co inductive predicates and bisimilarity
play

Co-inductive predicates and bisimilarity CoqArt section 13.613.7 - PowerPoint PPT Presentation

Dec 21, 2022 •212 likes •655 views

Co-inductive predicates and bisimilarity CoqArt section 13.613.7 Koen Timmermans and Marnix Suilen 1 Definitions Recall the definition of LList : Set Implicit Arguments. CoInductive LList (A:Set) : Set := LNil : LList A | LCons : A

  1. Co-inductive predicates and bisimilarity Coq’Art section 13.6–13.7 Koen Timmermans and Marnix Suilen 1

  2. Definitions Recall the definition of LList : Set Implicit Arguments. CoInductive LList (A:Set) : Set := LNil : LList A | LCons : A -> LList A -> LList A. Implicit Arguments LNil [A]. 2

  3. Definitions Recall the definition of LList : Set Implicit Arguments. CoInductive LList (A:Set) : Set := LNil : LList A | LCons : A -> LList A -> LList A. Implicit Arguments LNil [A]. And the definition of from : CoFixpoint from (n:nat) : LList nat := LCons n (from (S n)). 2

  4. Definitions Recall the definition of LList : Set Implicit Arguments. CoInductive LList (A:Set) : Set := LNil : LList A | LCons : A -> LList A -> LList A. Implicit Arguments LNil [A]. And the definition of from : CoFixpoint from (n:nat) : LList nat := LCons n (from (S n)). And of repeat : CoFixpoint repeat (A:Set)(a:A) : LList A := LCons a (repeat a). 2

  5. Recall from_unfold Lemma from_unfold: forall n:nat , from n = LCons n (from (S n)). Proof. intro n. LList_unfold (from n). simpl. reflexivity. Qed. 3

  6. Recall Guard conditions A definition by cofixpoint is only accepted if all recursive calls occur inside one of the arguments of a constructor of the co-inductive type. 4

  7. Co-inductive Predicates Used for properties on co-inductive types that cannot be defined inductively. • 5

  8. Co-inductive Predicates Used for properties on co-inductive types that cannot be defined inductively. • Example: infiniteness of LLists. • – Finiteness can be proven with a finite number of applications of Finite_LCons to a term obtained with Finite_LNil . 5

  9. Co-inductive Predicates Used for properties on co-inductive types that cannot be defined inductively. • Example: infiniteness of LLists. • – Finiteness can be proven with a finite number of applications of Finite_LCons to a term obtained with Finite_LNil . An inductive predicate. 5

  10. Co-inductive Predicates Used for properties on co-inductive types that cannot be defined inductively. • Example: infiniteness of LLists. • – Finiteness can be proven with a finite number of applications of Finite_LCons to a term obtained with Finite_LNil . An inductive predicate. – Infiniteness cannot be proven this way. It needs a co-inductive predicate. 5

  11. Predicate for Infinite This is a predicate that indicates that a LList is infinite. CoInductive Infinite (A:Set) : LList A -> Prop := Infinite_LCons : forall (a:A) (l : LList A), Infinite l -> Infinite (LCons a l). 6

  12. Infinite proofs We want to prove that from n yields infinite lists for every natural number n . • 7

  13. Infinite proofs We want to prove that from n yields infinite lists for every natural number n . • We do this by building an inhabitant of the type forall n:nat, Infinite (from n) . • 7

  14. Infinite proofs We want to prove that from n yields infinite lists for every natural number n . • We do this by building an inhabitant of the type forall n:nat, Infinite (from n) . • For this, we need a co-recursive function of which this is a fixpoint. • 7

  15. Infinite proofs We want to prove that from n yields infinite lists for every natural number n . • We do this by building an inhabitant of the type forall n:nat, Infinite (from n) . • For this, we need a co-recursive function of which this is a fixpoint. • We define Definition F_from : (forall n:nat , Infinite (from n)) -> forall n:nat , Infinite (from n). 7

