From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 X-Received: by 2002:a24:1458:: with SMTP id 85-v6mr7493279itg.55.1525145891775; Mon, 30 Apr 2018 20:38:11 -0700 (PDT) X-Received: by 2002:a9d:4712:: with SMTP id a18-v6mr1138480otf.1.1525145891087; Mon, 30 Apr 2018 20:38:11 -0700 (PDT) Path: eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!feeder.eternal-september.org!news.uzoreto.com!weretis.net!feeder6.news.weretis.net!feeder.usenetexpress.com!feeder-in1.iad1.usenetexpress.com!peer01.iad!feed-me.highwinds-media.com!news.highwinds-media.com!f63-v6no2655842itc.0!news-out.google.com!b185-v6ni4099itb.0!nntp.google.com!f63-v6no2655839itc.0!postnews.google.com!glegroupsg2000goo.googlegroups.com!not-for-mail Newsgroups: comp.lang.ada Date: Mon, 30 Apr 2018 20:38:10 -0700 (PDT) Complaints-To: groups-abuse@google.com Injection-Info: glegroupsg2000goo.googlegroups.com; posting-host=47.185.233.194; posting-account=zwxLlwoAAAChLBU7oraRzNDnqQYkYbpo NNTP-Posting-Host: 47.185.233.194 User-Agent: G2/1.0 MIME-Version: 1.0 Message-ID: <7b6ae5e8-6604-4d36-b606-ead71f667847@googlegroups.com> Subject: Why not Coq2Ada program extraction? From: "Dan'l Miller" Injection-Date: Tue, 01 May 2018 03:38:11 +0000 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Received-Bytes: 2427 X-Received-Body-CRC: 349181152 Xref: reader02.eternal-september.org comp.lang.ada:51863 Date: 2018-04-30T20:38:10-07:00 List-Id: Coq already extracts (generates) OCaml, Scheme, and Haskell from proofs. E= xtracting Rust from Coq proofs is a work-in-progress at https://github.com/= pirapira/coq2rust Why hasn't anyone ever developed Ada extraction from Coq proofs? Perhaps t= he coq2rust work-in-progress can serve as a guide and/or inspiration for an= analogous coq2ada. What if the entire English-prose ARM were re-written as Coq proofs? Then a= fresh new Ada compiler front-end could be extracted therefrom (and it woul= d be provably verified as conforming to the ARM-in-translation-to-Coq, leav= ing only defects in the English prose and defects in the transliteration of= prose to Coq and bugs in Coq and bugs in the Coq-to-Ada extraction as the = remaining origins of compiler bugs). Perhaps this is the eventual path to = the disruptor to dislodge GNAT for which some have been yearning. What if either the front-end's interface to LLVM or each ISA were re-writte= n as Coq proofs? Then a fresh new Ada compiler back-end could be extracted= therefrom. (Either all that or else it would pole-vault [Coq-extracted-]OCaml to being= a language in which to implement Ada compilers.) For a rather lucid tutorial on Coq as applied to correctness proofs of prog= rams, please see the online editions of the 3-volume set of books: https://SoftwareFoundations.cis.upenn.edu