a saucerful of proofs in coq
play

A Saucerful of Proofs in Coq Olivier Danvy Department of Computer - PowerPoint PPT Presentation

Jun 28, 2023 •109 likes •717 views

A Saucerful of Proofs in Coq Olivier Danvy Department of Computer Science Aarhus University danvy@cs.au.dk Annapolis, Maryland 8 November 2012 Olivier Danvy, 2.8, Annapolis November 8, 2012 1 / 40 Summing the first odd numbers The

  1. A Saucerful of Proofs in Coq Olivier Danvy Department of Computer Science Aarhus University danvy@cs.au.dk Annapolis, Maryland 8 November 2012 Olivier Danvy, 2.8, Annapolis – November 8, 2012 1 / 40

  2. Summing the first odd numbers The stream of odd natural numbers: 1 , 3 , 5 , 7 , 9 , 11 , 13 , 15 , ... Olivier Danvy, 2.8, Annapolis – November 8, 2012 2 / 40

  3. Summing the first odd numbers The stream of odd natural numbers: 1 , 3 , 5 , 7 , 9 , 11 , 13 , 15 , ... The corresponding stream of partial sums: 1 , Olivier Danvy, 2.8, Annapolis – November 8, 2012 2 / 40

  4. Summing the first odd numbers The stream of odd natural numbers: 1 , 3 , 5 , 7 , 9 , 11 , 13 , 15 , ... The corresponding stream of partial sums: 1 , 4 , Olivier Danvy, 2.8, Annapolis – November 8, 2012 2 / 40

  5. Summing the first odd numbers The stream of odd natural numbers: 1 , 3 , 5 , 7 , 9 , 11 , 13 , 15 , ... The corresponding stream of partial sums: 1 , 4 , 9 , Olivier Danvy, 2.8, Annapolis – November 8, 2012 2 / 40

  6. Summing the first odd numbers The stream of odd natural numbers: 1 , 3 , 5 , 7 , 9 , 11 , 13 , 15 , ... The corresponding stream of partial sums: 1 , 4 , 9 , 16 , Olivier Danvy, 2.8, Annapolis – November 8, 2012 2 / 40

  7. Summing the first odd numbers The stream of odd natural numbers: 1 , 3 , 5 , 7 , 9 , 11 , 13 , 15 , ... The corresponding stream of partial sums: 1 , 4 , 9 , 16 , 25 , Olivier Danvy, 2.8, Annapolis – November 8, 2012 2 / 40

  8. Summing the first odd numbers The stream of odd natural numbers: 1 , 3 , 5 , 7 , 9 , 11 , 13 , 15 , ... The corresponding stream of partial sums: 1 , 4 , 9 , 16 , 25 , 36 , Olivier Danvy, 2.8, Annapolis – November 8, 2012 2 / 40

  9. Summing the first odd numbers The stream of odd natural numbers: 1 , 3 , 5 , 7 , 9 , 11 , 13 , 15 , ... The corresponding stream of partial sums: 1 , 4 , 9 , 16 , 25 , 36 , 49 , Olivier Danvy, 2.8, Annapolis – November 8, 2012 2 / 40

  10. Summing the first odd numbers The stream of odd natural numbers: 1 , 3 , 5 , 7 , 9 , 11 , 13 , 15 , ... The corresponding stream of partial sums: 1 , 4 , 9 , 16 , 25 , 36 , 49 , 64 , ... Olivier Danvy, 2.8, Annapolis – November 8, 2012 2 / 40

  11. Summing the first odd numbers The stream of odd natural numbers: 1 , 3 , 5 , 7 , 9 , 11 , 13 , 15 , ... The corresponding stream of partial sums: 1 , 4 , 9 , 16 , 25 , 36 , 49 , 64 , ... i.e., 1 2 , 2 2 , 3 2 , 4 2 , 5 2 , 6 2 , 7 2 , 8 2 , ... Olivier Danvy, 2.8, Annapolis – November 8, 2012 2 / 40

  12. Constructively • start from the stream of natural numbers • strike out every 2nd element • compute the successive partial sums Result: the stream of squares . Olivier Danvy, 2.8, Annapolis – November 8, 2012 3 / 40

  13. Scaling up • start from the stream of natural numbers • strike out every 3rd element • compute the successive partial sums • strike out every 2nd element • compute the successive partial sums Result: the stream of ... Olivier Danvy, 2.8, Annapolis – November 8, 2012 4 / 40

  14. Scaling up • start from the stream of natural numbers • strike out every 3rd element • compute the successive partial sums • strike out every 2nd element • compute the successive partial sums Result: the stream of cubes . Olivier Danvy, 2.8, Annapolis – November 8, 2012 4 / 40

