research-article

Open access

A metaprogramming framework for formal verification

Authors:

Sebastian Ullrich,

Leonardo de MouraAuthors Info & Claims

Proceedings of the ACM on Programming Languages, Volume 1, Issue ICFP

Article No.: 34, Pages 1 - 29

https://doi.org/10.1145/3110278

Published: 29 August 2017 Publication History

Abstract

We describe the metaprogramming framework currently used in Lean, an interactive theorem prover based on dependent type theory. This framework extends Lean's object language with an API to some of Lean's internal structures and procedures, and provides ways of reflecting object-level expressions into the metalanguage. We provide evidence to show that our implementation is performant, and that it provides a convenient and flexible way of writing not only small-scale interactive tactics, but also more substantial kinds of automation.

Supplementary Material

Auxiliary Archive (icfp17-main19-s.zip)

A virtual machine image that contains all examples and benchmarks from the paper, as well as installations of the required theorem provers. For more information, please see the included `ReadMe.txt` file.

Download
4507.63 MB

References

[1]

Andrea Asperti, Wilmer Ricciotti, Claudio Sacerdoti Coen, and Enrico Tassi. 2011. The Matita Interactive Theorem Prover. In Automated Deduction - CADE-23 - 23rd International Conference on Automated Deduction. Proceedings (Lecture Notes in Computer Science), Nikolaj Bjørner and Viorica Sofronie-Stokkermans (Eds.), Vol. 6803. Springer, 64–69.

[2]

Jeremy Avigad, Leonardo de Moura, and Soonho Kong. 2017. Theorem Proving in Lean. (2017). https://leanprover.github.io/theorem_proving_in_lean/theorem_proving_in_lean.pdf.

[3]

David Baelde, Kaustuv Chaudhuri, Andrew Gacek, Dale Miller, Gopalan Nadathur, Alwen Tiu, and Yuting Wang. 2014. Abella: A System for Reasoning about Relational Specifications. J. Formalized Reasoning 7, 2 (2014), 1–89.

[4]

Henry G. Baker. 1991. Shallow Binding Makes Functional Arrays Fast. SIGPLAN Not. 26, 8 (Aug. 1991), 145–147.

Digital Library

[5]

Eli Barzilay. 2006. Implementing Direct Reflection in NuPRL. Ph.D. Dissertation. Cornell University.

[6]

Yves Bertot and Pierre Castéran. 2004. Interactive Theorem Proving and Program Development: Coq’Art: The Calculus of Inductive Constructions. Springer-Verlag, Berlin.

[7]

Ana Bove, Peter Dybjer, and Ulf Norell. 2009. A Brief Overview of Agda - A Functional Language with Dependent Types. In Theorem Proving in Higher Order Logics, 22nd International Conference, TPHOLs 2009. Proceedings (Lecture Notes in Computer Science), Stefan Berghofer, Tobias Nipkow, Christian Urban, and Makarius Wenzel (Eds.), Vol. 5674. Springer, 73–78.

Digital Library

[8]

Edwin Brady. 2013. Idris, A General-Purpose Dependently Typed Programming Language: Design and Implementation. J. Funct. Program. 23, 5 (2013), 552–593.

[9]

Adam Chlipala. 2011. Certified Programming with Dependent Types. MIT Press. http://adam.chlipala.net/cpdt/ .

[10]

David Raymond Christiansen. 2014. Type-Directed Elaboration of Quasiquotations: A High-Level Syntax for Low-Level Reflection. In Proceedings of the 26th 2014 International Symposium on Implementation and Application of Functional Languages, IFL ’14, Boston, MA, USA, October 1-3, 2014, Sam Tobin-Hochstadt (Ed.). ACM, 1:1–1:9.

Digital Library

[11]

David R. Christiansen and Edwin Brady. 2016. Elaborator Reflection: Extending Idris in Idris. In Proceedings of the 21st ACM SIGPLAN International Conference on Functional Programming, ICFP 2016, Jacques Garrigue, Gabriele Keller, and Eijiro Sumii (Eds.). ACM, 284–297.

Digital Library

[12]

Robert L. Constable. 1998. Types in Logic, Mathematics and Programming. In Handbook of Proof Theory. Stud. Logic Found. Math., Vol. 137. North-Holland, Amsterdam, 683–786.

[13]

Thierry Coquand and Gérard Huet. 1988. The Calculus of Constructions. Inform. and Comput. 76, 2-3 (1988), 95–120.

