the nominal datatype package in isabelle hol
play

The Nominal Datatype Package in Isabelle/HOL Christian Urban - PowerPoint PPT Presentation

Sep 09, 2023 •315 likes •554 views

The Nominal Datatype Package in Isabelle/HOL Christian Urban University of Munich joint work with Stefan Berghofer, Markus Wenzel, Alexander Krauss. . . Not tingham, 18. April 2006 p.1 (1/1) The POPLmark-Challenge How close are we

  1. The Nominal Datatype Package in Isabelle/HOL Christian Urban University of Munich joint work with Stefan Berghofer, Markus Wenzel, Alexander Krauss. . . Not tingham, 18. April 2006 – p.1 (1/1)

  2. The POPLmark-Challenge “How close are we to a world where program- ming language papers are routinely supported by machine-checked metatheory proofs, where full-scale language definitions are expressed in machine-processed mathematics. . . ?” Obviously we aren’t there yet: for binders reasonable powerful tools are available: de-Bruijn indices (in Coq, Isabelle,. . . ) or HOAS (mainly in Twelf) but apart from some theorem-proving experts, nobody seems to use them; non-experts are still routinely do their proofs on paper, only Not tingham, 18. April 2006 – p.2 (1/2)

  3. The POPLmark-Challenge “How close are we to a world where program- The aim of the nominal datatype ming language papers are routinely supported package is to support the kind of by machine-checked metatheory proofs, where reasoning that is employed on paper. full-scale language definitions are expressed in The hope is: if you can do formal machine-processed mathematics. . . ?” proofs on paper, then you can Obviously we aren’t there yet: implement them in Isabelle/HOL with ease. for binders reasonable powerful tools are available: de-Bruijn indices (in Coq, Isabelle,. . . ) or That is not a trivial task. HOAS (mainly in Twelf) but apart from some theorem-proving experts, nobody seems to use them; non-experts are still routinely do their proofs on paper, only Not tingham, 18. April 2006 – p.2 (2/2)

  4. x 6� y and x 62 F V ( L ) , then M [ x := N ℄[ y := L ℄ � M [ y := L ℄[ x := N [ y := L ℄℄ . M . Substitution Lemma: If � Case 1: M is a variable. M � x . Then both sides equal N [ y := L ℄ since x 6� y . Proof: By induction on the structure of M � y . Then both sides equal L , for x 62 F V ( L ) L [ x := : : : ℄ � L . This is a simple example illustrating M � z 6� x; y . Then both sides equal z . Case 1.1. � Case 2: M � �z :M Case 1.2. 1 . By the variable convention we may assume a point. We have already z 6� x; y and z is not free in N ; L . Then by induction hypothesis implies implemented much more complicated ( �z :M )[ x := N ℄[ y := L ℄ 1 Case 1.3. � proofs, e.g. Church-Rosser, SN, �z : ( M [ x := N ℄[ y := L ℄) 1 that � �z : ( M [ y := L ℄[ x := N [ y := L ℄℄) 1 transitivity of subtyping in � ( �z :M )[ y := L ℄[ x := N [ y := L ℄℄ . 1 POPLmark, etc. � Case 3: M � M M 1 2 . The statement follows again from the induc- � tion hypothesis. Not tingham, 18. April 2006 – p.3 (1/8)

  5. x 6� y and x 62 F V ( L ) , then M [ x := N ℄[ y := L ℄ � M [ y := L ℄[ x := N [ y := L ℄℄ . M . Substitution Lemma: If � Case 1: M is a variable. M � x . Then both sides equal N [ y := L ℄ since x 6� y . Proof: By induction on the structure of M � y . Then both sides equal L , for x 62 F V ( L ) L [ x := : : : ℄ � L . M � z 6� x; y . Then both sides equal z . Case 1.1. � Case 2: M � �z :M Case 1.2. 1 . By the variable convention we may assume z 6� x; y and z is not free in N ; L . Then by induction hypothesis implies ( �z :M )[ x := N ℄[ y := L ℄ 1 Case 1.3. � �z : ( M [ x := N ℄[ y := L ℄) 1 that � �z : ( M [ y := L ℄[ x := N [ y := L ℄℄) 1 � ( �z :M )[ y := L ℄[ x := N [ y := L ℄℄ . 1 � Case 3: M � M M 1 2 . The statement follows again from the induc- � tion hypothesis. Not tingham, 18. April 2006 – p.3 (2/8)