  15. Scaling up: Moessner’s theorem • start from the stream of natural numbers • strike out every n th element & sum • strike out every ( n − 1) th element & sum • ... • strike out every 3rd element & sum • strike out every 2nd element & sum Result: the stream of powers of n . Olivier Danvy, 2.8, Annapolis – November 8, 2012 5 / 40

  16. Background • Moessner (1951) The property, no proofs. • Perron (1951), Paasche (1952), Sali´ e (1952) Complicated inductive proofs. • Hinze (IFL 2008) A calculational proof. • Rutten & Niqui (HOSC 2012) A co-inductive proof. Olivier Danvy, 2.8, Annapolis – November 8, 2012 6 / 40

  17. This work (in progress) • a formalization in Coq • but first, learning Coq Olivier Danvy, 2.8, Annapolis – November 8, 2012 7 / 40

  18. Learning Coq in principle • web resources • book • seasonal schools Olivier Danvy, 2.8, Annapolis – November 8, 2012 8 / 40

  19. Learning Coq in practice • practice, practice, practice • need a TA (or ideally, a coach) • forces you to think things through • can be frustrating at times Olivier Danvy, 2.8, Annapolis – November 8, 2012 9 / 40

  20. Asking an expert Require Import Omega3. Olivier Danvy, 2.8, Annapolis – November 8, 2012 10 / 40

  21. Asking an expert Require Import Omega3. (* undocumented, but perfect here, thanks to the fatty acids: *) do_the_right_thing. Olivier Danvy, 2.8, Annapolis – November 8, 2012 10 / 40

  22. Learning Coq in practice • practice, practice, practice • need a TA (or ideally, a coach) • forces you to think things through • can be frustrating at times • wonderfully rewarding, overall Olivier Danvy, 2.8, Annapolis – November 8, 2012 11 / 40

  23. Teaching Coq • introduction to functional programming (Q3 2011-2012, Q1 2012-2013) • more advanced functional programming (Q4 2011-2012) a marvelous experience Olivier Danvy, 2.8, Annapolis – November 8, 2012 12 / 40

  24. Term projects in Q3 • a standard batch (interpreters, compilers, decompilers, VMs, CPS, power series, searching in binary trees, Boolean negational normalization, FSA, etc.) • a cherry on top of the pie: formalizing a theorem and a proof from another course(!) Olivier Danvy, 2.8, Annapolis – November 8, 2012 13 / 40

  25. Term projects in Q4 • functional & relational programming • the Ackermann-Peter function • Boolean normalization and equisatisfiability • abstract interpretation (strided intervals) • group theory and pronic numbers • B-trees • graph theory • reduction from circuit to SAT • vector spaces & Cauchy-Schwarz inequality Olivier Danvy, 2.8, Annapolis – November 8, 2012 14 / 40

  26. Plan • Moessner’s theorem at degree 3 • Moessner’s theorem at degree 4 • Which starting indices in the master lemma? • Introductory teaching with Coq • Conclusion and perspectives Olivier Danvy, 2.8, Annapolis – November 8, 2012 15 / 40

  27. We are given • stream of ones • stream of positive powers of 3 • stream of positive powers of 4 • skip 2 , skip 3 , skip 4 , ... • sums & sums aux , which uses an accumulator • stream bisimilar Olivier Danvy, 2.8, Annapolis – November 8, 2012 16 / 40

  28. Moessner’s theorem at degree 3 • the statement • the proof • the master lemma Olivier Danvy, 2.8, Annapolis – November 8, 2012 17 / 40

  29. Theorem Moessner_3 : stream_bisimilar stream_of_positive_powers_of_3 (sums (skip_2 (sums (skip_3 (sums stream_of_ones))))). Olivier Danvy, 2.8, Annapolis – November 8, 2012 18 / 40

  30. Proof. unfold stream_of_positive_powers_of_3. unfold sums. apply (Moessner_3_aux 0). Qed. Olivier Danvy, 2.8, Annapolis – November 8, 2012 19 / 40

  31. Lemma Moessner_3_aux : forall (n : nat), stream_bisimilar (make_stream_of_nats (S n) (fun i => i * i * i) S) (sums_aux ??? (skip_2 (sums_aux ??? (skip_3 (sums_aux ??? stream_of_ones))))). Olivier Danvy, 2.8, Annapolis – November 8, 2012 20 / 40

  32. Moessner’s theorem at degree 4 • the statement • the proof • the master lemma Olivier Danvy, 2.8, Annapolis – November 8, 2012 21 / 40

