On Agda JAIST/AIST WS CVS/AIST Yoshiki Kinoshita, Yoriyuki Yamagata. Agenda

Similar documents
An Introduction to Programming and Proving in Agda (incomplete draft)

Introduction to dependent types in Coq

Automated Reasoning. Natural Deduction in First-Order Logic

Mathematics for Computer Scientists 2 (G52MC2)

ABriefOverviewofAgda A Functional Language with Dependent Types

Alonzo a Compiler for Agda

Martin-Löf s Type Theory

Automata and Formal Languages - CM0081 Introduction to Agda

HOL DEFINING HIGHER ORDER LOGIC LAST TIME ON HOL CONTENT. Slide 3. Slide 1. Slide 4. Slide 2 WHAT IS HIGHER ORDER LOGIC? 2 LAST TIME ON HOL 1

Logical Verification Course Notes. Femke van Raamsdonk Vrije Universiteit Amsterdam

Inductive Definitions, continued

Provably Correct Software

Formalizing the Halting Problem in a Constructive Type Theory

Martin-L f's Type Theory. B. Nordstr m, K. Petersson and J. M. Smith. Contents. 5.4 The set of functions (Cartesian product of a family of sets) 24

Towards Reasoning about State Transformer Monads in Agda. Master of Science Thesis in Computer Science: Algorithm, Language and Logic.

Polymorphic lambda calculus Princ. of Progr. Languages (and Extended ) The University of Birmingham. c Uday Reddy

Overview. A Compact Introduction to Isabelle/HOL. Tobias Nipkow. System Architecture. Overview of Isabelle/HOL

Coq, a formal proof development environment combining logic and programming. Hugo Herbelin

Basic Foundations of Isabelle/HOL

Chapter 3: Propositional Languages

Dependent Types and Irrelevance

Universes. Universes for Data. Peter Morris. University of Nottingham. November 12, 2009

CSL105: Discrete Mathematical Structures. Ragesh Jaiswal, CSE, IIT Delhi

LOGIC AND DISCRETE MATHEMATICS

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter p. 1/27

Data types for mcrl2

Formal Predicate Calculus. Michael Meyling

Logic Haskell Exercises

Introduction to Homotopy Type Theory

Logic Informatics 1 Functional Programming: Tutorial 6

Coq in a Hurry. Yves Bertot

Programming with Universes, Generically

Programming Languages Third Edition

4. The λ-calc. with Prod. and Conj.

Introductory logic and sets for Computer scientists

SOFTWARE VERIFICATION AND COMPUTER PROOF (lesson 1) Enrico Tassi Inria Sophia-Antipolis

Theorem proving. PVS theorem prover. Hoare style verification PVS. More on embeddings. What if. Abhik Roychoudhury CS 6214

Calculus of Inductive Constructions

CS 320: Concepts of Programming Languages

The Truth about Types. Bartosz Milewski

Z Notation. June 21, 2018

CS 336/CS M36 (part 2)/CS M46 Interactive Theorem Proving

Abella: A System for Reasoning about Relational Specifications

Programming with Math and Logic

c constructor P, Q terms used as propositions G, H hypotheses scope identifier for a notation scope M, module identifiers t, u arbitrary terms

Coq quick reference. Category Example Description. Inductive type with instances defined by constructors, including y of type Y. Inductive X : Univ :=

The Isar Proof Language in 2016

A Simple Supercompiler Formally Verified in Coq

Parametricity and Dependent Types

Constructive Type Theory and Interactive Theorem Proving. Peter Dybjer Chalmers Tekniska Högskola Göteborg, Sweden

First-Class Type Classes

Classical logic, truth tables. Types, Propositions and Problems. Heyting. Brouwer. Conjunction A B A & B T T T T F F F T F F F F.