  6. x 6� y and x 62 F V ( L ) , then M [ x := N ℄[ y := L ℄ � M [ y := L ℄[ x := N [ y := L ℄℄ . M . Substitution Lemma: If � Case 1: M is a variable. M � x . Then both sides equal N [ y := L ℄ since x 6� y . Proof: By induction on the structure of M � y . Then both sides equal L , for x 62 F V ( L ) L [ x := : : : ℄ � L . M � z 6� x; y . Then both sides equal z . Case 1.1. � Case 2: M � �z :M Case 1.2. 1 . By the variable convention we may assume z 6� x; y and z is not free in N ; L . Then by induction hypothesis implies ( �z :M )[ x := N ℄[ y := L ℄ 1 Case 1.3. � �z : ( M [ x := N ℄[ y := L ℄) 1 that � �z : ( M [ y := L ℄[ x := N [ y := L ℄℄) 1 � ( �z :M )[ y := L ℄[ x := N [ y := L ℄℄ . 1 � Case 3: M � M M 1 2 . The statement follows again from the induc- � tion hypothesis. Not tingham, 18. April 2006 – p.3 (3/8)

  7. x 6� y and x 62 F V ( L ) , then M [ x := N ℄[ y := L ℄ � M [ y := L ℄[ x := N [ y := L ℄℄ . M . Substitution Lemma: If � Case 1: M is a variable. M � x . Then both sides equal N [ y := L ℄ since x 6� y . Proof: By induction on the structure of M � y . Then both sides equal L , for x 62 F V ( L ) L [ x := : : : ℄ � L . M � z 6� x; y . Then both sides equal z . Case 1.1. � Case 2: M � �z :M Case 1.2. 1 . By the variable convention we may assume z 6� x; y and z is not free in N ; L . Then by induction hypothesis implies ( �z :M )[ x := N ℄[ y := L ℄ 1 Case 1.3. � �z : ( M [ x := N ℄[ y := L ℄) 1 that � �z : ( M [ y := L ℄[ x := N [ y := L ℄℄) 1 � ( �z :M )[ y := L ℄[ x := N [ y := L ℄℄ . 1 � Case 3: M � M M 1 2 . The statement follows again from the induc- � tion hypothesis. Not tingham, 18. April 2006 – p.3 (4/8)

  8. x 6� y and x 62 F V ( L ) , then M [ x := N ℄[ y := L ℄ � M [ y := L ℄[ x := N [ y := L ℄℄ . M . Substitution Lemma: If � Case 1: M is a variable. M � x . Then both sides equal N [ y := L ℄ since x 6� y . Proof: By induction on the structure of M � y . Then both sides equal L , for x 62 F V ( L ) L [ x := : : : ℄ � L . M � z 6� x; y . Then both sides equal z . Case 1.1. � Case 2: M � �z :M Case 1.2. 1 . By the variable convention we may assume z 6� x; y and z is not free in N ; L . Then by induction hypothesis implies ( �z :M )[ x := N ℄[ y := L ℄ 1 Case 1.3. � �z : ( M [ x := N ℄[ y := L ℄) 1 that � �z : ( M [ y := L ℄[ x := N [ y := L ℄℄) 1 � ( �z :M )[ y := L ℄[ x := N [ y := L ℄℄ . 1 � Case 3: M � M M 1 2 . The statement follows again from the induc- � tion hypothesis. Not tingham, 18. April 2006 – p.3 (5/8)

  9. x 6� y and x 62 F V ( L ) , then M [ x := N ℄[ y := L ℄ � M [ y := L ℄[ x := N [ y := L ℄℄ . M . Substitution Lemma: If � Case 1: M is a variable. M � x . Then both sides equal N [ y := L ℄ since x 6� y . Proof: By induction on the structure of M � y . Then both sides equal L , for x 62 F V ( L ) L [ x := : : : ℄ � L . M � z 6� x; y . Then both sides equal z . Case 1.1. � Case 2: M � �z :M Case 1.2. 1 . By the variable convention we may assume z 6� x; y and z is not free in N ; L . Then by induction hypothesis implies ( �z :M )[ x := N ℄[ y := L ℄ 1 Case 1.3. � �z : ( M [ x := N ℄[ y := L ℄) 1 that � �z : ( M [ y := L ℄[ x := N [ y := L ℄℄) 1 � ( �z :M )[ y := L ℄[ x := N [ y := L ℄℄ . 1 � Case 3: M � M M 1 2 . The statement follows again from the induc- � tion hypothesis. Not tingham, 18. April 2006 – p.3 (6/8)

