Section: New Results

Coq as a functional programming language

Participants : Stéphane Glondu, Pierre Letouzey, Matthias Puech, Matthieu Sozeau.

Type-classes and libraries

Matthieu Sozeau has worked with members of the Foundations team at Nijmegen on enhancing the implementation of type-classes to suit the needs of the development of the MathClasses formalization of abstract algebra (part of the ForMath EU project). This gave rise to an experimental implementation of forward reasoning for instance resolution. Concurrently, he started a collaboration with Jael Kriener (Univ. of Canterbury, who visited for a week in November) to adapt techniques from logic programming to the system, including a determinacy analysis that would give better control of the system when building large hierarchies of structures (as in the MathClasses library).

Pierre Castéran from INRIA Bordeaux and Matthieu Sozeau are developing a tutorial on the use of type-classes that will be the basis of an invited tutorial given by M. Sozeau at the JFLA conference in February 2012. It will be published as part of the new version of the Coq'Art book.


Matthieu Sozeau has continued the development of the Equations package to build and reason on dependently-typed programs. He reworked the internals of the tool for a more efficient implementation and extended it to handle recursion on arbitrary inductive families. He developed a sizable example of the use of the tool for proving the metatheory of the LF system. The plugin will be relased with the upcoming 8.4 version of Coq. A journal article presenting the tool and its usage is in preparation.

Recursive definitions in proof assistants

Together with Ana Bove and Alexander Krauss, Matthieu Sozeau has written a survey article on tools and methods to build and reason on recursive functions in proof assistants based on type theory. The survey compares the relative strenghts and weaknesses of various formalization methods available in constructive type theories like Agda or Coq and classical systems like HOL. The article is still under review.

Dependent pattern-matching

Hugo Herbelin and Pierre Boutillier worked on a new simulation of Agda's style dependent pattern-matching  [24] in the Calculus of Inductive Constructions which, on the contrary of Goguen et al's simulation  [32] , does not rely on any explicit notion of dependent equality. The simulation relies on a systematic re-generalization of a given matching over the next pattern to matching and over a notion of matching narrowed by type constraints formalized by Pierre Boutillier [14] . The former itself relies on Pierre Boutillier's master thesis on making the guard condition traversing blocked commutative cuts. The simulation has been implemented in Coq 8.4 but without narrowing on subpatterns yet.

Modularized arithmetical libraries

Pierre Letouzey has integrated in Coq a deep reform of some parts of its Standard Library, mainly the Numbers library of generic / efficient arithmetic. This reform is part of the the version Coq 8.4. The idea is to take advantage of recent improvements of the Coq system in terms of modularity (Type Classes by Sozeau and better Modules by Soubiran) for providing more uniformity in the functions and properties about integers provided in the Standard Library. We now have a base of functions and lemmas which is statically guaranteed to be coherent from one numerical datatype representation to the other, allowing the user to choose more easily between these representations, according to the user's need in term of simplicity or efficiency. These modernized libraries are also one of the first large-scale experimentations with many recent features of modules and type-classes, and have helped maturing them and established new usage guidelines. The transition from previous versions of these libraries should be relatively transparent thanks to a compatibility layer.

Certified extraction

Stéphane Glondu continued his work on extraction in the Coq-in-Coq formalisation. He proved that reductions in the source language can be simulated in the target language (the converse had been proven two years before). This proof highlighted a critical bug in the actual implementation of Coq that has been solved by Pierre Letouzey.

The formalised extraction is only a step of the actual implementation of Coq: replacing logical subterms by an inert constant. Stéphane Glondu considers this work done, even though some parts have been admitted. He worked on how the formalisation could be redesigned in order to avoid currently admitted lemmas and to allow a better integration with the existing Coq system.

Incrementality in proof languages

Matthias Puech and Yann Régis-Gianas worked on incremental type checking. This preliminary work will be presented during a contributed talk at TLDI 2012 [15] . It sets the grounds of an incremental proof development and checking system, by means of a representation language for repositories of proofs and proof changes.

The traditional interaction with a proof-checker is a batch process. Coq (among others) refines this model by providing a read-eval print loop with a global undo system, implemented in an ad-hoc way. A more general approach to incrementality is being developed by means of a finer-grained analysis of dependencies. The approach developed is adaptable to any typed formal language: the language is specified in a meta-language close to the Edimburgh Logical Framework, in which subsequent versions of a development can be type-checked incrementally. Applications of this framework are: proof language for proof assistants, integrated development environments for proof or programming languages, typed version control systems.

Proofs of programs in Coq

As part of the CerCo european project, in collaboration with Roberto Amadio (PPS, Paris Diderot University), Nicolas Ayache and Yann Régis-Gianas maintained a prototype compiler for a large subset of the C language whose specificity is to annotate input source programs with information about the worst-case execution cost of their machine code. Yann Régis-Gianas started a mechanized version of the proof technique used to prove the correctness of such an annotating compiler.

Yann Régis-Gianas developed another compiler for Core ML that uses a generalization of CerCo technique in order to obtain certified worst case execution time bounds on functional programs. This compiler produces proof obligations in Coq. The corresponding paper will be published in january 2012 in the proceedings of FOPARA 2011. It is available as a technical report [16] .