STABILITY AND PARADOX IN ALGORITHMIC LOGIC

Partiality and Recursion in Interactive Theorem Provers - An Overview

Lee Pike. June 3, 2005

Proof Documents: Presentation and Representation

A computer implemented philosophy of mathematics

Induction in Coq. Nate Foster Spring 2018

Definition: A context-free grammar (CFG) is a 4- tuple. variables = nonterminals, terminals, rules = productions,,

Type checking in the presence of meta-variables

The Coq Proof Assistant A Tutorial

Programming with Dependent Types Interactive programs and Coalgebras

A NEW PROOF-ASSISTANT THAT REVISITS HOMOTOPY TYPE THEORY THE THEORETICAL FOUNDATIONS OF COQ USING NICOLAS TABAREAU

Sets. Sets. Subset, universe. Specifying sets, membership. Examples: Specifying a set using a predicate. Examples

Foundations of AI. 9. Predicate Logic. Syntax and Semantics, Normal Forms, Herbrand Expansion, Resolution

Introduction to Coq Proof Assistant

Abella: A System for Reasoning about Relational Specifications

Using Agda to Explore Path-Oriented Models of Type Theory

Partiality and Recursion in Interactive Theorem Provers An Overview

10 Years of Partiality and General Recursion in Type Theory

MLW. Henk Barendregt and Freek Wiedijk assisted by Andrew Polonsky. March 26, Radboud University Nijmegen

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Sections p.

CS 456 (Fall 2018) Scribe Notes: 2

Typed Lambda Calculus

CIS 194: Homework 8. Due Wednesday, 8 April. Propositional Logic. Implication

Integration of SMT Solvers with ITPs There and Back Again

Propositional Calculus: Boolean Functions and Expressions. CS 270: Mathematical Foundations of Computer Science Jeremy Johnson

Bag Equivalence via a Proof-Relevant Membership Relation

Algebra of Programming using Dependent Types

Resolution (14A) Young W. Lim 6/14/14

Proofs-Programs correspondance and Security

Type Theory. Lecture 2: Dependent Types. Andreas Abel. Department of Computer Science and Engineering Chalmers and Gothenburg University

Theorem Proving Principles, Techniques, Applications Recursion

Inductive data types

Programming Proofs and Proving Programs. Nick Benton Microsoft Research, Cambridge

λ calculus is inconsistent

Proofs are Programs. Prof. Clarkson Fall Today s music: Proof by Paul Simon

Notes. Notes. Introduction. Notes. Propositional Functions. Slides by Christopher M. Bourke Instructor: Berthe Y. Choueiry.

The Coq Proof Assistant A Tutorial

Preuves Interactives et Applications

Expr_annotated.v. Expr_annotated.v. Printed by Zach Tatlock

Flang typechecker Due: February 27, 2015

Programs and Proofs in Isabelle/HOL

The Coq Proof Assistant A Tutorial

Lecture 8: Summary of Haskell course + Type Level Programming

CS 314 Principles of Programming Languages

(ii) Define a function ulh that takes a list xs, and pairs each element with all other elements in xs.

Mathematics for Computer Scientists 2 (G52MC2)

Isabelle s meta-logic. p.1

A Case Study of Co-induction in Isabelle 1

Transcription:

On Agda 2009.3.12 JAIST/AIST WS CVS/AIST Yoshiki Kinoshita, Yoriyuki Yamagata Agenda On Agda Agda as a programming language Agda as a proof system Further information. 2 1

Agenda On Agda Agda as a programming language Agda as a proof system Further information. 3 History Chalmers University of Technology (Göteborg, SW) from 1990 s Catarina Coquand, Lennart Augustsson, Thierry Coquand, Makoto Takeyama, Marcin Benke, Thomas Hallgren Cf. ALF, Alfa etc theorem prover based on constructive type theory Joint development by CVS/AIST from 2003 plug-in, application to industry Cf. Agda Implementers Meeting (AIM): twice a year@ Göteborg /Senri 2008.11 9th@Sendai Agda2 from 2006 Language changed old Agda is called Agda1 Ulf Norell, Catarina Coquand, Makoto Takeyama, Nils Anders Danielsson, Andreas Abel, Karl Mehltretter, Marcin Benke 4 2