  10. y 6 = x and x 62 F V ( N ) then x 6� y and x 62 F V ( L ) , then ( �y :M )[ x := N ℄ = �y : ( M [ x := N ℄) M [ x := N ℄[ y := L ℄ � M [ y := L ℄[ x := N [ y := L ℄℄ . ( �z :M )[ x := N ℄[ y := L ℄ M . 1 Remember: only if Substitution Lemma: If 1 � Case 1: M is a variable. � ( �z : ( M [ x := N ℄))[ y := L ℄ 1 M � x . Then both sides equal N [ y := L ℄ since x 6� y . 2 � �z : ( M [ x := N ℄[ y := L ℄) 1 Proof: By induction on the structure of M � y . Then both sides equal L , for x 62 F V ( L ) � �z : ( M [ y := L ℄[ x := N [ y := L ℄℄) 1 L [ x := : : : ℄ � L . 2 M � z 6� x; y . Then both sides equal z . Case 1.1. � ( �z : ( M [ y := L ℄))[ x := N [ y := L ℄℄) ! ! 1 1 � Case 2: M � �z :M Case 1.2. 1 . By the variable convention we may assume � ( �z :M )[ y := L ℄[ x := N [ y := L ℄℄ . ! 1 IH z 6� x; y and z is not free in N ; L . Then by induction hypothesis implies ( �z :M )[ x := N ℄[ y := L ℄ 1 Case 1.3. � �z : ( M [ x := N ℄[ y := L ℄) 1 that � �z : ( M [ y := L ℄[ x := N [ y := L ℄℄) 1 � ( �z :M )[ y := L ℄[ x := N [ y := L ℄℄ . 1 � Case 3: M � M M 1 2 . The statement follows again from the induc- � tion hypothesis. Not tingham, 18. April 2006 – p.3 (7/8)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 Datatypes Generally This Scheme Does Not Always Work datatype ( 1 ,..., n ) K =

1 Datatypes Generally This Scheme Does Not Always Work datatype ( 1 ,..., n ) K =

Types in Isabelle Course 2D1453, 2006-07 Types: T ::= A | X | X :: C | T T | (T 1 ,...,T n ) K where: Advanced Formal Methods A {bool, int, ...} base type X { , ,...} type variable Lecture 4: Isabelle Types

183 views • 5 slides
Proof Pearl: A New Foundation for Nominal Isabelle r

Proof Pearl: A New Foundation for Nominal Isabelle r

Proof Pearl: A New Foundation for Nominal Isabelle r rst r r

615 views • 43 slides
CSE 341 : Programming Languages Lets fix the fact that our only example datatype so far was

CSE 341 : Programming Languages Lets fix the fact that our only example datatype so far was

Useful examples CSE 341 : Programming Languages Lets fix the fact that our only example datatype so far was silly Lecture 5 Enumerations, including carrying other data More Datatypes and Pattern Matching datatype suit = Club |

258 views • 6 slides
A Formalised Proof of Craigs Interpolation Theorem in Nominal Isabelle Peter Chapman Peter

A Formalised Proof of Craigs Interpolation Theorem in Nominal Isabelle Peter Chapman Peter

Introduction Craigs Theorem Formal Proof Further Work A Formalised Proof of Craigs Interpolation Theorem in Nominal Isabelle Peter Chapman Peter Chapman M unchen Talk Introduction Craigs Theorem Formal Proof Further Work

621 views • 59 slides
Lecture 3: New Trade Theory Isabelle M ejean isabelle.mejean@polytechnique.edu

Lecture 3: New Trade Theory Isabelle M ejean isabelle.mejean@polytechnique.edu

Introduction Krugman, 1980 The Gravity Equation Lecture 3: New Trade Theory Isabelle M ejean isabelle.mejean@polytechnique.edu http://mejean.isabelle.googlepages.com/ Master Economics and Public Policy, International Macroeconomics October

