translating proofs from hol to coq
play

Translating proofs from HOL to Coq Theoretical and practical - PowerPoint PPT Presentation

Oct 09, 2023 •147 likes •439 views

Translating proofs from HOL to Coq Theoretical and practical aspects Chantal Keller and Benjamin Werner Ecole Polytechnique & INRIA jeudi 11 octobre 12 What are mathematics ? The Bodensee is beautiful Everyone in Baden loves Dampfnudeln,

  1. Translating proofs from HOL to Coq Theoretical and practical aspects Chantal Keller and Benjamin Werner Ecole Polytechnique & INRIA jeudi 11 octobre 12

  2. What are mathematics ? The Bodensee is beautiful Everyone in Baden loves Dampfnudeln, Markus is in Baden, thus Markus loves Dampfnudeln. syntax ! Proof-system : • detail the proof up to primitive logical rules • have it checked by the machine jeudi 11 octobre 12

  3. Proof-system • A formalism : language, logical rules. • A software : for manipulating, checking, storing, building proofs. • A proof language. • A library : mathematical corpus. Similar to a programming language + a compiler : formalism = abstract syntax proof language concrete syntax jeudi 11 octobre 12

  4. Concrete syntax Both systems use a proof language made of tactics . They have a common ancestor : LCF Thus, the proof languages bear some similarities, but are undoubtedly different (say like Java and C). Lemma subst_idt_lift_term : forall j u i, subst_idt (lift_term u i j) S = lift_term (subst_idt u S) i j. Proof. move => j; elim => [n|x X|[C|C|||||||C|C]|c C|t IHt u IHu|A t IHt] //= i. - by case: (_ <= _). - by rewrite IHt IHu. - by rewrite IHt. Qed. jeudi 11 octobre 12

  5. Concrete syntax Both systems use a proof language made of tactics . They have a common ancestor : LCF Thus, the proof languages bear some similarities, but are undoubtedly different (say like Java and C). let EQ_MULT_LCANCEL = prove (`!m n p. (m * n = m * p) <=> (m = 0) \/ (n = p)`, INDUCT_TAC THEN REWRITE_TAC[MULT_CLAUSES; NOT_SUC] THEN REPEAT INDUCT_TAC THEN ASM_REWRITE_TAC[MULT_CLAUSES; ADD_CLAUSES; GSYM NOT_SUC; NOT_SUC] THEN ASM_REWRITE_TAC[SUC_INJ; GSYM ADD_ASSOC; EQ_ADD_LCANCEL]);; jeudi 11 octobre 12

  6. Diversity : for the worst or the best ? • Many proof-systems; all incompatible. The common language of mathematics seems lost. • Each proofs-system has its strengths : Coq : good for computations (four-color theorem, primality, but also specific design considerations for algebra...) HOL : good for classical analysis. Jordan curve theorem, prime number theorem... jeudi 11 octobre 12

  7. HOL / HOL-light Formalism : Church’s Higher-Order logic Objects : simply typed lambda-calculus (expressions with binders) Proofs : • No computations in the language (almost) Γ ⊢ A Γ ⊢ B Γ ⊢ A ∧ B • The proofs are not stored How can we trust them ? jeudi 11 octobre 12

  8. Architecture of the HOL checker HOL is implemented in ML; in the implementation : Γ ⊢ A : thm All the functions allowing objects of type thm are simple and carefully checked : they correspond to logical steps. If we trust these functions, we trust HOL. jeudi 11 octobre 12

  9. Coq Formalism : type theory Γ ⊢ p:A Γ ⊢ q:B Γ ⊢ (p,q):A ∧ B proofs are objects, proofs are kept - they can be re-checked Objects are functional typed programs - with a very powerful type system. jeudi 11 octobre 12

  10. Programs and functions An example : addition HOL Coq Prove the existence Define a function of a function such such that: that: 0+m ⊳ m 0+m = m S(n)+m ⊳ S(n+m) S(n)+m = S(n+m) jeudi 11 octobre 12

  11. Computational proofs jeudi 11 octobre 12

  12. Translation • Translating the «concrete» syntax: unrealistic, unreliable, fragile. we have to translate the statements in the first place • Translating the «abstract syntax» : Logical embedding HOL ⊂ Type Theory Two kinds of logical embedding : deep and shallow jeudi 11 octobre 12