Principle of Agda Martin-Löf s constructive type theory Curry-Howard correspondence term : type proof : proposition As a dependent-type functional programming language Term as a program;agda is a compiler As a proof system Term as a proof;agda is a theorem prover 5 Feature of Agda Language Dependent type Recursively defined type Unicode System Always shows a proof term as opposed to script based Coq, Isabelle Compiler to Haskell Meta variables Place holder which can be Instantiated by concrete term later. 6 3

Agenda On Agda Agda as a programming language Agda as a proof system Further information. 7 Type declaration Agda Language data (recursive type) record (record) Function declaration (definitional equality) Postulate Module declaration record type fixity 8 4

Type declaration Agda Language data (recursive type) record (record) Function declaration (definitional equality) Postulate Module declaration record type fixity 9 data declaration Sole predefined type : Set Set: type of all type Introducing type data record data declaration Enumerate all constructors E.g.: Bool type true and false are constructors of Bool type data Bool : Set where true : Bool false : Bool 10 5

Recursively defined data type Recursive type Constructor can take arguments of its type E.g.: Nat Type of natural numbers Constructors are zero and succ zero is a constant succ is a unary constructor Terms of Nat type: zero succ zero succ (succ zero) data Nat : Set where zero : Nat succ : Nat -> Nat 11 Lexical Convention Indentation and new line have meanings Ex.2. need indentation. Ex.3. need new line Ex.4 is correct. Semicolon can replace new line identifier can contain any unicode To separate identifiers, we need spaces e.g. Nat: Set are two identifiers. mixfix notation See Ex.5 is declared to be a postfix operator 1. data Nat : Set where zero : Nat succ : Nat -> Nat 2. data Nat : Set where zero : Nat succ : Nat -> Nat 3. data Nat : Set where zero : Nat succ : Nat -> Nat 4. data Nat : Set where zero : Nat ; succ : Nat -> Nat 5. data Nat : Set where 0 : Nat _ : Nat -> Nat 12 6

Parameterized data type Finite list of values of type A [] nil; ::cons _::_ :: is an infix operator data List (A : Set) : Set where [] : List A _::_ : A -> List A -> List A 13 Dependant type Array : type dependent to value. Fixed length list of values Array A n signifies type of array with elements of type A and length n * is a only value of Array A 0 cons n a x adds x to a, an array of length n Type of 3 rd argument of cons Array A n depend on n We name the 1 st arg. n for later reference 1. data Array (A : Set) : Nat -> Set where * : Array A 0 cons : (n : Nat) -> A -> Array A n > Array A (n ) 2. * : {A : Set} -> Array A 0 cons : {A : Set} -> (n : Nat) -> A -> Array A n -> Array A (n ) 14 7

implicit argument 1 st arg. Of cons n can be derived of the type of 3 rd argument write {n : Nat} instead of (n : Nat) Then, we can omit n Defining as 1. cons can be used without n (cons a x) In this case, we can introduce infix^ and defining as 2. e.g., a^x : adding x to a 1. data Array (A : Set) : Nat -> Set where *: Array A 0 cons : {n : Nat} -> A -> Array A n -> Array A (n ) 2. data Array (A : Set) : Nat -> Set where * : Array A 0 _^_ : {n : Nat} -> A -> Array A n -> Array A (n ) 15 Type declaration Agda Language data (recursive type) record (record) Function declaration (definitional equality) Postulate Module declaration record type fixity 16 8

Record type A way of combining several values of different types E.g.: values of (1.) are pair consisting Bool and Nat. f1 and f2 are field names Field names can be used to extract values (selector) Declaration 1. contains two function definition of 2. If b is type Bool and n is type Nat, 3. is a value of type BN. 1. record BN : Set where field f1 : Bool f2 : Nat 2. BN.f1 : BN -> Bool BN.f2 : BN -> Nat 3. record { f1 = b ; f2 = n } 17 Dependant Record Type Type of a field can depend on the value of previous fields. E.g. Combining Boolean array and its length (1.) Type of array field depends on length Type of the selector becomes like 2. 1. record VR : Set where field length : Nat array : Array Bool length 2. VR.length : VR -> Nat VR.array : (r : VR) -> Array Bool (VR.length r) 18 9

