AUTOMATIC GENERATION OF PROOF TERMS IN DEPENDENTLY TYPED PROGRAMMING LANGUAGES Franck Slama A Thesis Submitted for the Degree of PhD at the University of St Andrews 2018 Full metadata for this thesis is available in St Andrews Research Repository at: http://research-repository.st-andrews.ac.uk/ Please use this identifier to cite or link to this thesis: http://hdl.handle.net/10023/16451 This item is protected by original copyright This item is licensed under a Creative Commons Licence https://creativecommons.org/licenses/by-nc-nd/4.0/ Automatic Generation of Proof Terms in Dependently Typed Programming Languages by Franck Slama This thesis is submitted to the University of St Andrews in conformity with the requirements for the degree of Doctor of philosophy in computer science submitted on 02-03-2018 Copyright © 2018 by Franck Slama Abstract Dependent type theories are a kind of mathematical foundations investigated both for the formalisation of mathematics and for reasoning about programs. They are implemented as the kernel of many proof assistants and programming languages with proofs (Coq, Agda, Idris, Dedukti, Matita, etc). Dependent types allow to encode elegantly and constructively the universal and existential quantifications of higher- order logics and are therefore adapted for writing logical propositions and proofs. However, their usage is not limited to the area of pure logic. Indeed, some recent work [7, 10, 32, 33, 35, 36, 44] has shown that they can also be powerful for driving the construction of programs. Using more precise types not only helps to gain confidence about the program built, but it can also help its construction, giving rise to a new style of programming called Type-Driven Development [9]. However, one difficulty with reasoning and programming with de- pendent types is that proof obligations arise naturally once programs become even moderately sized. For example, implementing an adder for binary numbers indexed over their natural number equivalents natur- ally leads to proof obligations for equalities of expressions over natural numbers. The need for these equality proofs comes, in intensional type theories (like CIC and ML) from the fact that in a non-empty context, the propositional equality allows us to prove as equal (with the induction principles) terms that are not judgementally equal, which implies that the typechecker can’t always obtain equality proofs by reduction. As far as possible, we would like to solve such proof obligations auto- matically, and we absolutely need it if we want dependent types to be use more broadly, and perhaps one day to become the standard in functional programming. In this thesis, we show one way to automate these proofs by reflection in the dependently typed programming language Idris. However, the method that we follow is independent from the language being used, and this work could be reproduced in any dependently-typed language. We present an original type-safe reflection mechanism, where reflected terms are indexed by the original Idris expression that they represent, and show how it allows us to easily construct and manipulate proofs. We build a hierarchy of correct-by-construction tactics for proving equivalences in semi-groups, monoids, commutative monoids, groups, commutative groups, semi-rings and rings. We also show how each tactic reuses those from simpler structures, thus avoiding duplication of code and proofs. Finally, and as a conclusion, we discuss the trust we can have in such machine-checked proofs. 2 Candidate’s Declaration I, Franck Slama, do hereby certify that this thesis, submitted for the degree of PhD, which is approximately 60000 words in length, has been written by me, and that it is the record of work carried out by me, or principally by myself in collaboration with others as acknowledged, and that it has not been submitted in any previous application for any degree. I was admitted as a research student at the University of St Andrews in November 2012. I received funding from an organisation or institution and have acknow- ledged the funder(s) in the full text of my thesis. Signature of Candidate: . Date: 02-03-2018 Supervisor’s Declaration I hereby certify that the candidate has fulfilled the conditions of the Resolution and Regulations appropriate for the degree of Doctor of philosophy in computer science in the University of St Andrews and that the candidate is qualified to submit this thesis in application for that degree. Signature of Supervisor: . Date: 02-03-2018 Permission for Publication In submitting this thesis to the University of St Andrews we understand that we are giving permission for it to be made available for use in ac- cordance with the regulations of the University Library for the time being in force, subject to any copyright vested in the work not being affected thereby. We also understand, unless exempt by an award of an embargo as requested below, that the title and the abstract will be published, and that a copy of the work may be made and supplied to any bona fide library or research worker, that this thesis will be electronically accessible for personal or research use and that the library has the right to migrate this thesis into new electronic forms as required to ensure continued access to the thesis. I, Franck Slama confirm that my thesis does not contain any third-party material that requires copyright clearance. The following is an agreed request by candidate and supervisor regarding the publication of this thesis: No embargo on any electronic nor print copy. Signature of Candidate: . Date: 02-03-2018 Signature of Supervisor: . Date: 02-03-2018 Underpinning Research Data or Digital Outputs I, Franck Slama, hereby certify that no requirements to deposit original research data or digital outputs apply to this thesis and that, where appropriate, secondary data used have been referenced in the full text of my thesis. Signature of Candidate: . Date: 02-03-2018 Acknowledgements I’d like to sincerely thank the following people: Edwin, for giving me the freedom and the encouragements to in- vestigate what I wanted to, for your constant support throughout these years, and for always being so positive and motivating. It sincerely was a pleasure to work with you and I can’t express how grateful I am. Kevin, for accepting to be my second supervisor, and also for the work you are doing within the Functional Programming group at St Andrews to make it grow healthy. The examiners Thorsten Altenkirch and Susmit Sarkar, for accepting the extra load of work to review this thesis, and for many improvements that you suggested. Also, thank you Susmit for letting me lecture parts of the module on computational complexity to the third year students. I’ve really enjoyed doing it. Roy Dyckhoff for the feedback you gave me on an early version of my work and for the discussions we had at several seminars across Scotland. My office mates Chris, Matus and Adam, and my almost office mates David C. (who visited us regularly from the end of the corridor) and Jan (who even had a chair at his name in our office) for all the interest- ing discussions, for your help, but also for the laughs and the needed distractions, especially the boardgames at Matus’ place. The technicians and the administrative team of the School of Com- puter Science for your support in many daily tasks, and for making our department such a nice and pleasant place to work. The University of St Andrews and the School of Computer Science for funding this work. 9 My good old friend Mathias, for all the work we’ve done together while we were undergraduates in Toulouse, for all the projects we’ve been hacking on, and also for the good time we’ve had talking about so many things around some infused rums. Ludovic, for reminding me to sometimes forget about my research, and for coming on some hiking trips around Scotland with me. Not to forget all the pubs and restaurants we visited in St Andrews! Nikitas, alias Mouglon for playing some video games with me despite my poor skills at gaming, for all the interesting discussions we regularly have, and for the good ales we had together. David S. for all the good time we had together sharing this house in St Andrews, and for helping me to improve my English when I first arrived in the UK five years ago. Cyril, Charlotte, Lionel, Chloé, Adrien and Justine for all the good time we had when we were students in Toulouse. I can’t believe it was many years ago. Christine Maurel for your amazing lecture on lambda calculus that got me into it, Ralph Matthes, Sergei Soloviev and Celia Picard for my first internships and for introducing me to Coq, coinduction and category theory. And of course many thanks to Armelle Bonenfant for being the one who encouraged me to move to St Andrews for doing this PhD with Edwin; it was indeed a beautiful experience. Alain Prouté for all the interesting discussions we had about the formalisation of mathematics, and for inviting me to the very first meeting on the Saunders system at your home by a sunny afternoon of July 2013. Frédéric Blanqui and Gilles Dowek for the post-doc in your group that I am now about to start. I’m really looking forward to work with you in the Deducteam research group at École Normale Supérieure. My Mother, my Father, my Brother, my Sister, and my Grandparents for your constant encouragements and support, and for your understand- ing when I am terrible at giving news. Gisèle, Alain, Jade, Michel and Aude’s grandparents, for opening up your home to me and always making me feel welcome from the moment I first walked through the door.