  33. Theorem Moessner_4 : stream_bisimilar stream_of_positive_powers_of_4 (sums (skip_2 (sums (skip_3 (sums (skip_4 (sums stream_of_ones))))))). Olivier Danvy, 2.8, Annapolis – November 8, 2012 22 / 40

  34. Proof. unfold stream_of_positive_powers_of_4. unfold sums. apply (Moessner_4_aux 0). Qed. Olivier Danvy, 2.8, Annapolis – November 8, 2012 23 / 40

  35. Lemma Moessner_4_aux : forall (n : nat), stream_bisimilar (make_stream_of_nats (S n) (fun i => i * i * i * i) S) (sums_aux ??? (skip_2 (sums_aux ??? (skip_3 (sums_aux ??? (skip_4 (sums_aux ??? stream_of_ones))))))). Olivier Danvy, 2.8, Annapolis – November 8, 2012 24 / 40

  36. So, which starting indices? Olivier Danvy, 2.8, Annapolis – November 8, 2012 25 / 40

  37. Newton’s binomial expansion Reminder: ( n + 1) 2 = n 2 + 2 · n + 1 ( n + 1) 3 = n 3 + 3 · n 2 + 3 · n + 1 ( n + 1) 4 = n 4 + 4 · n 3 + 6 · n 2 + 4 · n + 1 ... Olivier Danvy, 2.8, Annapolis – November 8, 2012 26 / 40

  38. Lemma Moessner_2_aux : forall (n : nat), stream_bisimilar (make_stream_of_nats (S n) (fun i => i * i) S) (sums_aux (n * n) (skip_2 (sums_aux (2 * n) stream_of_ ones ))). Olivier Danvy, 2.8, Annapolis – November 8, 2012 27 / 40

  39. Lemma Moessner_3_aux : forall (n : nat), stream_bisimilar (make_stream_of_nats (S n) (fun i => i * i * i) S) (sums_aux (n * n * n) (skip_2 (sums_aux (3 * n * n) (skip_3 (sums_aux (3 * n) stream_of_ ones ))))). Olivier Danvy, 2.8, Annapolis – November 8, 2012 28 / 40

  40. Lemma Moessner_4_aux : forall (n : nat), stream_bisimilar (make_stream_of_nats (S n) (fun i => i * i * i * i) S) (sums_aux (n * n * n * n) (skip_2 (sums_aux (4 * n * n * n) (skip_3 (sums_aux (6 * n * n) (skip_4 (sums_aux (4 * n) stream_of_ ones ))))))). Olivier Danvy, 2.8, Annapolis – November 8, 2012 29 / 40

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Proofs, Continued Today Proofs : A style guide Proofs should be easy to

Proofs, Continued Today Proofs : A style guide Proofs should be easy to

Euclid (300 BC) Proofs, Continued Today Proofs : A style guide Proofs should be easy to verify. All the cleverness goes into finding/writing the proof, not reading/verifying it! P vs. NP (informally) : P =

682 views • 21 slides
Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth

Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth

Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth workshop Introduction to the workshop PROOFS: Security Proofs for Embedded Systems UCSB August 20, 2016 5th edition of PROOFS PROOFS 2012:

311 views • 7 slides
Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2

Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2

Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2 Interactive Proofs IP[k] IP[poly] = PSPACE 2 Interactive Proofs IP[k] IP[poly] = PSPACE IP protocol for TQBF using arithmetization 2 Interactive

1.75k views • 136 slides
Formal proofs, variable binding, and program extraction from proofs Colloquium Logicum 2016 (10

Formal proofs, variable binding, and program extraction from proofs Colloquium Logicum 2016 (10

Formal proofs, variable binding, and program extraction from proofs Colloquium Logicum 2016 (10 - 12 September 2016, Hamburg) Gyesik Lee Hankyong National University 1 Overview 1. Verification of proofs 2. Hales proof of the Kepler

651 views • 43 slides
Proofs that, proofs why, and the analysis of paradoxes To Gerhard, on your 60th birthday Peter

Proofs that, proofs why, and the analysis of paradoxes To Gerhard, on your 60th birthday Peter

Proofs that, proofs why, and the analysis of paradoxes To Gerhard, on your 60th birthday Peter Schroeder-Heister Universit at T ubingen J agerfest Bern, 13.12.2013 p. 1 Russells antinomy in naive set theory Extend natural

688 views • 41 slides
NP-Hardness Proofs With What Problems We . . . What Problems We . . . Realistic Computers