Parameterized Record Type Record type can take a type parameter. E.g. we can define as 1. Types of selectors: 2. Type parameter X become an implicit argument of selectors. 1. record PVR (X : Set) : Set where field length : Nat array : Array X length 2. PVR.length : {X : Set} -> PVR X -> Nat PVR.array : {X : Set} -> (r : PVR X) -> Array X (PVR.length r) 19 Type declaration Agda Language data (recursive type) record (record) Function declaration (definitional equality) Postulate Module declaration record type fixity 20 10

Function Declaration Function abstraction becomes 1. it corresponds (λx : Nat) x In Function declarations, types and values are specified separately. (2.,3.) Can specify values by pattern matching (2.,3.) Can use mixfix in function declaration as data declarlation (2.,3.) 1. (x : Nat) -> x 2. _+_ : Nat -> Nat -> Nat n + 0 = n n + (m ) = (n + m) 3. _==_ : Nat -> Nat -> Bool 0 == 0 = true zero == _ = false m == 0 = false m == n = m == n 21 Function Declaration By making type parameters as implicit parameters, you can define ifthen-else(1.) and Array map(2.) 1. if_then_else_fi : {X : Set} -> Bool -> X -> X -> X if true then a else _ fi = a if false then _ else b fi = b 2. ArrayMap : {X Y : Set} -> {n : Nat} -> (X -> Y) -> Array X n -> Array Y n ArrayMap f * = * ArrayMap f (x ^ xs) = (f x) ^ (ArrayMap f xs) 22 11

Agenda On Agda Agda as a programming language Agda as a proof system Further information. 23 Embedding Formal System Shallow embedding Agda treats formulae as atoms Substitution etc. Agda s substitution Deep embedding Agda can look inside of formulae 24 12

Shallow Embedding of First Order Predicate Logic Proposition as a set of proofs Based on Intuitionistic logic Excluded Middle is introduced by postulate Shallow Embedding Proposition : Set Proofs are elements of propositions Logical connectives are introduced by 4 rules 1. Formation rules 2. Introduction rules 3. Elimination rules 4. Conversions We show Agda s construction for1.-3. 4. defines equivalence between proofs (normalization). 25 (absurdity) Absurdity is a proposition with no proof i.e. Empty Set Form: 1. No constructor for no proof for proposition No Introduction rule Elim: 2. Elim For any prop. P, Elim{P} takes a proof of and returns a proof of P. () matches when there is no constructor in the type 1. data : Set where 2. Elim : {P : Prop} -> -> P Elim () 26 13

(conjunction) Form: 1. If P and Q are propositions, P Q is a proposition. is defined as a parameterized record Intro: 2. Function Intro takes P s proof and Q s proof, returns P Q s proof. Elim: Elimination rules for conjunctions are constructed by selectors. 1. record _ _ (P Q : Set) : Set where field Elim1 : P ; Elim2 : Q 2. Intro : {P Q : Set} -> P -> Q -> P Q Intro a b = record { Elim1 = a ; Elim2 = b } 3. Elim1 : {P Q : Set} -> P Q -> P Elim1 = _ _.Elim1 Elim2 : {P Q : Set} -> P Q -> Q Elim2 = _ _.Elim2 27 (disjunction) Form: 1. If P and Q are propositions, P Q is a proposition. is defined as a parameterized data type. Intro: 1. Two constructors correspond two introduction rules. Intro1 takes P s proof and returns P Q s proof Intro2 takes Q s proof and returns P Q s proof Elim: 2. Elim corresponds - elimination of natural deduction 1. data _ _ (P Q : Set) : Set where Intro1 : P -> P Q Intro2 : Q -> P Q 2. Elim : {P Q R : Set} -> P Q -> (P -> R) -> (Q -> R) -> R Elim ( Intro1 a) prfp _ = prfp a Elim ( Intro2 b) _ prfq = prfq b [P] [Q] P Q C C C -elimination 28 14