  16. Infinite proofs We want to prove that from n yields infinite lists for every natural number n . • We do this by building an inhabitant of the type forall n:nat, Infinite (from n) . • For this, we need a co-recursive function of which this is a fixpoint. • We define Definition F_from : (forall n:nat , Infinite (from n)) -> forall n:nat , Infinite (from n). We have to prove that this satisfies the guard condition. 7

  17. Infinite proofs We want to prove that from n yields infinite lists for every natural number n . • We do this by building an inhabitant of the type forall n:nat, Infinite (from n) . • For this, we need a co-recursive function of which this is a fixpoint. • We define Definition F_from : (forall n:nat , Infinite (from n)) -> forall n:nat , Infinite (from n). We have to prove that this satisfies the guard condition. intro H. intro n. rewrite (from_unfold n). split. apply H. Defined. 7

  18. The cofix tactic The cofix tactic automates much of the above: • 8

  19. The cofix tactic The cofix tactic automates much of the above: • Theorem from_Infinite_V0 : forall n:nat , Infinite (from n). Proof cofix H : forall n:nat , Infinite (from n) := F_from H. 8

  20. The cofix tactic The cofix tactic automates much of the above: • Theorem from_Infinite_V0 : forall n:nat , Infinite (from n). Proof cofix H : forall n:nat , Infinite (from n) := F_from H. To prove a property P , where P uses a co-inductive predicate, one should construct a term • of the form cofix H : P := t . 8

  21. The cofix tactic The cofix tactic automates much of the above: • Theorem from_Infinite_V0 : forall n:nat , Infinite (from n). Proof cofix H : forall n:nat , Infinite (from n) := F_from H. To prove a property P , where P uses a co-inductive predicate, one should construct a term • of the form cofix H : P := t . Here, t has type P in the context with a hypothesis H : P . • The term we obtain satisfies the guard condition. 8

  22. The cofix tactic The cofix tactic automates much of the above: • Theorem from_Infinite_V0 : forall n:nat , Infinite (from n). Proof cofix H : forall n:nat , Infinite (from n) := F_from H. To prove a property P , where P uses a co-inductive predicate, one should construct a term • of the form cofix H : P := t . Here, t has type P in the context with a hypothesis H : P . • The term we obtain satisfies the guard condition. This can also be done without explicitly mentioning P . • Theorem from_Infinite_V1 : forall n:nat , Infinite (from n). Proof. cofix H. apply (F_from H). Qed. 8

  23. And we can use this tactic in an interactive way. Theorem from_Infinite : forall n:nat , Infinite (from n). Proof. cofix H. intro n. rewrite (from_unfold n). apply Infinite_LCons . apply H. Qed. 9

  24. Guard condition violation Lemma from_Infinite_buggy : forall n:nat , Infinite (from n). Proof. cofix H. auto with llists. 10

  25. Guard condition violation Lemma from_Infinite_buggy : forall n:nat , Infinite (from n). Proof. cofix H. auto with llists. Proof completed. 10

  26. Guard condition violation Lemma from_Infinite_buggy : forall n:nat , Infinite (from n). Proof. cofix H. auto with llists. Proof completed. Qed. Error: Recursive definition of "H" is ill-formed. In environment H: V n:nat , Infinite (from n) unguarded recursive call in "H" 10

  27. The Guarded tactic Check for guard violations after using an auto command: 11

  28. The Guarded tactic Check for guard violations after using an auto command: Lemma from_Infinite_buggy : .. Proof. cofix H. auto with llists. Guarded. 11

  29. The Guarded tactic Check for guard violations after using an auto command: Lemma from_Infinite_buggy : .. Proof. cofix H. auto with llists. Guarded. Error: Recursive definition of "H" is ill-formed. 11

  30. The Guarded tactic Check for guard violations after using an auto command: Lemma from_Infinite_buggy : .. Proof. cofix H. auto with llists. Guarded. Error: Recursive definition of "H" is ill-formed. Undo. intro n; rewrite (from_unfold n). split; auto. Guarded. 11

