Elpi: an extension language for Coq (Metaprogramming Coq in the Elpi λProlog dialect) Enrico Tassi To cite this version: Enrico Tassi. Elpi: an extension language for Coq (Metaprogramming Coq in the Elpi λProlog dialect). 2018. hal-01637063 HAL Id: hal-01637063 https://hal.inria.fr/hal-01637063 Preprint submitted on 17 Nov 2017 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. 1 Elpi: an extension language for Coq 61 2 62 3 Metaprogramming Coq in the Elpi λProlog dialect 63 4 64 5 Enrico Tassi 65 6 66 Universitè Côte d’Azur, Inria 7 67 France 8 68 [email protected] 9 69 10 Abstract augment the program with hypothetical clauses (clauses about 70 11 Elpi is dialect of λProlog that can be used as an extension language fresh constants). 71 12 for Coq. It lets one define commands and tactics in a high level For example, to the query “which is the type of λxλy:x?”, writ- 72 13 programming language tailored to the manipulation of syntax trees ten of(lam x\lam y\ x) Ty, Elpi answers Ty = arr S1 (arr S2 S1) by 73 14 containing binders and existentially quantified meta variables. using the second clause twice. Operationally each time a clause is 74 15 used its variables (capital letters) are made fresh and the head is 75 16 Keywords Coq, λProlog, extension language, metaprogramming unified with the query. In our example the second clause’s head, 76 17 of(lam F1)(arr S1 T1), is unified with the query giving F1 = x\lam y\ x 77 18 78 1 Introduction and Ty = arr S1 T1. Then a fresh constant c1 is created by the pi op- 19 Extension languages are key to the development of software. From erator, and the program is augmented with the hypothetical clause 79 20 80 text editors to video games, high level extension languages con- (of c1 S1) by the => operator. The sub query is about (F1 c1), but 21 81 tribute to the success of software by letting users improve the soft- since F1 is a function such a term is equivalent to (lam y\ c1), i.e. 22 ware and adapt it to their needs. Coq is no exception: it comes with the body of the first lambda where the bound variable has been 82 23 83 an extension language for tactics called Ltac [1] that proved to replaced by c1. The second clause is used again: this time we have 24 84 be extremely useful, well beyond the “small automation” target a fresh c2, a new clause (of c2 S2) about it, T1 gets arr S2 T2 and 25 85 envisioned by its author. Despite its success Ltac has many limita- consequently Ty becomes arr S1 (arr S2 T2). Finally we perform the 26 86 tions: it can define only tactics, it has no data structures, its binding sub query (of c1 T2). At that stage there is no choice but to use the 27 87 discipline and evaluation order are unclear, etc...As a consequence (of c1 S1) hypothetical clause, and unification imposes T2 = S1, i.e. 28 alternative approaches to extend Coq (or similar systems) were the output type to coincide with the type of the first input. This 88 29 proposed in recent years [3, 4, 6]. yields Ty = arr S1 (arr S2 S1) 89 30 We present a Coq plugin embedding Elpi [2], a dialect of λProlog [5] 90 31 designed to be used as an extension language for software doing 2.1 A dialect of λProlog with constraints 91 32 symbolic computations on syntax trees containing binders and When a syntax tree is partial, i.e. it contains unassigned unifica- 92 33 existentially quantified meta variables (evars). tion variables, λProlog programs naturally perform search: the 93 34 Unlike most of the alternatives cited above Elpi departs from the generative semantics inherited from Prolog enumerates all possi- 94 35 idea of meta programming Coq in itself (i.e. in Gallina) in favor of ble instantiations until one that fits is found. Unfortunately this 95 36 a domain specific, higher level, language that hides to the program- is not (always) welcome when manipulating partial terms: To the 96 37 mer De Buijn indexes and most of the intricacies of evars. It also query of(lam x\ lam y\ F x y) Ty Elpi replies by finding an arbitrary 97 38 provides first class search with backtracking and means to control solution for F: 98 39 it (e.g. the cut operator). F = x\ y\ y Ty = arr S1 (arr S2 S2) 99 40 100 This solution is generated because the sub query (of( F c1 c2) T2) 41 101 2 Elpi finds a possible solution in the hypothetical clause (of c2 S2). 42 102 The interpreter for Elpi (that stands for Embeddable Lambda Prolog To avoid that, Elpi lets one declare that a predicate should never 43 103 Interpreter) is developed by C. Sacerdoti Coen and E. Tassi [2]. Its instantiate one of its arguments (morally an input) and turn a goal 44 104 aim is to provide a programming platform to study the so-called into a constraint when the input is flexible. 45 105 elaborator component of an interactive prover as Coq or Matita. It pred of i:term, o:ty. 46 106 implements a dialect of λProlog where not only the binders of the of(?? as F) T :- declare_constraint(of FT) on F. 47 107 meta language (as in HOAS), but also its unification variables, can 48 The query above now results in the following solution, that com- 108 be used to model the object language ones. 49 prises a (typing) constraint on F (the key of the constraint). 109 We present Elpi by escalating λProlog’s “hello world” example 50 Ty = arr S1 (arr S2 T2) of c1 S1, of c2 S2 ?- of( F c1 c2) T2 on F 110 (a type checker for λ!) to an elaborator manipulating open terms. 51 Constraints are resumed as soon as the key is assigned. If nat and 111 52 type arr ty -> ty -> ty.% the arrow type constructor bool are types, then the following query succeeds. 112 type lam (term -> term) -> term. type app term -> term -> term. 53 113 of(app FX) T :- of F (arr ST), of XS.% clause for app Ty = arr nat (arr bool bool), of(lam x\ lam y\ F x y) Ty, 54 of(lam F)(arr ST):- pi x\ ofx S => of( F x) T.% clause for lam not( F = a\b\a),% the resumed constraint makes this assignment fail 114 55 F = a\b\b% this one is accepted, since the type matches 115 Remark that there is no term constructor for variables: λProlog 56 Finally, Elpi also provides a language of rewriting rules (inspired 116 provides operators to introduce fresh constants (names) and to 57 from Constraint Handling Rules (CHR)) to manipulate the store of 117 58 CoqPL’18, January 13, 2018, Los Angeles, California, United States constraints (e.g. to keep the constraint store duplicate free). 118 59 2018. 119 60 1 120 CoqPL’18, January 13, 2018, Los Angeles, California, United States Enrico Tassi 121 3 HOAS for Gallina terms In the spirit of HOAS, Elpi encodes Coq’s evars as λProlog unifica- 181 122 For lack of space we omit the declaration of all Gallina’s term tion variables with a pending typing constraint on them. The proof 182 123 constructors. Instead we comment the HOAS description of addition construction state (evar_map in Coq’s slang) is hence modelled by 183 124 over natural numbers. the set of constraints. Whenever an evar e gets instantiated with 184 125 185 fix `add` 0 (prod `n` (indt "nat") _\ prod `m` (indt "nat") _\ indt "nat") a term t, the corresponding typing constraint is resumed making 126 add\ lam `n` (indt "nat") n\ lam `m` (indt "nat") m\ the assignment fail if the type of t does not match the type of the 186 127 matchn(lam `n` (indt "nat") _\ indt "nat") e. Constraint Handling Rules are used to keep the constraint set 187 128 [m, lam `p` (indt "nat") p\ app[indc "S", app [add, p, m]]] duplicate free: Every time two typing constraints are keyed on the 188 129 Global names are shortened for the sake of conciseness and are same evar, one of the them is turned into an immediate check for 189 130 between double quotes, like "nat", while pretty printing hints are be- compatibility (unification) of the two types. 190 131 tween single quotes such as `add`. Dummy λ-abstraction is written A tactic invocation on the goal on the left is translated to (roughly) 191 132 _\ (i.e. no variable name). The second argument of fix is the position the query on the right 192 133 of the decreasing argument. indt and indc respectively represent T : U pi t\ declt `T` U => 193 134 inductive types and their constructors. const "plus" represents the x := V : T pi x\ defx `x` V t => 194 135 global constant to which the entire term is associated.