(implication) Form: 1. If P and Q are propositions, P Q is a proposition. Using function type P-> Q, it is defined as a parameterized data type. Intro: 1. s constructor corresponds introduction. Elim: 2. Defined by function application. We introduce new type instead of using just -> to treat logical connectives uniformly as data types. 1. data _ _ (P Q : Set) : Set where Intro : (P -> Q) -> P Q 2. Elim : {P Q : Set} -> P Q -> P -> Q Elim ( Intro f) a = f a 29 (negation) Negation is defined by using implication and absurdity. Form: 1. If P is a proposition, P is a proposition. Intro: 2. Intro takes a function from P s proof to absurdity and returns P s proof. Elim: 3. Elim receives P s proof and P s proof, returns a proof of absurdity. 1. : Set -> Set P = P 2. Intro : {P : Set} -> (P -> ) -> P Intro pr = Intro pr 3. Elim : {P : Set} -> P -> P -> Elim ( Intro pr1) pr2 = pr1 pr2 30 15

Example of a proof of tautology [A B] 1 elim1 A -intro1 A B 1 -intro A B A B 1. p1 : (A B : Set) -> (A B) (A B) p1 A B = Intro ( (x : A B) -> Intro1 ( Elim1 x)) 31 (universal quantifier) Form: 1. P is a domain of objects. Q is a function from P to Propositions. A proof of ( x: P) Q[x] : A function receiving an object x of type P and returns a proof of Q x. Since, x is a bound variable, its name is meaningless. Hence in Agda, we write P Q. Intro: 1. Constructor Intro corresponds introduction rule. Elim: 2. Elim corresponds eliminationrule 1. data (P : Set) (Q : P -> Set) : Set where Intro : ((a : P) -> Q a) -> P Q 2. Elim : {P : Set} -> {Q : P -> Set} -> P Q -> (a : P) -> Q a Elim ( Intro f) a = f a 32 16

(existential quantifier) Form: 1. If P is Set and Q is a function from P to propositions, P Q is a proposition. In ( x:p) Q[x], x is a bound variable. Its name is meaningless, hence in Agda, we write P Q. Intro: 2. A proof of ( x:p) Q[x] : A pair of an object a of type P and a proof of Proposition Q a Function Intro takes an object a of type P and a proof of Q a, returns a proof of a proof of P Q Elim: 1. 1. record (P : Set) (Q : P -> Set) : Set where field evidence : P Elim : Q evidence 2. Intro : {P : Set} -> {Q : P -> Set} -> (a : P) -> Q a -> P Q Intro a prf = record { evidence = a ; Elim = prf } 33 Type declaration Agda Language data (recursive type) record (record) Function declaration (definitional equality) Postulate Module declaration record type fixity 34 17

Classical Logic, Excluded Middle Agda cannot prove Excluded Middle postulate: Introduce a fresh value of the given type. Can be lead inconsistency LEM: 1. A proof of Law of Excluded Middle is introduced. 1. postulate LEM : (P : Set) -> P ( P) 35 E.g. Double Negation Elimination [ A] 2 [ A] 1 Elim LEM Elim A A [A] 1 A 1 -elimination A 2 -introduction A A DNE : {A : Set} -> ( ( A)) A DNE {A} = Intro ( (y : ( A)) -> Elim LEM ( (w : A) -> w) ( (z : A) -> ( Elim ( Elim y z)))) 36 18

Agenda On Agda Agda as a programming language Agda as a proof system Further information. 37 Further Information Agda wiki Recent Information of Agda (Agda2) http://www.cs.chalmers.s e/~ulfn/agda 38 19

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback