Mathematics for Computer Scientists 2 (G52MC2)

Similar documents
Logical Verification Course Notes. Femke van Raamsdonk Vrije Universiteit Amsterdam

Mathematics for Computer Scientists 2 (G52MC2)

Infinite Objects and Proofs 1

Introduction to dependent types in Coq

c constructor P, Q terms used as propositions G, H hypotheses scope identifier for a notation scope M, module identifiers t, u arbitrary terms

Coq quick reference. Category Example Description. Inductive type with instances defined by constructors, including y of type Y. Inductive X : Univ :=

Certified Programming with Dependent Types

Topic 3: Propositions as types

Proofs are Programs. Prof. Clarkson Fall Today s music: Proof by Paul Simon

CIS 500: Software Foundations

Notes for Recitation 8

1 Elementary number theory

The Coq Proof Assistant A Tutorial

Propositional Logic Formal Syntax and Semantics. Computability and Logic

Programming with Dependent Types Interactive programs and Coalgebras

AXIOMS FOR THE INTEGERS

Introduction to Homotopy Type Theory

Automata and Formal Languages - CM0081 Introduction to Agda

CS3110 Spring 2017 Lecture 10 a Module for Rational Numbers

CS 456 (Fall 2018) Scribe Notes: 2

Math Introduction to Advanced Mathematics

The Coq Proof Assistant A Tutorial

The three faces of homotopy type theory. Type theory and category theory. Minicourse plan. Typing judgments. Michael Shulman.

Coq, a formal proof development environment combining logic and programming. Hugo Herbelin

The Coq Proof Assistant A Tutorial

Revisiting Kalmar completeness metaproof

4&5 Binary Operations and Relations. The Integers. (part I)

CIS 500: Software Foundations

Chapter 3. Set Theory. 3.1 What is a Set?

Typed Lambda Calculus for Syntacticians

STABILITY AND PARADOX IN ALGORITHMIC LOGIC

Expr_annotated.v. Expr_annotated.v. Printed by Zach Tatlock

A NEW PROOF-ASSISTANT THAT REVISITS HOMOTOPY TYPE THEORY THE THEORETICAL FOUNDATIONS OF COQ USING NICOLAS TABAREAU

Formally-Proven Kosaraju s algorithm

Induction in Coq. Nate Foster Spring 2018

CIS 194: Homework 8. Due Wednesday, 8 April. Propositional Logic. Implication

3 Pairs and Lists. 3.1 Formal vs. Informal Proofs

THE HALTING PROBLEM. Joshua Eckroth Chautauqua Nov

Definition: A context-free grammar (CFG) is a 4- tuple. variables = nonterminals, terminals, rules = productions,,

An experiment with variable binding, denotational semantics, and logical relations in Coq. Adam Chlipala University of California, Berkeley

THE USE OF PROLOG FOR THE STUDY OF ALGEBRAIC STRUCTURES AND COMPLEX OPERATIONS

To illustrate what is intended the following are three write ups by students. Diagonalization

Hawraa Abbas Almurieb. Axiomatic Systems

Inductive Definitions, continued

Introduction to Co-Induction in Coq

Natural Numbers. We will use natural numbers to illustrate several ideas that will apply to Haskell data types in general.

Proofs are Programs. Prof. Clarkson Fall Today s music: Two Sides to Every Story by Dyan Cannon and Willie Nelson

An Introduction to Programming and Proving in Agda (incomplete draft)

CSE 20 DISCRETE MATH. Winter

The Truth about Types. Bartosz Milewski

CIS 500: Software Foundations

CPSC 121: Models of Computation Assignment #4, due Thursday, March 16 th,2017at16:00

CSE 20 DISCRETE MATH. Fall

Typed Lambda Calculus

(a) (4 pts) Prove that if a and b are rational, then ab is rational. Since a and b are rational they can be written as the ratio of integers a 1

Propositional Calculus. Math Foundations of Computer Science

1 Elementary number theory

Interpretations and Models. Chapter Axiomatic Systems and Incidence Geometry

Now that we have keys defined for the maps, we can start talking about maps. The first of these are Total Maps. Total Maps are defined as follows:

CIS 194: Homework 6. Due Monday, February 25. Fibonacci numbers

4 Programming with Types

Functional Programming in Coq. Nate Foster Spring 2018

Propositional Theories are Strongly Equivalent to Logic Programs

HOL DEFINING HIGHER ORDER LOGIC LAST TIME ON HOL CONTENT. Slide 3. Slide 1. Slide 4. Slide 2 WHAT IS HIGHER ORDER LOGIC? 2 LAST TIME ON HOL 1

Coq projects for type theory 2018

CSE505, Fall 2012, Midterm Examination October 30, 2012

Heq: a Coq library for Heterogeneous Equality

Does Homotopy Type Theory Provide a Foundation for Mathematics?

Improving Coq Propositional Reasoning Using a Lazy CNF Conversion

Typing Control. Chapter Conditionals

Formal Verification of a Floating-Point Elementary Function

Lecture 14: Lower Bounds for Tree Resolution

Programming with (co-)inductive types in Coq

LASER 2011 Summerschool Elba Island, Italy Basics of COQ

Inductive data types

Synthesis of distributed mobile programs using monadic types in Coq

The Mathematical Vernacular

Constructive Coherent Translation of Propositional Logic

Lecture 6: Sequential Sorting

Induction and Semantics in Dafny

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Sections p.

