CS 345H: Programming Languages (Honors) Fall 2022

Homework 3: Dafny and Lambda Calculus

Due date: November 10, 6pm
Grading: 15% (CS 345H) or 9% (CS 386L) of your course grade

In this homework, we'll do two separate and mostly unrelated things:

• In Part 1, we'll learn more about Dafny, and get some more experience with writing loop invariants for Hoare Logic proofs.
• In Part 2, we'll study a formalization of the lambda calculus, and prove the Church encoding of booleans correct.

Preparation

Make sure you have Coq installed and working, following the instructions from Homework 0.

For Part 1, you'll also need to install Dafny. I strongly suggest using Visual Studio Code to complete this homework, as it has a full-featured Dafny integration with many nice features. Regardless of operating system, install Visual Studio Code before going any further.

Now install the Dafny VSCode extension by clicking the Install button on its homepage or by searching for dafny-lang.ide-vscode in VSCode's extension pane. Make sure you get the right extension, as there are some deprecated ones still available—the one you're looking for is authored by "dafny-lang" rather than "Correctness Lab". (It's the only one with a "verified" checkmark).

Next, follow the appropriate instructions below for your system to get the extension fully set up. If any of the instructions are unclear, see the official Dafny installation instructions for more detailed help.

macOS

First, install the .NET 6.0 SDK using Homebrew:

brew install dotnet-sdk

If you have an Intel Mac, you're done. The first time you open a .dfy file in VSCode, the Dafny extension will automatically download and install the latest Dafny release.

If you have an Apple Silicon Mac, the Dafny extension needs to compile Dafny from source, because there's not yet a binary release of Dafny for these Macs. For this to work, you first need to download and install a Java 8 JDK; I used this version. Once that's done, when you first open a .dfy file in VSCode, the extension will download compile Dafny (which might take 5–10 minutes), and then you're ready to go.

Linux

Install the .NET 6.0 SDK by following the instructions for your distribution.

That should be all you need to do. The first time you open a .dfy file in VSCode, the Dafny extension will automatically download and install the latest Dafny release.

Windows

Nothing more to do! The first time you open a .dfy file in VSCode, the Dafny extension will automatically download and install the latest Dafny release.

Get the code

We'll be using GitHub Classroom to check out and submit this homework. Follow the GitHub Classroom URL on Ed to create your private copy of the homework repository, and then clone that repository to your machine. For example, the repository it created for me is called hw3-jamesbornholt, so I would do:

git clone git@github.com:utcs345h/hw3-jamesbornholt.git
cd hw3-jamesbornholt

Complete the homework

In your repository, there are two files you need to edit:

• Part1.dfy is the Dafny file for Part 1
• Part2.v is the Coq file for Part 2

These files uses comment to explain what's going on and list the problems you need to solve. A few of the problems ask for English answers rather than code; for those questions, you should just add your answer in the file as a comment.

There is a total of 99 points available across the two files, plus 2 points of extra credit in Part 1 (Problem 6).

Resources for writing Dafny

Dafny is a "verification-ready" programming language. To a first approximation, it's like C# but with some weird syntactic differences, and then with pre/postconditions and assertions added to the language.

There's a good collection of Dafny resources on the Dafny website. In particular, the cheatsheet is good as a quick reference for syntax, and the Getting Started tutorial, while long, shows everything you'll need for this homework. Our lecture notes for Dafny also cover most of what you'll need for this homework.

Resources for writing Coq

Coq has a slightly steep learning curve. Here are some resources you could reference if you need help understanding how to write Coq or Coq proofs:

• UW's CSE 505 has some great notes on Coq in their first few lectures.
• The first chapter of Software Foundations is a crash course on both Coq programming and proofs.
• If you're trying to find tactics to use in proofs:
  • Joe Redmon's Coq Tactics Index is somewhat (in)famous
  • Cornell's CS3110 has a Coq tactics cheatsheet
  • Coq's standard library documentation is extensive. Use it to find helpful lemmas about data structures you're using from the standard library (which, in this homework, is just nat from the Arith module).
  • You can also try Coq's built-in Search command, as this blog post explains

What to submit

Submit your solutions by committing your changes in Git and pushing them to the private repository GitHub Classroom created for you in the Get the code step.

The only files you should need to modify are Part1.dfy and Part2.v.

GitHub Classroom will automatically select your most recent pushed commit before the deadline as your submission. There's no need to manually submit anything else via Canvas or GitHub.

GitHub Classroom also has a simple autograder for Dafny and Coq using GitHub Actions. It will pass as long as your files compile, your Dafny file verifies, and your Coq file has no remaining admit or Admitted statements. This is only a partial grader, and we're using it only to give you early feedback on your submissions—we will still be reading and grading your code by hand. Just because the autograder passes doesn't mean you'll get full points; just because the autograder fails doesn't mean you won't get full points.