  31. The Guarded tactic Check for guard violations after using an auto command: Lemma from_Infinite_buggy : .. Proof. cofix H. auto with llists. Guarded. Error: Recursive definition of "H" is ill-formed. Undo. intro n; rewrite (from_unfold n). split; auto. Guarded. The condition holds up to here 11

  32. The Guarded tactic Check for guard violations after using an auto command: Lemma from_Infinite_buggy : .. Proof. cofix H. auto with llists. Guarded. Error: Recursive definition of "H" is ill-formed. Undo. intro n; rewrite (from_unfold n). split; auto. Guarded. The condition holds up to here Qed. 11

  33. LNil is not infinite Theorem LNil_not_Infinite : forall (A:Set), ~Infinite (LNil (A:=A)). Proof. intros A H. inversion H. Qed. 12

  34. Infiniteness of repeat We prove that repeat a yields an infinite LList A for any a of type A . • For this, we need an auxiliary lemma • 13

  35. Infiniteness of repeat We prove that repeat a yields an infinite LList A for any a of type A . • For this, we need an auxiliary lemma • Lemma repeat_unfold : forall A:Set , forall a:A, repeat a = LCons a (repeat a). Proof. intro A. intro a. LList_unfold (repeat a). simpl. reflexivity. Qed. 13

  36. We can use this lemma to prove the following theorem 14

  37. We can use this lemma to prove the following theorem Lemma repeat_infinite : forall (A:Set) (a:A), Infinite (repeat a). Proof. intro A. cofix a. intro b. 14

Recommend

A Decidable Fragment in Separation Logic with Inductive Predicates and Arithmetic Quang Loc Le

A Decidable Fragment in Separation Logic with Inductive Predicates and Arithmetic Quang Loc Le

A Decidable Fragment in Separation Logic with Inductive Predicates and Arithmetic Quang Loc Le (TU) Makoto Tatsuta (NII) Jun Sun (SUTD) Wei-Ngan Chin (NUS) Computer Aided Verification, 29th International Conference Heidelberg Germany July

490 views • 21 slides
Model Checking for Symbolic-Heap Separation Logic with Inductive Predicates James Brotherston 1

Model Checking for Symbolic-Heap Separation Logic with Inductive Predicates James Brotherston 1

Model Checking for Symbolic-Heap Separation Logic with Inductive Predicates James Brotherston 1 Nikos Gorogiannis 2 Max Kanovich 1 Reuben Rowe 1 1 UCL 2 Middlesex University Australian National University, Canberra, 9 December 2015 1/ 24 Model

1.13k views • 81 slides
Modelling and Verification Lecture 4 Weak bisimilarity and weak bisimulation games Properties of

Modelling and Verification Lecture 4 Weak bisimilarity and weak bisimulation games Properties of

Strong Bisimilarity (Reprise) Weak Bisimilarity Case Study: Communication Protocol Congruence Problems Modelling and Verification Lecture 4 Weak bisimilarity and weak bisimulation games Properties of weak bisimilarity Example: a

587 views • 24 slides
Modelling and Verification Lecture 4 Properties of strong bisimilarity (reprise) Bisimulation

Modelling and Verification Lecture 4 Properties of strong bisimilarity (reprise) Bisimulation

Strong Bisimilarity (Reprise) Weak Bisimilarity Case Study: Communication Protocol Congruence Problems Modelling and Verification Lecture 4 Properties of strong bisimilarity (reprise) Bisimulation games Weak bisimilarity and weak

872 views • 47 slides
Predicates Reading: EC 1.4 Peter J. Haas INFO 150 Fall Semester 2019 Lecture 3 1/ 15

Predicates Reading: EC 1.4 Peter J. Haas INFO 150 Fall Semester 2019 Lecture 3 1/ 15