763 views • 32 slides
Towards Nominal Abramsky Towards Nominal Abramsky Andrzej Murawski Nikos Tzevelekos University

Towards Nominal Abramsky Towards Nominal Abramsky Andrzej Murawski Nikos Tzevelekos University

Towards Nominal Abramsky Towards Nominal Abramsky Andrzej Murawski Nikos Tzevelekos University of Warwick Queen Mary, U. of London What this talk is about Abramsky's cube (1990's): a taxonomy of game semantics models Nominal game

464 views • 30 slides
Isabelle/jEdit for seasoned Isabelle users Isabelle/jEdit NEWS Makarius Wenzel Univ. Paris-Sud,

Isabelle/jEdit for seasoned Isabelle users Isabelle/jEdit NEWS Makarius Wenzel Univ. Paris-Sud,

Isabelle/jEdit for seasoned Isabelle users Isabelle/jEdit NEWS Makarius Wenzel Univ. Paris-Sud, LRI 13-Jul-2014 There is nothing to prove or even to suppose that the Serbian government is accessory to the inducement for the crime, its

347 views • 30 slides
1. Structure of a nominal in Korean background Main grammatical positions 1 in a nominal [Chang

1. Structure of a nominal in Korean background Main grammatical positions 1 in a nominal [Chang

1 Elena Rudnitskaya, Moscow, IV RAN, erudnitskaya@gmail.com MOWL, Leipzig, 11-13.06.2009 Postposition constructions in Korean: morphology and syntax * 1. Structure of a nominal in Korean background Main grammatical positions 1 in a nominal

350 views • 16 slides
Induction in Isabelle: Lecture 14 1 Notation In lecture 14 we introduced some recursive

Induction in Isabelle: Lecture 14 1 Notation In lecture 14 we introduced some recursive

Induction in Isabelle: Lecture 14 1 Notation In lecture 14 we introduced some recursive definitions for lists. Isabelle has most of these already defined in a theory List.thy . This can be found locally at /usr/share/Isabelle/src/HOL There

411 views • 6 slides
A Datatype for Binary Trees Functions on Trees Amtoft from Hatcliff Binary Trees One of many

A Datatype for Binary Trees Functions on Trees Amtoft from Hatcliff Binary Trees One of many

A Datatype for Binary Trees Functions on Trees Amtoft from Hatcliff Binary Trees One of many possible definitions (no interior values) Examples General Trees datatype b i t r e e = Leaf i n t of | Node of b i t r e e b i t r e e

536 views • 8 slides
Concrete Semantics with Isabelle/HOL Tobias Nipkow Fakult at f ur Informatik Technische

Concrete Semantics with Isabelle/HOL Tobias Nipkow Fakult at f ur Informatik Technische

Concrete Semantics with Isabelle/HOL Tobias Nipkow Fakult at f ur Informatik Technische Universit at M unchen 2017-3-8 1 Part I Isabelle 2 Chapter 2 Programming and Proving 3 1 Overview of Isabelle/HOL 2 Type and function

2.13k views • 186 slides
Functional Programming with Isabelle/HOL e H O l L l e b a s = I

Functional Programming with Isabelle/HOL e H O l L l e b a s = I

Functional Programming with Isabelle/HOL e H O l L l e b a s = I Florian Haftmann Technische Universit at M unchen January 2009 Overview Viewing Isabelle / HOL as a functional programming language: 1.

464 views • 34 slides
Concurrent Datatype Verification Verifying lock free data types using CSP and FDR Jonathan

Concurrent Datatype Verification Verifying lock free data types using CSP and FDR Jonathan

Concurrent Datatype Verification 01 Concurrent Datatype Verification Verifying lock free data types using CSP and FDR Jonathan Lawrence jonathan.lawrence@cs.ox.ac.uk Concurrent Datatype Verification 02 Introduction Case study using

618 views • 27 slides
Package Managers CC-BY-SA 2016 Nate Levesque What is a Package Manager? A package manager or

Package Managers CC-BY-SA 2016 Nate Levesque What is a Package Manager? A package manager or

Package Managers CC-BY-SA 2016 Nate Levesque What is a Package Manager? A package manager or package management system is a collection of software tools that automates the process of installing, upgrading, configuring, and removing computer

924 views • 40 slides
The Class Chain size = number of elements Use ChainNode next (datatype ChainNode) element

