Establishing a General Context Lemma in PVS

In this paper we report on the results of a sophisticated and substantial use of PVS to establish a recent result in operational semantics. This is of interest not only because it requires the substantial development of current higher order techniques in operational semantics, but also because it exposed several gaps in the published presentation of the result. Thus this paper exemplifies the possible benefit of serious formalization in contrast to standard mathematical practice which typically leaves much unsaid. We also take great pains to formalize the actual theoretical treatment, rather than adapting it to the tastes of either the machine, and PVS. In this regard we were almost completely successful, only on two occasions was it necessary to deviate, slightly, from the exact formal treatment. We will mention them in the narrative. In this sense we made no use of the tricky representations that McKinna and Pollack discuss [19]. In our earlier work [7, 5] we carried out in PVS, for the first time, a named variable proof of the Church–Rosser result for Landin’s call-by-value Iswim, without eliminating congruence by tricky encodings. Thus our work can be seen as an attempt to reconcile theory, with formal verification in practice. We should also point out that prior to this earlier work very little use of PVS’s inductive abstract data types had been made. Thus this work also represents the first use of these aspects of PVS to verify a non-trivial recent result, as opposed to a classic result that has been used somewhat as a benchmark, see [7] for a survey. Thus this paper has several, hopefully complementary, purposes. On the one hand it is a detailed presentation of the proof of the CIU theorem for uniform -languages, on the other hand it is a road map for the actual mechanized proof [6], and the issued raised in its development. We also try and address some of the issues that are raised in presenting both a theoretical and the corresponding formal development. We will use the word theoretical to refer to the treatment of the subject matter as it normally appears in journal publications such as [24, 17], to contrast it with the word formal that refers to the analagous notion, as formalized in the corresponding PVS development. Also in the body of the paper we use the notation line number to refer to the particular line in the unpacked file, whose name is , of [6]. So for example 210 is the actual statement of the main theorem presented in this paper. We also extend this notation to include the name of the theorem, lemma, or definition when this is of interest. Thus 210 refers to the theorem in the file that lies on line 210 of the unpacked version of [6]. This system of presentation works well for the statements of the results contained in the development, but not for the formal proofs. An area of PVS that needs more attention.

[1]  Carolyn L. Talcott,et al.  1 Equivalence in Functional Languages with E ectsIan , 2007 .

[2]  Jan Willem Klop,et al.  Combinatory reduction systems , 1980 .

[3]  James McKinna,et al.  Pure Type Systems Formalized , 1993, TLCA.

[4]  Matthias Felleisen,et al.  Control operators, the SECD-machine, and the λ-calculus , 1987, Formal Description of Programming Concepts.

[5]  C. Talcott,et al.  Reasoning about functions with effects , 1999 .

[6]  Carolyn L. Talcott,et al.  Feferman-Landin Logic , 2016 .

[7]  Ian A. Mason Computing with Contexts , 1999, High. Order Symb. Comput..

[8]  Robin Milner,et al.  Fully Abstract Models of Typed lambda-Calculi , 1977, Theor. Comput. Sci..

[9]  Douglas J. Howe Proving Congruence of Bisimulation in Functional Programming Languages , 1996, Inf. Comput..

[10]  Ian A. Mason,et al.  Operational Techniques in PVS - A Preliminary Evaluation , 2001, Electron. Notes Theor. Comput. Sci..

[11]  James McKinna,et al.  Some Lambda Calculus and Type Theory Formalized , 1997, Journal of Automated Reasoning.

[12]  Carolyn L. Talcott,et al.  A Variable Typed Logic of Effects , 1995, Inf. Comput..

[13]  Alan F. Blackwell,et al.  Programming , 1973, CSC '73.

[14]  Carolyn L. Talcott,et al.  From Operational Semantics to Domain Theory , 1996, Inf. Comput..

[15]  C. Talcott The essence of rum: a theory of the intensional and extensional aspects of lisp-type computation (program transformation, closure, continuation structure, comparison-relation) , 1985 .

[16]  Tobias Nipkow,et al.  Higher-order critical pairs , 1991, [1991] Proceedings Sixth Annual IEEE Symposium on Logic in Computer Science.

[17]  Robert Hieb,et al.  The Revised Report on the Syntactic Theories of Sequential Control and State , 1992, Theor. Comput. Sci..