Predicates Reading: EC 1.4 Peter J. Haas INFO 150 Fall Semester 2019 Lecture 3 1/ 15 Predicates Simple Predicates and Their Negations Predicates and Sets Quantified Predicates Negating Quantified Predicates Multiple Quantifiers and Their

479 views • 22 slides
Conjunctive Predicates 1 Goals of the lecture: Conjunctive Predicates Direct dep

Conjunctive Predicates 1 Goals of the lecture: Conjunctive Predicates Direct dep

Conjunctive Predicates 1 Goals of the lecture: Conjunctive Predicates Direct dep endency algo rithm T ok en based decentralized algo rithm Channel Predicates Reference: Chapter 5. Vija c y K. Ga rg

228 views • 19 slides
W eak Bisimilarity Coalgebraically Andrei Popescu Department of Computer Science University of

W eak Bisimilarity Coalgebraically Andrei Popescu Department of Computer Science University of

W eak Bisimilarity Coalgebraically Andrei Popescu Department of Computer Science University of Illinois Context and motivation Process algebra: SOS presentations: one-step behavior Process equivalence: weak bisimilarity : arbitrarily

394 views • 23 slides
Back to the future Back to the future Pointcuts as Pointcuts as Predicates over Predicates

Back to the future Back to the future Pointcuts as Pointcuts as Predicates over Predicates

Back to the future Back to the future Pointcuts as Pointcuts as Predicates over Predicates over Traces Traces Karl Klose, Klaus Ostermann Darmstadt University of Technology, Germany Back to the Future Pointcuts as Predicates over

295 views • 16 slides
Complex Predicates in Urdu Tafseer Ahmed Universitaet Konstanz July 2011 Outline Complex

Complex Predicates in Urdu Tafseer Ahmed Universitaet Konstanz July 2011 Outline Complex

Complex Predicates in Urdu Tafseer Ahmed Universitaet Konstanz July 2011 Outline Complex Predicates Lights verbs used in Complex Predicates Complex Predicates and Verb Classes Conclusion and Future Work Outline Complex Predicates Lights

842 views • 46 slides
Bisimilarity and Behavioural Equivalences Lus Soares Barbosa HASLab - INESC TEC Universidade

Bisimilarity and Behavioural Equivalences Lus Soares Barbosa HASLab - INESC TEC Universidade

Bisimilarity and Behavioural Equivalences Lus Soares Barbosa HASLab - INESC TEC Universidade do Minho Braga, Portugal February 2019 Behavioural equivalences Similarity Bisimilarity Observable behaviour Behavioural Equivalences

541 views • 53 slides
Inductive Definitions with Inference Rules 1 / 25 Outline Introduction Specifying inductive

Inductive Definitions with Inference Rules 1 / 25 Outline Introduction Specifying inductive

Inductive Definitions with Inference Rules 1 / 25 Outline Introduction Specifying inductive definitions Inference rules in action Judgments, axioms, and rules Reasoning about inductive definitions Direct proofs Admissibility Rule induction

498 views • 25 slides
Inductive types in Coq Wessel van Staal November 23, 2012 Inductive types Inductive nattree :

Inductive types in Coq Wessel van Staal November 23, 2012 Inductive types Inductive nattree :

Inductive types in Coq Wessel van Staal November 23, 2012 Inductive types Inductive nattree : Set := leaf : nat -> nattree | node : nattree -> nattree -> nattree. Adds constant or function with final type Prop , Set or Type to

325 views • 14 slides
Synthesis, Verification, and Synthesis, Verification, and Inductive Learning Inductive Learning

Synthesis, Verification, and Synthesis, Verification, and Inductive Learning Inductive Learning

Synthesis, Verification, and Synthesis, Verification, and Inductive Learning Inductive Learning Sanjit A. Seshia EECS Department UC Berkeley Joint work with Susmit Jha (UTC) Dagstuhl Seminar Verified SW Working Group August 2014 July

661 views • 28 slides
Inductive Types for Free Representing Nested Inductive Types using W-types Michael Abbott (U.

