Decoding Lua: formal semantics for the developer and the semanticist

We provide formal semantics for a large subset of the Lua programming language, in its version 5.2. We validate our model by mechanizing it and testing it against the test suite of the reference interpreter of Lua, con rming that our model accurately represents the language. In addition, we set us an ambitious goal: to target both a PL semanticist —not necessarily versed in Lua—, and a Lua developer —not necessarily versed in semantic frameworks. To the former, we present the peculiarities of the language, and how we model them in a traditional small-step operational semantics, embedded within Felleisen-Hieb’s reduction semantics with evaluation contexts. e mechanization is, naturally, performed in PLT Redex, the de facto tool for mechanizing reduction semantics. To the reader unfamiliar with such concepts, we provide, to our best possible within the space limitations, a gentle introduction of the model. It is our hope that developers of the di erent Lua implementations and dialects understand the model and consider it both for testing their work and for experimenting with new language features.Fil: Soldevila Raffa, Mallku Ernesto. Universidad Nacional de Córdoba. Facultad de Matemática, Astronomía y Física; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Córdoba; ArgentinaFil: Ziliani, Beta. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Córdoba; Argentina. Universidad Nacional de Córdoba. Facultad de Matemática, Astronomía y Física; ArgentinaFil: Silvestre, Bruno. Universidade Federal de Goiás; BrasilFil: Fridlender, Daniel Edgardo. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Córdoba; Argentina. Universidad Nacional de Córdoba. Facultad de Matemática, Astronomía y Física; ArgentinaFil: Mascarenhas, Fabio. Universidade Federal do Rio de Janeiro; Brasi

Interaktives Programmieren von getypten Taktiken im Beweisassistenten Coq

In order to allow for the verification of realistic problems, Coq provides a languagefor tactic programming, therefore enabling general-purpose scripting of automation routines. However, this language is untyped, and as a result, tactics are known to be difficult to compose, debug, and maintain. In this thesis, I develop two different approaches to typed tactic programming in the context of Coq: Lemma Overloading and Mtac. The first one utilizes the existing mechanism of overloading, already incorporated into Coq, to build typed tactics in a style that resembles that of dependently typed logic programming. The second one, Mtac, is a lightweight yet powerful extension to Coq that supports dependently typed functional tactic programming, with additional imperative features. I motivate the different characteristics of Lemma Overloading and Mtac through a wide range of examples, mainly coming from program verification. I also show how to combine these approaches in order to obtain the best of both worlds, resulting in extensible, typed tactics that can be programmed interactively. Both approaches rely heavily on the unification algorithm of Coq, which currently suffers from two main drawbacks: it incorporates heuristics not appropriate for tactic programming, and it is undocumented. In this dissertation, in addition to the aforementioned approaches to tactic programming, I build and describe a new unification algorithm better suited for tactic programming in Coq.Um realistische Programme zu verifizieren, bietet Coq eine Sprache zum Programmieren von Taktiken. Sie ermöglicht das Schreiben universeller Automatisierungsroutinen. Diese Sprache ist allerdings ungetypt. Die resultierenden Taktiken sind daher bekannt dafür, schwer zusammensetzbar, testbar und wartbar zu sein. Ich entwickle in dieser Doktorarbeit zwei Ansätze für getypte Taktiken im Kontext von Coq: Das Überladen von Lemmata und Mtac. Ersteres benutzt den in Coq vorhandenen Überladungsmechanismus um Taktiken im Stil von Dependently Typed Logic Programming zu erstellen.Letzeres, Mtac, ist eine leichtgewichtige, aber mächtige Erweiterung zu Coq, die das Erstellen von funktionalen, Dependently Typed Taktiken mit imperativen Features erlaubt. Ich motiviere die verschiedenen Charakteristika der beiden Ansätze durch eine große Auswahl an Beispielen, die hauptsächlich aus der Programm-Verifizierung kommen. Ich demonstriere außerdem, wie man die Ansätze kombinieren kann, um das Beste aus beiden Welten zu bekommen: erweiterbare, getypte Taktiken die interaktiv programmiert werden können. Beide Ansätze sind stark abhängig vom Unifizierungs-Algorithmus in Coq. Dieser leidet momentan unter zwei Nachteilen. Einerseits sind die Heuristiken nicht auf das Programmieren von Taktiken abgestimmt. Andererseits ist der Algorithmus undokumentiert. Zusätzlich zu den oben genannten Ansätzen zur Programmierung von Taktiken, entwickle und beschreibe ich in dieser Dissertation einen neuen Unifizierungs-Algorithmus, der besser für die Programmierung von Taktiken geeignet ist

Towards a better-behaved unification algorithm for Coq

International audienceThe unification algorithm is at the heart of a proof assistant like Coq. In particular, it is a key component in the refiner (the algorithm who has to fill implicit terms and missing type annotations), and the application of lemmas. Despite of being so important, however, the current unification algorithm of Coq is not properly documented, and implements certain heuristics that makes unification unpredictable and hard to understand. In this work we discuss some of the problems with the current algorithm and present a new one, built from scratch, which aims at solving these issues. The new algorithm is properly documented, putting us on better grounds for a formally verified and optimized algorithm

Towards a better-behaved unification algorithm for Coq

International audienceThe unification algorithm is at the heart of a proof assistant like Coq. In particular, it is a key component in the refiner (the algorithm who has to fill implicit terms and missing type annotations), and the application of lemmas. Despite of being so important, however, the current unification algorithm of Coq is not properly documented, and implements certain heuristics that makes unification unpredictable and hard to understand. In this work we discuss some of the problems with the current algorithm and present a new one, built from scratch, which aims at solving these issues. The new algorithm is properly documented, putting us on better grounds for a formally verified and optimized algorithm

Swapping: a natural bridge between named and indexed explicit substitution calculi

This article is devoted to the presentation of lambda_rex, an explicit substitution calculus with de Bruijn indexes and a simple notation. By being isomorphic to lambda_ex -- a recent formalism with variable names --, lambda_rex accomplishes simulation of beta-reduction (Sim), preservation of beta-strong normalization (PSN) and meta-confluence (MC), among other desirable properties. Our calculus is based on a novel presentation of lambda_dB, using a swap notion that was originally devised by de Bruijn. Besides lambda_rex, two other indexed calculi isomorphic to lambda_x and lambda_xgc are presented, demonstrating the potential of our technique when applied to the design of indexed versions of known named calculi

How to make ad hoc proof automation less ad hoc

Most interactive theorem provers provide support for some form of user-customizable proof automation. In a number of popular systems, such as Coq and Isabelle, this automation is achieved primarily through tactics, which are programmed in a separate language from that of the prover’s base logic. While tactics are clearly useful in practice, they can be difficult to maintain and compose because, unlike lemmas, their behavior cannot be specified within the expressive type system of the prover itself. We propose a novel approach to proof automation in Coq that allows the user to specify the behavior of custom automated routines in terms of Coq’s own type system. Our approach involves a sophisticated application of Coq’s canonical structures, which generalize Haskell type classes and facilitate a flexible style of dependentlytyped logic programming. Specifically, just as Haskell type classes are used to infer the canonical implementation of an overloaded term at a given type, canonical structures can be used to infer the canonical proof of an overloaded lemma for a given instantiation of its parameters. We present a series of design patterns for canonical structure programming that enable one to carefully and predictably coax Coq’s type inference engine into triggering the execution of user-supplied algorithms during unification, and we illustrate these patterns through several realistic examples drawn from Hoare Type Theory. We assume no prior knowledge of Coq and describe the relevant aspects of Coq type inference from first principles