SPERNER S LEMMA MOOR XU

type classes & locales

Lecture Notes on Induction and Recursion

Lecture 6,

2 Solution of Homework

Math 485, Graph Theory: Homework #3

On Agda JAIST/AIST WS CVS/AIST Yoshiki Kinoshita, Yoriyuki Yamagata. Agenda

CSC313 High Integrity Systems/CSCM13 Critical Systems. CSC313/CSCM13 Chapter 2 1/ 221

A NEW PROOF-ASSISTANT THAT REVISITS HOMOTOPY TYPE THEORY THE THEORETICAL FOUNDATIONS OF COQ USING NICOLAS TABAREAU

Coq in a Hurry. Yves Bertot

Inference rule for Induction

Isabelle/HOL:Selected Features and Recent Improvements

Autosubst Manual. May 20, 2016

(Refer Slide Time 3:31)

Classical logic, truth tables. Types, Propositions and Problems. Heyting. Brouwer. Conjunction A B A & B T T T T F F F T F F F F.

Outline. Proof Carrying Code. Hardware Trojan Threat. Why Compromise HDL Code?

PARSIFAL Summer 2011 Internship Report Logically validating logic programs

Intuitionistic Type Theory

CS 3512, Spring Instructor: Doug Dunham. Textbook: James L. Hein, Discrete Structures, Logic, and Computability, 3rd Ed. Jones and Barlett, 2010

Transcription:

Mathematics for Computer Scientists 2 (G52MC2) L03 : More Coq, Classical Logic School of Computer Science University of Nottingham October 8, 2009

The cut rule Sometimes we want to prove a goal Q via an intermediate goal P. In this case we say: cut P. cut then generates two subgoals: P Q and P. Proof rule: Γ P Q See l03.v for an example. Γ Q Γ P cut P

Shorthands for intro Instead of repeatedly using intro we can use intros. intro H1. intro H2. can be abbreviated as: intros H1 H2. This works for any number of hypotheses. We can omit the name of the hypothesis. If we say: intro. Coq will choose a name for us. This also works for intros. intros. repatedly applies intro as long as the goal is an implication. Warning: Letting Coq generate names makes the proof less readabile and less flexible.

assumption assumption is an alternative to exact H. assumption searches through the hypotheses until it finds one that matches. assumption is preferable, if we use names generated by Coq.

Tactics and proof objects intro(s), apply,... are tactics. They are scripts that generate proof objects. E.g. after proving I (l01.v) we can say: Print I. and Coq replies with: I = fun H : P => H : P -> P Proof objects are expressions in the Calculus of Inductive Constructions (CIC). CIC is a functional programming language like Haskell but with a more sophisticated type system.

Tactics and proof objects Instead of using tactics we could have said: Definition I : P -> P := fun H : P => H. It is better to use tactics to generate proofs. We can define new tactics using Coq s tactic definition language (beyond the scope of this course).

Automatic tactics Proving theorems in propositional logic is a very mechanic activity. We can use automatic tactics, e.g. auto: Lemma C : (P -> Q -> R) -> (Q -> P -> R). auto. Qed. Warning: You are not supposed to use automatic tactics in coursework or exam, unless you explicitely told so.

How does auto work? auto first does intros. Then auto tries to apply any matching hypothesis. auto then recursively repeats the two steps until it has completed the proof. To ensure termination, auto only repeats a fixed number of times. The default is 5, we can change this, e.g. auto 10. but this may be quite slow!

Limitations of auto auto doesn t know about, or, e.g. it cannot prove: Goal (P1 \/ P1) -> P1. auto. (* fails *) The search depth may be insufficent, e.g. auto cannot prove: Lemma hard : (P1 -> P2) -> (P2 -> P3) -> (P3 -> P4) -> (P4 -> P5) -> (P5 -> P6) -> P1 -> P6. auto. (* fails *) However auto 6. can solve this goal.

tauto tauto is a complete tactic for propositional logic. It can solve any goal in propositional logic that is provable! tauto uses the fact that propositional logic is decidable. tauto can be quite slow. The time grows exponential with the size of the goal. auto is more popular, because it is: faster, it also works for predicate logic, it can be taught new tricks (using Hint).

To be or not to be... The proposition P P is called the principle of the excluded middle (PEM). PEM is not accepted in intuitionistic logic but is valid in classical logic. PEM is not provable in Coq, but it can be added as an axiom. Axiom classic : P \/ ~P.

Platonism and classical logic Plato (423-348 BC) Classical logic is often associated with Platonism. In Platonism we believe that there is a perfect world of ideas (or forms). Every proposition is true or false with respect to this perfect world. Even, if we don t know it!

A (B C) (A B) (A C), classically A B C l = A (B C) r = A B A C l r False False False False False True False False True False False True False True False False False True False True True False False True True False False False False True True False True True True True True True False True True True True True True True True True A proposition is a classical tautology, if its truthtable assigns always true. The same truth table shows that A (B C) (A B) (A C)

Intuitionism Brouwer (1881-1966) The Dutch Mathematician Brouwer developed Intuitionism in the first half of the 20th century. Intuitionism doesn t require a perfect world of ideas. It is based on what humans can accept. Instead of truthtables we use the BHK interpretation. BHK = Brouwer, Heyting, Kolmogorov. Programs are evidence!

BHK in Haskell Evidence for A B is given by pairs: type And a b = (a,b) Evidence for A B is tagged evidence for A or B. data Or a b = Inl a Inr b Evidence for A B is a program computing evidence for B from evidence for A.

A (B C) (A B) (A C), constructively f :: And a (Or b c) -> Or (And a b) (And a c) f (a,inl b) = Inl (a,b) f (a,inr c) = Inr (a,c) A proposition is an intuionistic tautology, if we can write a (terminating) program of the corresponding type. Can you construct a program proving the other direction?

Evidence for PEM? PEM is justified by a truthtable: P P P P True False True False True True However, there is no (terminating) program: pem :: Or a (a -> False) where False is a datatype with no constructors. Indeed, such a program would have to decide any proposition, e.g. twin prime conjecture There are infinitely many primes p such that p + 2 is also prime.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback