mirror of
https://github.com/achlipala/frap.git
synced 2024-12-01 00:26:18 +00:00
Fleshed out intro
This commit is contained in:
Adam Chlipala
parent
2d64f99796
commit
e5898976ab
3 changed files with 63 additions and 3 deletions
4
.gitignore
vendored
4
.gitignore
vendored
|
|
@ -5,3 +5,7 @@
|
||||||
*.out
|
*.out
|
||||||
*.pdf
|
*.pdf
|
||||||
*.toc
|
*.toc
|
||||||
|
*.bbl
|
||||||
|
*.blg
|
||||||
|
*.ilg
|
||||||
|
*.ind
|
||||||
|
|
|
||||||
5
Makefile
5
Makefile
|
|
@ -1,3 +1,6 @@
|
||||||
frap.pdf: frap.tex
|
frap.pdf: frap.tex Makefile
|
||||||
|
pdflatex frap
|
||||||
|
pdflatex frap
|
||||||
|
makeindex frap
|
||||||
pdflatex frap
|
pdflatex frap
|
||||||
pdflatex frap
|
pdflatex frap
|
||||||
|
|
|
||||||
57
frap.tex
57
frap.tex
|
|
@ -85,12 +85,65 @@ Eventually, there will no doubt be some sort of historical overview here, as par
|
||||||
There will also be plenty of scholarly citations (here and throughout the book).
|
There will also be plenty of scholarly citations (here and throughout the book).
|
||||||
In this early version, you get to take the author's word for it that we are about to learn a promising approach!
|
In this early version, you get to take the author's word for it that we are about to learn a promising approach!
|
||||||
|
|
||||||
|
However, one overarching element of our strategy is important enough to deserve to be called out here.
|
||||||
|
We will study a variety of different approaches for formalizing what a program should do and for proving that a program does what it should.
|
||||||
|
At every step, we will pay close attention to the \emph{common foundation} that underlies everything.
|
||||||
|
For one thing, we will be proving all of our theorems with the Coq proof assistant, a powerful framework for writing and machine-checking proofs.
|
||||||
|
Coq itself is based on a relatively small set of core features, much like a well-designed programming language, and in both we build up increasingly sophisticated abstractions as libraries.
|
||||||
|
Those features can be thought of as the core of all mathematical reasoning.
|
||||||
|
|
||||||
|
We will also apply a recipe specific to program proof.
|
||||||
|
When we encounter a new challenge, to prove a new kind of property about a new kind of program, we will generally be considering four broad elements that appear in nearly all techniques.
|
||||||
|
|
||||||
|
\begin{itemize}
|
||||||
|
\item \index{encoding}\textbf{Encoding.}
|
||||||
|
Every programming language has both \index{syntax}\emph{syntax}, which defines what programs look like, and \index{semantics}\emph{semantics}, which defines how programs behave when run.
|
||||||
|
Even when these elements seem obvious intuitively, we often find that there are surprisingly subtle choices to be made in defining syntax and semantics at the highest level of rigor.
|
||||||
|
Seemingly minor decisions can have big impacts on how smoothly our proofs go.
|
||||||
|
|
||||||
|
\item \textbf{Invariants.}
|
||||||
|
Nearly every theorem about a program is stated in terms of a \index{transition system}\emph{transition system}, with some set of states and a relation for stepping from one state to the next, moving forward in time.
|
||||||
|
Nearly every program proof also works by finding an \index{invariant}\emph{invariant} of a transition system, or a property that always holds of every state reachable from some starting state.
|
||||||
|
The concept of invariant is very close to being a direct reinterpretation of mathematical induction, that glue of every serious mathematical development, known and loved by all.
|
||||||
|
|
||||||
|
\item \index{abstraction}\textbf{Abstraction.}
|
||||||
|
Often a transition system is too complex to analyze directly.
|
||||||
|
Instead, we \emph{abstract} it with another transition system that is somehow more tractable, proving that the new system preserves all relevant properties of the original.
|
||||||
|
|
||||||
|
\item \index{modularity}\textbf{Modularity.}
|
||||||
|
Similarly, when a transition system is too complex, we often break it into separate \emph{modules} and use some well-behaved composition operators to reassemble them into the whole.
|
||||||
|
Often abstraction and modularity go together, as we decompose a system both \index{horizontal decomposition}\emph{horizontally} (i.e., with modularity), splitting it into more manageable parts, and \index{vertical decomposition}\emph{vertically} (i.e., with abstraction), simplifying parts in ways that preserve key properties.
|
||||||
|
We can even alternate between strategies, breaking a system into parts, abstracting one as a simpler part, further decomposing that part into pieces, and so on.
|
||||||
|
\end{itemize}
|
||||||
|
|
||||||
|
In the course of the book, we will never quite define any of these meta-techniques in complete formality.
|
||||||
|
Instead, we'll meet many examples of each, called out by eye-catching margin notes.
|
||||||
|
Generalizing from the examples should help the reader start developing an intuition for when to use each element and for the common design patterns that apply.
|
||||||
|
|
||||||
|
The core subject matter of the book is often grouped under traditional disciplinary headers like \index{semantics}\emph{semantics}, \index{programming-languages theory}\emph{programming-languages theory}, \index{formal methods}\emph{formal methods}, and \index{verification}\emph{verification}.
|
||||||
|
Often these different traditions have their own competing terminology for shared concepts.
|
||||||
|
We'll follow one particular set of unified terminology and notation, cherry-picked from the conventions of different communities.
|
||||||
|
There really is a huge amount of commonality across everything that we'll study, so we don't want to distract by constantly translating between notations.
|
||||||
|
It is quite important to be literate in the standard notational conventions, which are almost always implemented with \index{\LaTeX{}}\LaTeX{}, and we stick entirely to that kind of notation in this book.
|
||||||
|
However, we follow another, much less usual convention: while we give theorem and lemma statements, we rarely give their proofs.
|
||||||
|
The reason is that the author and many other researchers today feel that proofs on paper have outlived their usefulness.
|
||||||
|
Instead, the proofs are all found in the parallel world of the accompanying Coq source code.
|
||||||
|
|
||||||
|
That is, each chapter of this book has a corresponding Coq source file, distributed with the general book source code.
|
||||||
|
The Coq sources are heavily commented and may even, in many cases, be feasible to read without also reading the book chapters.
|
||||||
|
More importantly, the Coq sources aren't just meant to be \emph{read}.
|
||||||
|
They are meant to be \emph{executed}.
|
||||||
|
We suggest stepping through them interactively, seeing intermediate states of proofs as appropriate.
|
||||||
|
The book proper can be read without the Coq sources, to learn the standard background material of program proof; and the Coq sources can be read without the book proper, to learn a particular concrete realization of those ideas.
|
||||||
|
However, they go better together.
|
||||||
|
|
||||||
|
|
||||||
\appendix
|
\appendix
|
||||||
|
|
||||||
\backmatter
|
\backmatter
|
||||||
% Bibliography styles amsplain or harvard are also acceptable.
|
% Bibliography styles amsplain or harvard are also acceptable.
|
||||||
\bibliographystyle{amsalpha}
|
%% \bibliographystyle{amsalpha}
|
||||||
\bibliography{}
|
%% \bibliography{}
|
||||||
% See note above about multiple indexes.
|
% See note above about multiple indexes.
|
||||||
\printindex
|
\printindex
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue