Logic and Program modes¶

Imandra has two modes: logic mode and program mode. When we launch Imandra Terminal (or an Imandra Jupyter Notebook session), we start off in logic mode.

In the terminal, we can identify that Imandra is in logic mode by the pound sign prompt (#).

In a notebook, we can inspect Imandra's current mode using the #config directive.

Try this!

In [1]:

#config 1

Out[1]:

----------------------------------------------------------------------------
Configuration component: Load path
----------------------------------------------------------------------------
Value: []
Help topics: dir
----------------------------------------------------------------------------

While in logic mode, we have access to Imandra's reasoning tools, such as verify and theorem.

Try this!

In [2]:

let succ n = n + 1

Out[2]:

val succ : Z.t -> Z.t = <fun>

Try this!

In [3]:

verify (fun n -> succ n > n)

Out[3]:

- : Z.t -> bool = <fun>

Proved

proof
call graph

proof

ground_instances:

0

definitions:

0

inductions:

0

search_time:

0.019s

details:

Expand

smt_stats:

rlimit count:	16
num allocs:	5434633
time:	0.008000
memory:	15.260000
max memory:	15.260000

Expand

start[0.019s] ( :var_0: ) + 1 > ( :var_0: )

simplify
into:
true
expansions:
[]
rewrite_steps:
forward_chaining:
Unsat

Loading..

A future notebook will summarize the various reasoning tools, and explain when to use which one.

In logic mode, all definitions -- types, values and functions -- are entered into the logic. We can see all previous events in logic mode by inspecting the #history (aliased to #h).

Try this!

In [4]:

#h;;

Out[4]:

Try this!

In [5]:

#h succ

Out[5]:

While in logic mode, we are restricted to a purely functional subset of OCaml, and our recursive functions must terminate.

If we try to define a non-terminating function, for example, Imandra will reject it.

Try this!

In [6]:

let rec bad_repeat x = x :: bad_repeat x

Out[6]:

val bad_repeat : 'a -> 'a list = <fun>
Error:
  unsupported: Validate: no measure provided, and Imandra cannot guess any.
  Are you sure this function is actually terminating?
  See https://docs.imandra.ai/imandra-docs/notebooks/proving-program-termination/
  At jupyter cell 6:1,0--40
  1 | let rec bad_repeat x = x :: bad_repeat x
      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Try this!

In [7]:

#show bad_repeat

Out[7]:

Unknown element.

For more complex recursive functions, we may need to convince Imandra that the function terminates, for example by defining a "measure". See the notebook Proving Program Termination with Imandra for more details.

Our logic-mode definitions are allowed to call other definitions only if those other definitions have been admitted into the logic.

Try this!

In [8]:

let say_hi () = print_endline "Hello!"

Out[8]:

Error:
  No function `Stdlib.print_endline` was defined in logic-mode.
  Perhaps you're trying to use a program-mode function in a logic expression?
  At jupyter cell 8:1,16--29
  1 | let say_hi () = print_endline "Hello!"
                      ^^^^^^^^^^^^^
  
----------------------------------------------------------------------------
Context:
  type translation: resolving structure
  At jupyter cell 8:1,0--38
  1 | let say_hi () = print_endline "Hello!"
      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  
----------------------------------------------------------------------------
Context:
  tt.events_of_logic_ast
  At jupyter cell 8:1,0--38
  1 | let say_hi () = print_endline "Hello!"
      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

In order to define such a side-effecting function, we switch to program mode. We do this using the #program directive.

Try this!

In [9]:

#program;;

#config 1;;

Out[9]:

----------------------------------------------------------------------------
Configuration component: Load path
----------------------------------------------------------------------------
Value: []
Help topics: dir
----------------------------------------------------------------------------

In the terminal, we can identify that Imandra is in program mode by the angle bracket prompt (>).

Now that we are in program mode, we have the full power of OCaml at our fingertips!

Try this!

In [10]:

let say_hi () = print_endline "Hello!"

Out[10]:

val say_hi : unit -> unit = <fun>

Try this!

In [11]:

say_hi ()

Out[11]:

Hello!
- : unit = ()

When we switch back to logic mode (using the #logic directive), we can still refer to our program-mode definitions at the top level.

Try this!

In [12]:

#logic;;

say_hi ()

Out[12]:

Hello!
- : unit = ()

But we are forbidden from using them in our logic-mode definitions.

Try this!

In [13]:

let say_hi_from_logic_mode () = say_hi ()

Out[13]:

Error:
  No function `say_hi` was defined in logic-mode.
  Perhaps you're trying to use a program-mode function in a logic expression?
  At jupyter cell 13:1,32--38
  1 | let say_hi_from_logic_mode () = say_hi ()
                                      ^^^^^^
  
----------------------------------------------------------------------------
Context:
  type translation: resolving structure
  At jupyter cell 13:1,0--41
  1 | let say_hi_from_logic_mode () = say_hi ()
      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  
----------------------------------------------------------------------------
Context:
  tt.events_of_logic_ast
  At jupyter cell 13:1,0--41
  1 | let say_hi_from_logic_mode () = say_hi ()
      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Often, we want to define a type in logic mode and then a related function in program mode, for example a pretty-printer. For this case we can use the [@@program] annotation to define a one-off program-mode function while in logic mode.

Try this!

In [14]:

type person = { name : string; favorite_color : string };;

let print_person (person : person) : string =
  Printf.sprintf "%s prefers %s things" person.name person.favorite_color
[@@program];;

print_person { name = "Matt"; favorite_color = "green" };;

Out[14]:

type person = { name : string; favorite_color : string; }
val print_person : person -> string = <fun>
- : string = "Matt prefers green things"

Sometimes we also need to use program-mode functions in order to generate logic-mode values, this can be done using the [@@reflect] annotation:

Try this!

In [15]:

let one = Z.of_string "1" [@@reflect]

Out[15]:

val one : Z.t = 1
- : unit = ()

This can be useful for several reasons, one of the most common ones is reading logic-mode values from files. Imandra also offers the lower-level facility Imandra.port to port program-mode values into logic-mode locals:

Try this!

In [16]:

let x = print_endline "debug"; 1 [@@program];;
Imandra.port "y" "x";;
y;;

Out[16]:

debug
val x : Z.t = 1
val y : Z.t = 1
- : unit = ()
- : unit = ()
- : Z.t = 1

That concludes our overview of Imandra's logic and program modes!

into:	true
expansions:	[]
rewrite_steps:
forward_chaining:

Logic and Program modes¶

simplify