The Class Chain size = number of elements Use ChainNode next (datatype ChainNode) element

The Class Chain firstNode null a b c d e The Class Chain size = number of elements Use ChainNode next (datatype ChainNode) element (datatype Object) The Class Chain Constructors /** linked implementation of LinearList */ /** create a

273 views • 8 slides
The Class Chain size = number of elements Use ChainNode next (datatype ChainNode) element

The Class Chain size = number of elements Use ChainNode next (datatype ChainNode) element

The Class Chain firstNode null a b c d e The Class Chain size = number of elements Use ChainNode next (datatype ChainNode) element (datatype Object) The Class Chain Constructors /** linked implementation of LinearList */ /** create a

732 views • 5 slides
Quest: A Generalized Motif Bicluster Algo- rithm Sebastian Kaiser and Friedrich Leisch Institut

Quest: A Generalized Motif Bicluster Algo- rithm Sebastian Kaiser and Friedrich Leisch Institut

Quest: A Generalized Motif Bicluster Algo- rithm Sebastian Kaiser and Friedrich Leisch Institut f ur Statistik Ludwig-Maximilians-Universit at M unchen UseR 2009, 09.07.2009, Rennes, France Overview Outline: I. Introduce

646 views • 26 slides
Clustering Community Detection

Clustering Community Detection

Clustering Community Detection http://image.slidesharecdn.com/communitydetectionitilecture22june2011-110622095259-phpapp02/95/community-detection-in-social-media-1-728.jpg?cb=1308736811 Jian Pei: CMPT 741/459 Clustering (1) 2 Customer Relation

1.02k views • 32 slides
Matching Appropriate Procedures and Test Statistics with Appropriate Levels of Measurement for

Matching Appropriate Procedures and Test Statistics with Appropriate Levels of Measurement for

Matching Appropriate Procedures and Test Statistics with Appropriate Levels of Measurement for Bivariate Analyses.* Independent Variables Nominal Ordinal Interval/Ratio Dependent Nominal Crosstabs Crosstabs with with Chi-square Variables

533 views • 9 slides
Robust Solution Approaches for Optimization under Uncertainty: Applications to Air Traffic

Robust Solution Approaches for Optimization under Uncertainty: Applications to Air Traffic

Robust Solution Approaches for Optimization under Uncertainty: Applications to Air Traffic Management Problems Frauke Liers - FAU Erlangen-Nrnberg Konstanz, 15.11.2016 Relevance of Uncertainties in Optimization + x 2 max 0 , 7 x 1 + 1 x 2

895 views • 70 slides
Applied Political Research Session 10: The Difference of Means Test Lecturer: Prof. A.

Applied Political Research Session 10: The Difference of Means Test Lecturer: Prof. A.

POLI 443 Applied Political Research Session 10: The Difference of Means Test Lecturer: Prof. A. Essuman-Johnson , Dept. of Political Science Contact Information: aessuman-johnson@ug.edu.gh College of Education School of Continuing and Distance

361 views • 12 slides
A Machine-Assisted Proof of Gdel's Incompleteness Theorems Lawrence C. Paulson, Computer

A Machine-Assisted Proof of Gdel's Incompleteness Theorems Lawrence C. Paulson, Computer

A Machine-Assisted Proof of Gdel's Incompleteness Theorems Lawrence C. Paulson, Computer Laboratory, University of Cambridge The most misunderstood theorems in mathematics Gdels theorems have highly For the first time, both of

319 views • 28 slides
Introduction to Machine Learning k -Nearest Neighbors Regression Learning goals Understand the

Introduction to Machine Learning k -Nearest Neighbors Regression Learning goals Understand the

Introduction to Machine Learning k -Nearest Neighbors Regression Learning goals Understand the basic idea of k-NN Know different distance measures for different scales of feature variables Understand that k-NN has no optimization step

569 views • 13 slides
The Early K99: A New Funding Opportunity Designed for the Career Paths of Data and Cancer Control

The Early K99: A New Funding Opportunity Designed for the Career Paths of Data and Cancer Control

The Early K99: A New Funding Opportunity Designed for the Career Paths of Data and Cancer Control Scientists (RFA-CA-19-029 and RFA-CA-19-030) Michele McGuirl mcguirlma@mail.nih.gov Email me your questions with the subject line Early K99

524 views • 37 slides

More recommend