Digital Library

[14]

Thierry Coquand and Christine Paulin. 1990. Inductively Defined Types. In COLOG-88 (Tallinn, 1988). Lecture Notes in Comput. Sci., Vol. 417. Springer, Berlin, 50–66.

[15]

Leonardo Mendonça de Moura, Soonho Kong, Jeremy Avigad, Floris van Doorn, and Jakob von Raumer. 2015. The Lean Theorem Prover (System Description). In Automated Deduction - CADE-25 - 25th International Conference on Automated Deduction, 2015, Proceedings (Lecture Notes in Computer Science), Amy P. Felty and Aart Middeldorp (Eds.), Vol. 9195. Springer, 378–388.

[16]

David Delahaye. 2000. A Tactic Language for the System Coq. In Logic for Programming and Automated Reasoning, 7th International Conference, LPAR 2000, Proceedings (Lecture Notes in Computer Science), Michel Parigot and Andrei Voronkov (Eds.), Vol. 1955. Springer, 85–95.

[17]

David Delahaye. 2002. A Proof Dedicated Meta-Language. Electr. Notes Theor. Comput. Sci. 70, 2 (2002), 96–109.

[18]

David Detlefs, Greg Nelson, and James B. Saxe. 2005. Simplify: A Theorem Prover for Program Checking. J. ACM 52, 3 (May 2005), 365–473.

Digital Library

[19]

Peter Dybjer. 1994. Inductive Families. Formal Asp. Comput. 6, 4 (1994), 440–465.

Digital Library

[20]

Gabriel Ebner, Stefan Hetzl, Giselle Reis, Martin Riener, Simon Wolfsteiner, and Sebastian Zivota. 2016. System Description: GAPT 2.0. In International Joint Conference on Automated Reasoning, IJCAR (Lecture Notes in Computer Science), Nicola Olivetti and Ashish Tiwari (Eds.), Vol. 9706. Springer, 293–301.

Digital Library

[21]

Healfdene Goguen, Conor McBride, and James McKinna. 2006. Eliminating dependent pattern matching. In Algebra, Meaning, and Computation. Springer, 521–540.

[22]

Georges Gonthier, Beta Ziliani, Aleksandar Nanevski, and Derek Dreyer. 2013. How to Make Ad Hoc Proof Automation Less Ad Hoc. J. Funct. Program. 23, 4 (2013), 357–401.

[23]

Mike Gordon. 2000. From LCF to HOL: a short history. In Proof, Language, and Interaction, Essays in Honour of Robin Milner, Gordon D. Plotkin, Colin Stirling, and Mads Tofte (Eds.). The MIT Press, 169–186.

Digital Library

[24]

Lars Hupel. 2014. Interactive Simplifier Tracing and Debugging in Isabelle. In Intelligent Computer Mathematics - International Conference, CICM 2014. Proceedings (Lecture Notes in Computer Science), Stephen M. Watt, James H. Davenport, Alan P. Sexton, Petr Sojka, and Josef Urban (Eds.), Vol. 8543. Springer, 328–343.

[25]

Sheng Liang, Paul Hudak, and Mark P. Jones. 1995. Monad Transformers and Modular Interpreters. In Conference Record of POPL’95: 22nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, 1995, Ron K. Cytron and Peter Lee (Eds.). ACM Press, 333–343.

Digital Library

[26]

Gregory Malecha and Jesper Bengtson. 2016. Extensible and Efficient Automation Through Reflective Tactics. In Programming Languages and Systems - 25th European Symposium on Programming, ESOP 2016, Proceedings (Lecture Notes in Computer Science), Peter Thiemann (Ed.), Vol. 9632. Springer, 532–559.

[27]

Gregory Michael Malecha. 2014. Extensible Proof Engineering in Intensional Type Theory. Ph.D. Dissertation. Harvard University. http://gmalecha.github.io/publication/2015/02/01/extensible-proof-engineering-in-intensional-type-theory. html

[28]

Daniel Matichuk, Toby C. Murray, and Makarius Wenzel. 2016. Eisbach: A Proof Method Language for Isabelle. J. Autom. Reasoning 56, 3 (2016), 261–282.

Digital Library

[29]

Conor McBride and James McKinna. 2004. Functional Pearl: I Am Not a Number — I Am a Free Variable. In Proceedings of the ACM SIGPLAN Workshop on Haskell, Haskell 2004, Henrik Nilsson (Ed.). ACM, 1–9.