NP-Hardness Proofs With What Problems We . . . What Problems We . . . Realistic Computers

NP-Hardness Proofs . . . Usual Proofs of NP- . . . Proofs of NP- . . . Pedagogical Problem . . . NP-Hardness Proofs With What Problems We . . . What Problems We . . . Realistic Computers Instead What Is NP-Hard: . . . Proof that . . . of

296 views • 12 slides
proofs of proximity for distribution testing (Distribution testing now with proofs!) Tom Gur

proofs of proximity for distribution testing (Distribution testing now with proofs!) Tom Gur

proofs of proximity for distribution testing (Distribution testing now with proofs!) Tom Gur (UC Berkeley) October 14, 2017 FOCS 2017 Workshop: Frontiers in Distribution Testing Joint work with Alessandro Chiesa (UC Berkeley) proofs of

2.25k views • 158 slides
Lecture 8: More Proofs review: proofs Start with hypotheses and facts Use rules of

Lecture 8: More Proofs review: proofs Start with hypotheses and facts Use rules of

cse 311: foundations of computing Fall 2015 Lecture 8: More Proofs review: proofs Start with hypotheses and facts Use rules of inference to extend set of facts Result is proved when it is included in the set Statement Fact 2

185 views • 18 slides
Foundation of proofs Jim Hefferon http://joshua.smcvt.edu/proofs The need to prove In

Foundation of proofs Jim Hefferon http://joshua.smcvt.edu/proofs The need to prove In

Foundation of proofs Jim Hefferon http://joshua.smcvt.edu/proofs The need to prove In Mathematics we prove things The base angles of an isoceles triangle are equal seems obvious to a person with mathematical aptitude. a if a = b

678 views • 52 slides
Flexiformality in Proofs: Bridging between Formal and Informal Proofs Michael Kohlhase Professur

Flexiformality in Proofs: Bridging between Formal and Informal Proofs Michael Kohlhase Professur

Flexiformality in Proofs: Bridging between Formal and Informal Proofs Michael Kohlhase Professur fr Wissensreprsentation und -verarbeitung Informatik, FAU Erlangen-Nrnberg http://kwarc.info 20. October 2016, Dagstuhl Seminar on

568 views • 39 slides
On Hypersequents and Labelled Sequents Translating Labelled Sequent Proofs to Hypersequent Proofs

On Hypersequents and Labelled Sequents Translating Labelled Sequent Proofs to Hypersequent Proofs

On Hypersequents and Labelled Sequents Translating Labelled Sequent Proofs to Hypersequent Proofs Robert Rothenberg 1 2 1 School of Computer Science University of St Andrews 2 Interactive Information, Ltd Edinburgh Workshop in Honour of Roy

393 views • 26 slides
(Interactive) Proofs Proofs from 900 BCE until 1800s Pythagorass Theorem: Proof: Looks legit.

(Interactive) Proofs Proofs from 900 BCE until 1800s Pythagorass Theorem: Proof: Looks legit.

15-251: Great Theoretical Ideas in Computer Science Lecture 24 (Interactive) Proofs Proofs from 900 BCE until 1800s Pythagorass Theorem: Proof: Looks legit. Then there was Russell Principia Mathematica Volume 2 Russell and others worked

949 views • 50 slides
Zero-Knowledge Proofs 1 Zero-Knowledge Proofs Lecture 15 1 Interactive Proofs 2 Interactive

Zero-Knowledge Proofs 1 Zero-Knowledge Proofs Lecture 15 1 Interactive Proofs 2 Interactive

Zero-Knowledge Proofs 1 Zero-Knowledge Proofs Lecture 15 1 Interactive Proofs 2 Interactive Proofs 2 Interactive Proofs Prover wants to convince verifier that x has some property 2 Interactive Proofs Prover wants to convince verifier

1.9k views • 174 slides
Proofs Bits of Wisdom on Solving Problems, Writing Proofs, and Enjoying the Process: How to

Proofs Bits of Wisdom on Solving Problems, Writing Proofs, and Enjoying the Process: How to

15-251: Great Theoretical Ideas in Computer Science Fall 2016 Lecture 1.5 August 31, 2016 Proofs Bits of Wisdom on Solving Problems, Writing Proofs, and Enjoying the Process: How to Succeed in This Class No specific topic covered

857 views • 61 slides
Zero-Knowledge Proofs Lecture 15 Interactive Proofs Interactive Proofs Interactive Proofs

Zero-Knowledge Proofs Lecture 15 Interactive Proofs Interactive Proofs Interactive Proofs

