Abstract
We describe the metaprogramming framework currently used in Lean, an interactive theorem prover based on dependent type theory. This framework extends Lean's object language with an API to some of Lean's internal structures and procedures, and provides ways of reflecting object-level expressions into the metalanguage. We provide evidence to show that our implementation is performant, and that it provides a convenient and flexible way of writing not only small-scale interactive tactics, but also more substantial kinds of automation.
Supplemental Material
Available for Download
A virtual machine image that contains all examples and benchmarks from the paper, as well as installations of the required theorem provers. For more information, please see the included `ReadMe.txt` file.
- Andrea Asperti, Wilmer Ricciotti, Claudio Sacerdoti Coen, and Enrico Tassi. 2011. The Matita Interactive Theorem Prover. In Automated Deduction - CADE-23 - 23rd International Conference on Automated Deduction. Proceedings (Lecture Notes in Computer Science), Nikolaj Bjørner and Viorica Sofronie-Stokkermans (Eds.), Vol. 6803. Springer, 64–69. DOI: Google Scholar
Cross Ref
- Jeremy Avigad, Leonardo de Moura, and Soonho Kong. 2017. Theorem Proving in Lean. (2017). https://leanprover.github.io/theorem_proving_in_lean/theorem_proving_in_lean.pdf.Google Scholar
- David Baelde, Kaustuv Chaudhuri, Andrew Gacek, Dale Miller, Gopalan Nadathur, Alwen Tiu, and Yuting Wang. 2014. Abella: A System for Reasoning about Relational Specifications. J. Formalized Reasoning 7, 2 (2014), 1–89. DOI: Google Scholar
Cross Ref
- Henry G. Baker. 1991. Shallow Binding Makes Functional Arrays Fast. SIGPLAN Not. 26, 8 (Aug. 1991), 145–147. DOI: Google Scholar
Digital Library
- Eli Barzilay. 2006. Implementing Direct Reflection in NuPRL. Ph.D. Dissertation. Cornell University.Google Scholar
- Yves Bertot and Pierre Castéran. 2004. Interactive Theorem Proving and Program Development: Coq’Art: The Calculus of Inductive Constructions. Springer-Verlag, Berlin. Google Scholar
Cross Ref
- Ana Bove, Peter Dybjer, and Ulf Norell. 2009. A Brief Overview of Agda - A Functional Language with Dependent Types. In Theorem Proving in Higher Order Logics, 22nd International Conference, TPHOLs 2009. Proceedings (Lecture Notes in Computer Science), Stefan Berghofer, Tobias Nipkow, Christian Urban, and Makarius Wenzel (Eds.), Vol. 5674. Springer, 73–78. DOI: Google Scholar
Digital Library
- Edwin Brady. 2013. Idris, A General-Purpose Dependently Typed Programming Language: Design and Implementation. J. Funct. Program. 23, 5 (2013), 552–593. DOI: Google Scholar
Cross Ref
- Adam Chlipala. 2011. Certified Programming with Dependent Types. MIT Press. http://adam.chlipala.net/cpdt/ .Google Scholar
- David Raymond Christiansen. 2014. Type-Directed Elaboration of Quasiquotations: A High-Level Syntax for Low-Level Reflection. In Proceedings of the 26th 2014 International Symposium on Implementation and Application of Functional Languages, IFL ’14, Boston, MA, USA, October 1-3, 2014, Sam Tobin-Hochstadt (Ed.). ACM, 1:1–1:9. DOI: Google Scholar
Digital Library
- David R. Christiansen and Edwin Brady. 2016. Elaborator Reflection: Extending Idris in Idris. In Proceedings of the 21st ACM SIGPLAN International Conference on Functional Programming, ICFP 2016, Jacques Garrigue, Gabriele Keller, and Eijiro Sumii (Eds.). ACM, 284–297. DOI: Google Scholar
Digital Library
- Robert L. Constable. 1998. Types in Logic, Mathematics and Programming. In Handbook of Proof Theory. Stud. Logic Found. Math., Vol. 137. North-Holland, Amsterdam, 683–786. DOI: Google Scholar
Cross Ref
- Thierry Coquand and Gérard Huet. 1988. The Calculus of Constructions. Inform. and Comput. 76, 2-3 (1988), 95–120.Google Scholar
Digital Library
- Thierry Coquand and Christine Paulin. 1990. Inductively Defined Types. In COLOG-88 (Tallinn, 1988). Lecture Notes in Comput. Sci., Vol. 417. Springer, Berlin, 50–66. Google Scholar
Cross Ref
- Leonardo Mendonça de Moura, Soonho Kong, Jeremy Avigad, Floris van Doorn, and Jakob von Raumer. 2015. The Lean Theorem Prover (System Description). In Automated Deduction - CADE-25 - 25th International Conference on Automated Deduction, 2015, Proceedings (Lecture Notes in Computer Science), Amy P. Felty and Aart Middeldorp (Eds.), Vol. 9195. Springer, 378–388. DOI: Google Scholar
Cross Ref
- David Delahaye. 2000. A Tactic Language for the System Coq. In Logic for Programming and Automated Reasoning, 7th International Conference, LPAR 2000, Proceedings (Lecture Notes in Computer Science), Michel Parigot and Andrei Voronkov (Eds.), Vol. 1955. Springer, 85–95. DOI: Google Scholar
Cross Ref
- David Delahaye. 2002. A Proof Dedicated Meta-Language. Electr. Notes Theor. Comput. Sci. 70, 2 (2002), 96–109. DOI: Google Scholar
Cross Ref
- David Detlefs, Greg Nelson, and James B. Saxe. 2005. Simplify: A Theorem Prover for Program Checking. J. ACM 52, 3 (May 2005), 365–473. Google Scholar
Digital Library
- Peter Dybjer. 1994. Inductive Families. Formal Asp. Comput. 6, 4 (1994), 440–465. DOI: Google Scholar
Digital Library
- Gabriel Ebner, Stefan Hetzl, Giselle Reis, Martin Riener, Simon Wolfsteiner, and Sebastian Zivota. 2016. System Description: GAPT 2.0. In International Joint Conference on Automated Reasoning, IJCAR (Lecture Notes in Computer Science), Nicola Olivetti and Ashish Tiwari (Eds.), Vol. 9706. Springer, 293–301.Google Scholar
Digital Library
- Healfdene Goguen, Conor McBride, and James McKinna. 2006. Eliminating dependent pattern matching. In Algebra, Meaning, and Computation. Springer, 521–540. Google Scholar
Cross Ref
- Georges Gonthier, Beta Ziliani, Aleksandar Nanevski, and Derek Dreyer. 2013. How to Make Ad Hoc Proof Automation Less Ad Hoc. J. Funct. Program. 23, 4 (2013), 357–401. DOI: Google Scholar
Cross Ref
- Mike Gordon. 2000. From LCF to HOL: a short history. In Proof, Language, and Interaction, Essays in Honour of Robin Milner, Gordon D. Plotkin, Colin Stirling, and Mads Tofte (Eds.). The MIT Press, 169–186.Google Scholar
Digital Library
- Lars Hupel. 2014. Interactive Simplifier Tracing and Debugging in Isabelle. In Intelligent Computer Mathematics - International Conference, CICM 2014. Proceedings (Lecture Notes in Computer Science), Stephen M. Watt, James H. Davenport, Alan P. Sexton, Petr Sojka, and Josef Urban (Eds.), Vol. 8543. Springer, 328–343. DOI: Google Scholar
Cross Ref
- Sheng Liang, Paul Hudak, and Mark P. Jones. 1995. Monad Transformers and Modular Interpreters. In Conference Record of POPL’95: 22nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, 1995, Ron K. Cytron and Peter Lee (Eds.). ACM Press, 333–343. DOI: Google Scholar
Digital Library
- Gregory Malecha and Jesper Bengtson. 2016. Extensible and Efficient Automation Through Reflective Tactics. In Programming Languages and Systems - 25th European Symposium on Programming, ESOP 2016, Proceedings (Lecture Notes in Computer Science), Peter Thiemann (Ed.), Vol. 9632. Springer, 532–559. DOI: Google Scholar
Cross Ref
- Gregory Michael Malecha. 2014. Extensible Proof Engineering in Intensional Type Theory. Ph.D. Dissertation. Harvard University. http://gmalecha.github.io/publication/2015/02/01/extensible-proof-engineering-in-intensional-type-theory. htmlGoogle Scholar
- Daniel Matichuk, Toby C. Murray, and Makarius Wenzel. 2016. Eisbach: A Proof Method Language for Isabelle. J. Autom. Reasoning 56, 3 (2016), 261–282. DOI: Google Scholar
Digital Library
- Conor McBride and James McKinna. 2004. Functional Pearl: I Am Not a Number — I Am a Free Variable. In Proceedings of the ACM SIGPLAN Workshop on Haskell, Haskell 2004, Henrik Nilsson (Ed.). ACM, 1–9. DOI: Google Scholar
Digital Library
- Greg Nelson and Derek C Oppen. 1980. Fast Decision Procedures Based on Congruence Closure. Journal of the ACM (JACM) 27, 2 (1980), 356–364. Google Scholar
Digital Library
- Robert Nieuwenhuis and Albert Rubio. 2001. Paramodulation-Based Theorem Proving. In Handbook of Automated Reasoning, John Alan Robinson and Andrei Voronkov (Eds.). Vol. 1. Elsevier and MIT Press, 371–443. Google Scholar
Cross Ref
- Ulf Norell. 2008. Dependently Typed Programming in Agda. In Advanced Functional Programming, 6th International School, AFP 2008, Revised Lectures (Lecture Notes in Computer Science), Pieter W. M. Koopman, Rinus Plasmeijer, and S. Doaitse Swierstra (Eds.), Vol. 5832. Springer, 230–266. DOI: Google Scholar
Cross Ref
- Brigitte Pientka. 2010. Beluga: Programming with Dependent Types, Contextual Data, and Contexts. In Functional and Logic Programming, 10th International Symposium, FLOPS 2010. Proceedings (Lecture Notes in Computer Science), Matthias Blume, Naoki Kobayashi, and Germán Vidal (Eds.), Vol. 6009. Springer, 1–12. DOI: Google Scholar
Digital Library
- Antonis Stampoulis and Zhong Shao. 2010. VeriML: typed computation of logical terms inside a language with effects. In Proceeding of the 15th ACM SIGPLAN International Conference on Functional programming, ICFP 2010, Paul Hudak and Stephanie Weirich (Eds.). ACM, 333–344. DOI: Google Scholar
Digital Library
- Paul van der Walt and Wouter Swierstra. 2012. Engineering Proof by Reflection in Agda. In Implementation and Application of Functional Languages - 24th International Symposium, IFL 2012 (Lecture Notes in Computer Science), Ralf Hinze (Ed.), Vol. 8241. Springer, 157–173. DOI: Google Scholar
Cross Ref
- Andrei Voronkov. 2014. AVATAR: The Architecture for First-Order Theorem Provers. In Computer Aided Verification, CAV (Lecture Notes in Computer Science), Armin Biere and Roderick Bloem (Eds.), Vol. 8559. Springer, 696–710.Google Scholar
- Beta Ziliani, Derek Dreyer, Neelakantan R. Krishnaswami, Aleksandar Nanevski, and Viktor Vafeiadis. 2015. Mtac: A Monad for Typed Tactic Programming in Coq. J. Funct. Program. 25 (2015). DOI: Google Scholar
Cross Ref
- Beta Ziliani, Yann Régis-Gianas, and Jan-Oliver Kaiser. 2017. The Next 700 Safe Tactic Languages. (2017). Preprint.Google Scholar
Index Terms
A metaprogramming framework for formal verification
Recommendations
A Survey of Metaprogramming Languages
Metaprogramming is the process of writing computer programs that treat programs as data, enabling them to analyze or transform existing programs or generate new ones. While the concept of metaprogramming has existed for several decades, activities ...
Explicitly heterogeneous metaprogramming with MetaHaskell
ICFP '12: Proceedings of the 17th ACM SIGPLAN international conference on Functional programmingLanguages with support for metaprogramming, like MetaOCaml, offer a principled approach to code generation by guaranteeing that well-typed metaprograms produce well-typed programs. However, many problem domains where metaprogramming can fruitfully be ...
Explicitly heterogeneous metaprogramming with MetaHaskell
ICFP '12Languages with support for metaprogramming, like MetaOCaml, offer a principled approach to code generation by guaranteeing that well-typed metaprograms produce well-typed programs. However, many problem domains where metaprogramming can fruitfully be ...






Comments