Digital Library

[30]

Greg Nelson and Derek C Oppen. 1980. Fast Decision Procedures Based on Congruence Closure. Journal of the ACM (JACM) 27, 2 (1980), 356–364.

Digital Library

[31]

Robert Nieuwenhuis and Albert Rubio. 2001. Paramodulation-Based Theorem Proving. In Handbook of Automated Reasoning, John Alan Robinson and Andrei Voronkov (Eds.). Vol. 1. Elsevier and MIT Press, 371–443.

[32]

Ulf Norell. 2008. Dependently Typed Programming in Agda. In Advanced Functional Programming, 6th International School, AFP 2008, Revised Lectures (Lecture Notes in Computer Science), Pieter W. M. Koopman, Rinus Plasmeijer, and S. Doaitse Swierstra (Eds.), Vol. 5832. Springer, 230–266.

[33]

Brigitte Pientka. 2010. Beluga: Programming with Dependent Types, Contextual Data, and Contexts. In Functional and Logic Programming, 10th International Symposium, FLOPS 2010. Proceedings (Lecture Notes in Computer Science), Matthias Blume, Naoki Kobayashi, and Germán Vidal (Eds.), Vol. 6009. Springer, 1–12.

Digital Library

[34]

Antonis Stampoulis and Zhong Shao. 2010. VeriML: typed computation of logical terms inside a language with effects. In Proceeding of the 15th ACM SIGPLAN International Conference on Functional programming, ICFP 2010, Paul Hudak and Stephanie Weirich (Eds.). ACM, 333–344.

Digital Library

[35]

Paul van der Walt and Wouter Swierstra. 2012. Engineering Proof by Reflection in Agda. In Implementation and Application of Functional Languages - 24th International Symposium, IFL 2012 (Lecture Notes in Computer Science), Ralf Hinze (Ed.), Vol. 8241. Springer, 157–173.

[36]

Andrei Voronkov. 2014. AVATAR: The Architecture for First-Order Theorem Provers. In Computer Aided Verification, CAV (Lecture Notes in Computer Science), Armin Biere and Roderick Bloem (Eds.), Vol. 8559. Springer, 696–710.

[37]

Beta Ziliani, Derek Dreyer, Neelakantan R. Krishnaswami, Aleksandar Nanevski, and Viktor Vafeiadis. 2015. Mtac: A Monad for Typed Tactic Programming in Coq. J. Funct. Program. 25 (2015).

[38]

Beta Ziliani, Yann Régis-Gianas, and Jan-Oliver Kaiser. 2017. The Next 700 Safe Tactic Languages. (2017). Preprint.

Cited By

Hu JPientka B(2025)A Dependent Type Theory for Meta-programming with Intensional AnalysisProceedings of the ACM on Programming Languages10.1145/37048519:POPL(416-445)Online publication date: 9-Jan-2025
https://dl.acm.org/doi/10.1145/3704851
Pientka BAllais GLiu Y(2025)A Type-Theoretic Framework for Certified Meta-programming (Invited Talk Extended Abstract)Proceedings of the 2025 ACM SIGPLAN International Workshop on Partial Evaluation and Program Manipulation10.1145/3704253.3706136(10-11)Online publication date: 10-Jan-2025
https://dl.acm.org/doi/10.1145/3704253.3706136
Hu JPientka B(2024)A Layered Approach to Intensional Analysis in Type TheoryACM Transactions on Programming Languages and Systems10.1145/370720346:4(1-43)Online publication date: 5-Dec-2024
https://dl.acm.org/doi/10.1145/3707203
Show More Cited By

Index Terms

A metaprogramming framework for formal verification
1. Software and its engineering
  1. Software notations and tools
    1. General programming languages
      1. Language types
        Functional languages
2. Theory of computation
  1. Computational complexity and cryptography
    1. Interactive proof systems
  2. Logic
    1. Type theory

Recommendations

Explicitly heterogeneous metaprogramming with MetaHaskell
ICFP '12: Proceedings of the 17th ACM SIGPLAN international conference on Functional programming

Languages with support for metaprogramming, like MetaOCaml, offer a principled approach to code generation by guaranteeing that well-typed metaprograms produce well-typed programs. However, many problem domains where metaprogramming can fruitfully be ...
Explicitly heterogeneous metaprogramming with MetaHaskell
ICFP '12

Languages with support for metaprogramming, like MetaOCaml, offer a principled approach to code generation by guaranteeing that well-typed metaprograms produce well-typed programs. However, many problem domains where metaprogramming can fruitfully be ...
LibDSL: a library for developing embedded domain specific languages in d via template metaprogramming
GPCE '14

This paper presents a library called LibDSL that helps the implementer of an embedded domain specific language (EDSL) effectively develop it in D language. The LibDSL library accepts as input some kinds of ``specifications'' of the EDSL that the ...

Comments

Information & Contributors

Information

Published In

cover image Proceedings of the ACM on Programming Languages

Proceedings of the ACM on Programming Languages Volume 1, Issue ICFP

September 2017

1173 pages

EISSN:2475-1421

DOI:10.1145/3136534

Issue’s Table of Contents

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 29 August 2017

Published in PACMPL Volume 1, Issue ICFP

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Author Tags

Qualifiers

Research-article

Funding Sources

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

61
Total Citations
View Citations
1,541
Total Downloads

Downloads (Last 12 months)261
Downloads (Last 6 weeks)41

Reflects downloads up to 12 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Hu JPientka B(2025)A Dependent Type Theory for Meta-programming with Intensional AnalysisProceedings of the ACM on Programming Languages10.1145/37048519:POPL(416-445)Online publication date: 9-Jan-2025
https://dl.acm.org/doi/10.1145/3704851
Pientka BAllais GLiu Y(2025)A Type-Theoretic Framework for Certified Meta-programming (Invited Talk Extended Abstract)Proceedings of the 2025 ACM SIGPLAN International Workshop on Partial Evaluation and Program Manipulation10.1145/3704253.3706136(10-11)Online publication date: 10-Jan-2025
https://dl.acm.org/doi/10.1145/3704253.3706136
Hu JPientka B(2024)A Layered Approach to Intensional Analysis in Type TheoryACM Transactions on Programming Languages and Systems10.1145/370720346:4(1-43)Online publication date: 5-Dec-2024
https://dl.acm.org/doi/10.1145/3707203
Reitz AFromherz AProtzenko J(2024)StarMalloc: Verifying a Modern, Hardened Memory AllocatorProceedings of the ACM on Programming Languages10.1145/36897738:OOPSLA2(1757-1786)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689773
Zhuchko EVeanes MEbner GTimany ATraytel DPientka BBlazy S(2024)Lean Formalization of Extended Regular Expression Matching with LookaroundsProceedings of the 13th ACM SIGPLAN International Conference on Certified Programs and Proofs10.1145/3636501.3636959(118-131)Online publication date: 9-Jan-2024
https://dl.acm.org/doi/10.1145/3636501.3636959
Rivière PSingh NAït-Ameur Y(2024)Reflexive Event-B: Semantics and Correctness the EB4EB FrameworkIEEE Transactions on Reliability10.1109/TR.2022.321964973:2(835-850)Online publication date: Jun-2024
https://doi.org/10.1109/TR.2022.3219649
Wei QWu HShi FWan YNing H(2024)A Tutorial on Meta-Services and Services Computing in MetaverseIEEE Internet of Things Journal10.1109/JIOT.2023.334690111:10(16981-16995)Online publication date: 15-May-2024
https://doi.org/10.1109/JIOT.2023.3346901
Avigad J(2024)Automated Reasoning for MathematicsAutomated Reasoning10.1007/978-3-031-63498-7_1(3-20)Online publication date: 3-Jul-2024
https://dl.acm.org/doi/10.1007/978-3-031-63498-7_1
Hu JPientka B(2024)Layered Modal Type TheoryProgramming Languages and Systems10.1007/978-3-031-57262-3_3(52-82)Online publication date: 6-Apr-2024
https://dl.acm.org/doi/10.1007/978-3-031-57262-3_3
Grégoire BLéchenet JTassi EKrebbers RTraytel DPientka BZdancewic S(2023)Practical and Sound Equality Tests, Automatically: Deriving eqType Instances for Jasmin’s Data Types with Coq-ElpiProceedings of the 12th ACM SIGPLAN International Conference on Certified Programs and Proofs10.1145/3573105.3575683(167-181)Online publication date: 11-Jan-2023
https://dl.acm.org/doi/10.1145/3573105.3575683
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Media

Figures

Other

Tables

View Issue’s Table of Contents