Zero-Knowledge Proofs Lecture 15 Interactive Proofs Interactive Proofs Interactive Proofs Prover wants to convince verifier that x has some property Interactive Proofs Prover wants to convince verifier that x has some property i.e. x is in

3.29k views • 145 slides
Projects. Probabilistically Checkable Proofs... Probabilistically Checkable Proofs Whats a

Projects. Probabilistically Checkable Proofs... Probabilistically Checkable Proofs Whats a

Projects. Probabilistically Checkable Proofs... Probabilistically Checkable Proofs Whats a proof? Statement: A formula is satisfiable. Proof: assignment, a . Property: 5 minute presentations. Can check proof in polynomial time. A real

401 views • 3 slides
Feedback and Flip-Flops Philipp Koehn 7 September 2019 Philipp Koehn Computer Systems

Feedback and Flip-Flops Philipp Koehn 7 September 2019 Philipp Koehn Computer Systems

Feedback and Flip-Flops Philipp Koehn 7 September 2019 Philipp Koehn Computer Systems Fundamental: Feedback and Flip-Flops 7 September 2019 The Story So Far 1 We can encode numbers We can do calculation ... but its all a bit

629 views • 47 slides
Towards a verified Lustre compiler with modular reset Timothy Bourke 1,2 Llio Brun 1,2 Marc

Towards a verified Lustre compiler with modular reset Timothy Bourke 1,2 Llio Brun 1,2 Marc

Towards a verified Lustre compiler with modular reset Timothy Bourke 1,2 Llio Brun 1,2 Marc Pouzet 3,2,1 1 Inria Paris 2 DI ENS 3 UPMC SCOPES 2018 May 30, 2018 Screenshot from ANSYS/Esterel Techologies SCADE Suite 1 / 14 Screenshot from

1.41k views • 92 slides
Q ( 5) Elliptic Curves over Q ( 5) Stein William Stein, University of Washington This is

Q ( 5) Elliptic Curves over Q ( 5) Stein William Stein, University of Washington This is

Curves Over Q ( 5) Elliptic Curves over Q ( 5) Stein William Stein, University of Washington This is part of the NSF-funded AIM FRG project on Databases of L -functions. This talk had much valuable input from Noam Elkies, John Voight,

567 views • 40 slides
Copatterns Programming Infinite Objects by Observations Andreas Abel Department of Computer

Copatterns Programming Infinite Objects by Observations Andreas Abel Department of Computer

Copatterns Programming Infinite Objects by Observations Andreas Abel Department of Computer Science Ludwig-Maximilians-University Munich, Germany Institute of Cybernetics Tallinn, Estonia 4 July 2013 Andreas Abel () Copatterns IOC 2013 1

611 views • 33 slides
Pattern and Copattern matching Anton Setzer Swansea University, Swansea UK Leeds Logic Seminar,

Pattern and Copattern matching Anton Setzer Swansea University, Swansea UK Leeds Logic Seminar,

Pattern and Copattern matching Anton Setzer Swansea University, Swansea UK Leeds Logic Seminar, 13 May 2015 Anton Setzer (Swansea) Pattern and Copattern matching 1/ 46 Iteration, Recursion, Induction Coiteration, Corecursion Bisimilarity

701 views • 51 slides
Introduction to the Calculus of Inductive Constructions Workshop X . X , Vienna Summer of

Introduction to the Calculus of Inductive Constructions Workshop X . X , Vienna Summer of

Introduction to the Calculus of Inductive Constructions Workshop X . X , Vienna Summer of Logic Christine Paulin-Mohring e Paris Sud & INRIA Saclay - Universit Ile-de-France July 18, 2014 C. Paulin (Paris-Sud) Calculus of

580 views • 36 slides
of Early Childhood Counties with Funded CECCs (a) Early childhood advocate; Per KRS 200.707(1),

of Early Childhood Counties with Funded CECCs (a) Early childhood advocate; Per KRS 200.707(1),

History of KidsNow Governors Office of Early Childhood Counties with Funded CECCs (a) Early childhood advocate; Per KRS 200.707(1), A council shall (b) Faith community; (c) Family resource center; be composed of no fewer than (d)

400 views • 10 slides
Automated and Interactive Theorem Proving 1: Background & Propositional Logic John Harrison

Automated and Interactive Theorem Proving 1: Background & Propositional Logic John Harrison

Automated and Interactive Theorem Proving 1: Background & Propositional Logic John Harrison Intel Corporation Marktoberdorf 2007 Thu 2nd August 2007 (08:3009:15) 0 What I will talk about Aim is to cover some of the most important

1.38k views • 112 slides

More recommend