  13. Embedding HOL in type theory These functions are defined outside of Shallow embedding the formalisms objects t ↦ |t| propositions P ↦ |P| proofs: if Γ ⊢ P then | Γ | ⊢ |P| jeudi 11 octobre 12

  14. Shallow embedding jeudi 11 octobre 12

  15. Embedding HOL in type theory Deep embedding Represent HOL in a datatype of type theory «speak about» HOL in type theory jeudi 11 octobre 12

  16. The trick Shallow Deep Type theory allows lifting deep from shallow encoding (various work, from Martin-Löf to Garrillot & Werner, 2007) jeudi 11 octobre 12

  17. The trick Shallow Coq Deep HOL The encoding is the interface between the two systems jeudi 11 octobre 12

  18. Encoding : types jeudi 11 octobre 12

  19. Encoding : terms jeudi 11 octobre 12

  20. Lifting to Coq term type jeudi 11 octobre 12

  21. Modelling the proofs A function check: term � proof � bool such that if (check t p)=true then : • t is a well-formed proposition / boolean • p is a proof of t jeudi 11 octobre 12

  22. A function check: term � proof � bool such that if (check t p)=true then : • t is a well-formed proposition / boolean • p is a proof of | t| • this entails that | t| is true - in Coq Nice point : | t| is a “real’’ Coq theorem : it is intelligible jeudi 11 octobre 12

  23. Status of definitions in the two systems Definition four := 4. In HOL : new object : four : N new lemma : four = 4 In Coq : new object : four : nat new rule : four ⊳ 4 jeudi 11 octobre 12

  24. Recording HOL-light proofs The type proof is a pure data-type; we can : • define its twin in ML, in the HOL-light implementation • instrument the basic tactics so that they construct the proof-tree on the fly (reuse code of S. Obua and now from the OpenTheory projet) • export these proof-trees to Coq by straightforward pretty-printing The bottleneck becomes the size of these proof-trees (as expected) We introduce new lemmas for sharing. jeudi 11 octobre 12

  25. The bottleneck becomes the size of these proof-trees (as expected) We introduce new lemmas for sharing. jeudi 11 octobre 12

  26. Substantial gains expected in a reasonable close future jeudi 11 octobre 12

  27. What about classical logic ? HOL is inherently classical : • excluded middle • Hilbert’s ε choice operator We have no choice : we need to add classical axioms to Coq jeudi 11 octobre 12

  28. Conclusion • Translation and cooperation between proof-systems can work, sometimes. • Allows re-using but also re-checking of HOL proofs in Coq • Relies on work specific to the two involved formalisms. • Nice point : the translated theorems are intelligible and reusable. • Efficiency and memory consumptation remains an issue; currently some further progress by using Coq arrays and switching to OpenTheory • Mathematical proofs as massive date; a flavour of the future ? jeudi 11 octobre 12

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

On Hypersequents and Labelled Sequents Translating Labelled Sequent Proofs to Hypersequent Proofs

On Hypersequents and Labelled Sequents Translating Labelled Sequent Proofs to Hypersequent Proofs

On Hypersequents and Labelled Sequents Translating Labelled Sequent Proofs to Hypersequent Proofs Robert Rothenberg 1 2 1 School of Computer Science University of St Andrews 2 Interactive Information, Ltd Edinburgh Workshop in Honour of Roy

393 views • 26 slides
Proofs, Continued Today Proofs : A style guide Proofs should be easy to

Proofs, Continued Today Proofs : A style guide Proofs should be easy to

Euclid (300 BC) Proofs, Continued Today Proofs : A style guide Proofs should be easy to verify. All the cleverness goes into finding/writing the proof, not reading/verifying it! P vs. NP (informally) : P =

682 views • 21 slides
Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth

Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth

Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth workshop Introduction to the workshop PROOFS: Security Proofs for Embedded Systems UCSB August 20, 2016 5th edition of PROOFS PROOFS 2012:

311 views • 7 slides
Translating Henri Poincar Bruce D. Popp, Ph.D. ATA Certified Translator, Fr&gt;En ATA 57th

Translating Henri Poincar Bruce D. Popp, Ph.D. ATA Certified Translator, Fr&gt;En ATA 57th

Translating Henri Poincar Bruce D. Popp, Ph.D. ATA Certified Translator, Fr&gt;En ATA 57th Annual Conference Translating Poincar 1 November 5, 2016 Bruce D. Popp, Ph.D. Translating Poincar French, Mathematical Physics and Chaos

674 views • 45 slides
Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2

Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2

Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2 Interactive Proofs IP[k] IP[poly] = PSPACE 2 Interactive Proofs IP[k] IP[poly] = PSPACE IP protocol for TQBF using arithmetization 2 Interactive

1.75k views • 136 slides
Compositional correctness of IP-based system design: Translating C/C++ Models into SIGNAL

Compositional correctness of IP-based system design: Translating C/C++ Models into SIGNAL

Compositional correctness of IP-based system design: Translating C/C++ Models into SIGNAL Processes Rennes, November 04, 2005 Hamoudi Kalla and Jean-Pierre Talpin Espresso Team Outline Introduction Preliminaries Translating C/C++

526 views • 25 slides
Welcome To The ResQIPS Research Symposium Keynote Discussion - Translating Health Policy Into

Welcome To The ResQIPS Research Symposium Keynote Discussion - Translating Health Policy Into

Welcome To The ResQIPS Research Symposium Keynote Discussion - Translating Health Policy Into Research Featuring Senator Heather Carter And Representative Kelli Butler Translating Health Policy into Research TRANSLATING HEALTH POLICY INTO

153 views • 3 slides
Formal proofs, variable binding, and program extraction from proofs Colloquium Logicum 2016 (10

Formal proofs, variable binding, and program extraction from proofs Colloquium Logicum 2016 (10

Formal proofs, variable binding, and program extraction from proofs Colloquium Logicum 2016 (10 - 12 September 2016, Hamburg) Gyesik Lee Hankyong National University 1 Overview 1. Verification of proofs 2. Hales proof of the Kepler

651 views • 43 slides
Proofs that, proofs why, and the analysis of paradoxes To Gerhard, on your 60th birthday Peter

Proofs that, proofs why, and the analysis of paradoxes To Gerhard, on your 60th birthday Peter

Proofs that, proofs why, and the analysis of paradoxes To Gerhard, on your 60th birthday Peter Schroeder-Heister Universit at T ubingen J agerfest Bern, 13.12.2013 p. 1 Russells antinomy in naive set theory Extend natural

688 views • 41 slides
NP-Hardness Proofs With What Problems We . . . What Problems We . . . Realistic Computers

NP-Hardness Proofs With What Problems We . . . What Problems We . . . Realistic Computers

NP-Hardness Proofs . . . Usual Proofs of NP- . . . Proofs of NP- . . . Pedagogical Problem . . . NP-Hardness Proofs With What Problems We . . . What Problems We . . . Realistic Computers Instead What Is NP-Hard: . . . Proof that . . . of

296 views • 12 slides
Translating and Evolving: Towards a model of language change in DisCoCat Tai-Danae Bradley,

Translating and Evolving: Towards a model of language change in DisCoCat Tai-Danae Bradley,

Translating and Evolving: Towards a model of language change in DisCoCat Tai-Danae Bradley, Martha Lewis, Jade Master, and Brad Theilman SYCO3, March 2019 Oxford, UK Bradley &amp; al Translating &amp; Evolving 1/20 Background

571 views • 20 slides
proofs of proximity for distribution testing (Distribution testing now with proofs!) Tom Gur

proofs of proximity for distribution testing (Distribution testing now with proofs!) Tom Gur

proofs of proximity for distribution testing (Distribution testing now with proofs!) Tom Gur (UC Berkeley) October 14, 2017 FOCS 2017 Workshop: Frontiers in Distribution Testing Joint work with Alessandro Chiesa (UC Berkeley) proofs of

2.25k views • 158 slides
Foundation of proofs Jim Hefferon http://joshua.smcvt.edu/proofs The need to prove In

Foundation of proofs Jim Hefferon http://joshua.smcvt.edu/proofs The need to prove In

Foundation of proofs Jim Hefferon http://joshua.smcvt.edu/proofs The need to prove In Mathematics we prove things The base angles of an isoceles triangle are equal seems obvious to a person with mathematical aptitude. a if a = b

678 views • 52 slides
Lecture 8: More Proofs review: proofs Start with hypotheses and facts Use rules of

Lecture 8: More Proofs review: proofs Start with hypotheses and facts Use rules of

cse 311: foundations of computing Fall 2015 Lecture 8: More Proofs review: proofs Start with hypotheses and facts Use rules of inference to extend set of facts Result is proved when it is included in the set Statement Fact 2

185 views • 18 slides
Flexiformality in Proofs: Bridging between Formal and Informal Proofs Michael Kohlhase Professur

Flexiformality in Proofs: Bridging between Formal and Informal Proofs Michael Kohlhase Professur

Flexiformality in Proofs: Bridging between Formal and Informal Proofs Michael Kohlhase Professur fr Wissensreprsentation und -verarbeitung Informatik, FAU Erlangen-Nrnberg http://kwarc.info 20. October 2016, Dagstuhl Seminar on

568 views • 39 slides
(Interactive) Proofs Proofs from 900 BCE until 1800s Pythagorass Theorem: Proof: Looks legit.

(Interactive) Proofs Proofs from 900 BCE until 1800s Pythagorass Theorem: Proof: Looks legit.

15-251: Great Theoretical Ideas in Computer Science Lecture 24 (Interactive) Proofs Proofs from 900 BCE until 1800s Pythagorass Theorem: Proof: Looks legit. Then there was Russell Principia Mathematica Volume 2 Russell and others worked

949 views • 50 slides
Hamiltonian simulation and solving linear systems Robin Kothari Center for Theoretical Physics

Hamiltonian simulation and solving linear systems Robin Kothari Center for Theoretical Physics

Hamiltonian simulation and solving linear systems Robin Kothari Center for Theoretical Physics MIT Quantum Optimization Workshop Fields Institute October 28, 2014 Ask not what you can do for quantum computingask what quantum

625 views • 19 slides
Nearly Linear-Time Algorithms for Structured Sparsity Chinmay

Nearly Linear-Time Algorithms for Structured Sparsity Chinmay

Nearly Linear-Time Algorithms for Structured Sparsity Chinmay Hegde Piotr Indyk Ludwig Schmidt MIT Compressive sensing Setup: Data/signal in

727 views • 26 slides
Integrable states, exact overlaps, and the Boundary Yang-Baxter relation Balzs Pozsgay

Integrable states, exact overlaps, and the Boundary Yang-Baxter relation Balzs Pozsgay

Integrable states, exact overlaps, and the Boundary Yang-Baxter relation Balzs Pozsgay Premium Postdoctoral Program Hungarian Academy of Sciences and BME Statistical Field Theory Research group, Budapest University of Technology and

864 views • 57 slides
Locally finite-dimensional operator algebras and some transfinite combinatorial structures Piotr

Locally finite-dimensional operator algebras and some transfinite combinatorial structures Piotr

Locally finite-dimensional operator algebras and some transfinite combinatorial structures Piotr Koszmider Institute of Mathematics of the Polish Academy of Sciences, Warsaw Piotr Koszmider (IMPAN) LF algebras and transfinite structures

1.38k views • 108 slides
srs stts r r

srs stts r r

srs stts r r rr rtrs rs tr t t s st

1.13k views • 63 slides
Open quantum dynamics Dariusz Chru sci nski Institute of Physics, Faculty of Physics,

Open quantum dynamics Dariusz Chru sci nski Institute of Physics, Faculty of Physics,

Open quantum dynamics Dariusz Chru sci nski Institute of Physics, Faculty of Physics, Astronomy and Informatics Nicolaus Copernicus University Grudziadzka 5, 87100 Torun, Poland 1 Introduction: closed systems vs. open systems 1.1

584 views • 16 slides
Thermalization time bounds for Pauli stabilizer Hamiltonians Kristan Temme California Institute

Thermalization time bounds for Pauli stabilizer Hamiltonians Kristan Temme California Institute

Thermalization time bounds for Pauli stabilizer Hamiltonians Kristan Temme California Institute of Technology arXiv:1412.2858 QEC 2014, Zurich t mix O ( N 2 e 2 ) Overview Motivation &amp; previous results Mixing and

787 views • 74 slides
Decoherence by controlled spin baths D. Rossini, T. Calarco, V. Giovannetti, S. Montangero and

Decoherence by controlled spin baths D. Rossini, T. Calarco, V. Giovannetti, S. Montangero and

Decoherence by controlled spin baths D. Rossini, T. Calarco, V. Giovannetti, S. Montangero and R. Fazio SNS - Pisa SISSA - Trieste BEC - Trento ITAMPT - Harvard cond-mat/0605051 Motivation Decoherence Paradigm models Engineered

344 views • 31 slides

More recommend