ghani, Uustalu, and Venemore easily accessible to a wider audience of functional programmers, we demonstratetheir practical applicability by developing nontrivial application programs and performingmodest benchmarking on them. We also show how the cata/augment rules can serve asthe basis for deriving additional generic fusion laws, thus opening the way for an algebraof fusion. Finally, we oer deep theoretical insights, arguing that the augment combinatorsare monadic in nature, and thus that the cata/build and cata/augment rules arearguably the best generally applicable fusion rules obtainable

Foundations for structured programming with GADTs

GADTs are at the cutting edge of functional programming and become more widely used every day. Nevertheless, the semantic foundations underlying GADTs are not well understood. In this paper we solve this problem by showing that the standard theory of data types as carriers of initial algebras of functors can be extended from algebraic and nested data types to GADTs. We then use this observation to derive an initial algebra semantics for GADTs, thus ensuring that all of the accumulated knowledge about initial algebras can be brought to bear on them. Next, we use our initial algebra semantics for GADTs to derive expressive and principled tools — analogous to the well-known and widely-used ones for algebraic and nested data types — for reasoning about, programming with, and improving the performance of programs involving, GADTs; we christen such a collection of tools for a GADT an initial algebra package. Along the way, we give a constructive demonstration that every GADT can be reduced to one which uses only the equality GADT and existential quantification. Although other such reductions exist in the literature, ours is entirely local, is independent of any particular syntactic presentation of GADTs, and can be implemented in the host language, rather than existing solely as a metatheoretical artifact. The main technical ideas underlying our approach are (i) to modify the notion of a higher-order functor so that GADTs can be seen as carriers of initial algebras of higher-order functors, and (ii) to use left Kan extensions to trade arbitrary GADTs for simpler-but-equivalent ones for which initial algebra semantics can be derive

Meta-F*: Proof Automation with SMT, Tactics, and Metaprograms

We introduce Meta-F*, a tactics and metaprogramming framework for the F* program verifier. The main novelty of Meta-F* is allowing the use of tactics and metaprogramming to discharge assertions not solvable by SMT, or to just simplify them into well-behaved SMT fragments. Plus, Meta-F* can be used to generate verified code automatically. Meta-F* is implemented as an F* effect, which, given the powerful effect system of F*, heavily increases code reuse and even enables the lightweight verification of metaprograms. Metaprograms can be either interpreted, or compiled to efficient native code that can be dynamically loaded into the F* type-checker and can interoperate with interpreted code. Evaluation on realistic case studies shows that Meta-F* provides substantial gains in proof development, efficiency, and robustness.Comment: Full version of ESOP'19 pape

A type- and scope-safe universe of syntaxes with binding: their semantics and proofs

Almost every programming language's syntax includes a notion of binder and corresponding bound occurrences, along with the accompanying notions of alpha-equivalence, capture-avoiding substitution, typing contexts, runtime environments, and so on. In the past, implementing and reasoning about programming languages required careful handling to maintain the correct behaviour of bound variables. Modern programming languages include features that enable constraints like scope safety to be expressed in types. Nevertheless, the programmer is still forced to write the same boilerplate over again for each new implementation of a scope safe operation (e.g., renaming, substitution, desugaring, printing, etc.), and then again for correctness proofs. We present an expressive universe of syntaxes with binding and demonstrate how to (1) implement scope safe traversals once and for all by generic programming; and (2) how to derive properties of these traversals by generic proving. Our universe description, generic traversals and proofs, and our examples have all been formalised in Agda and are available in the accompanying material available online at https://github.com/gallais/generic-syntax