Inductive Types for Free Representing Nested Inductive Types using W-types Michael Abbott (U.

Inductive Types for Free Representing Nested Inductive Types using W-types Michael Abbott (U. Leicester) Thorsten Altenkirch (U. Nottingham) Neil Ghani (U. Leicester) Inductive Types for Free p.1/22 Ideology Inductive Types for Free

1.07k views • 81 slides
Inductive Programming A Unifying Framework for Analysis and Evaluation of Inductive Programming

Inductive Programming A Unifying Framework for Analysis and Evaluation of Inductive Programming

Inductive Programming A Unifying Framework for Analysis and Evaluation of Inductive Programming Systems Hofmann, Kitzelmann, Schmid Cognitive Systems Group University of Bamberg AGI 2009 CogSys Group (Univ. Bamberg) Inductive Programming

504 views • 47 slides
Interpreting inductive-inductive definitions as indexed inductive definitions Fredrik Nordvall

Interpreting inductive-inductive definitions as indexed inductive definitions Fredrik Nordvall

Interpreting inductive-inductive definitions as indexed inductive definitions Fredrik Nordvall Forsberg Swansea University csfnf@swansea.ac.uk (Work in progress) What is induction-induction? What is induction-induction? Induction-induction

915 views • 70 slides
A categorical semantics for inductive-inductive definitions Thorsten Altenkirch 2 Peter Morris 2

A categorical semantics for inductive-inductive definitions Thorsten Altenkirch 2 Peter Morris 2

A categorical semantics for inductive-inductive definitions Thorsten Altenkirch 2 Peter Morris 2 Fredrik Nordvall Forsberg 1 Anton Setzer 1 1 University of Nottingham, UK 2 Swansea University, UK CALCO 30/08/2011, Winchester Plan of the talk 1

931 views • 89 slides
Towards Automatization of Framed Bisimilarity in Coq M. Miculan I. Scagnetto Dipartimento di

Towards Automatization of Framed Bisimilarity in Coq M. Miculan I. Scagnetto Dipartimento di

Motivation The encoding Future work Details about the encoding Towards Automatization of Framed Bisimilarity in Coq M. Miculan I. Scagnetto Dipartimento di Matematica e Informatica Universit di Udine TYPES Annual Workshop, April 2006 M.

708 views • 51 slides
Inductive Definition and Structural Induction Class Notes To explain what are inductive

Inductive Definition and Structural Induction Class Notes To explain what are inductive

Inductive Definition and Structural Induction Class Notes To explain what are inductive definitions and structural induction, we start with, in section 1, a simple abstractionthe natural numbers. And then in section 2, we show how to deploy

299 views • 4 slides
Network Verification Using Atomic Network Verification Using Atomic Predicates Predicates Ne

Network Verification Using Atomic Network Verification Using Atomic Predicates Predicates Ne

Network Verification Using Atomic Network Verification Using Atomic Predicates Predicates Ne two rk Ve rific atio n U sing Ato mic Pre dic ate s (S. S. L am) 1 3/ 28/ 2017 Difficulty in Managing Large Networks Difficulty in Managing Large

760 views • 44 slides
Inductive Theorem Proving Automated Reasoning Petros Papapanagiotou

Inductive Theorem Proving Automated Reasoning Petros Papapanagiotou

Introduction Inductive Proofs Automation Conclusion Inductive Theorem Proving Automated Reasoning Petros Papapanagiotou P.Papapanagiotou@sms.ed.ac.uk 11 October 2012 Petros Papapanagiotou Inductive Theorem Proving Introduction Inductive

379 views • 34 slides
Model Checking for Symbolic-Heap Separation Logic with Inductive Predicates James Brotherston 1

Model Checking for Symbolic-Heap Separation Logic with Inductive Predicates James Brotherston 1

. POPL 2016, St Petersburg, Florida, USA, 1 Programming Principles, Logic & Verification Group Department of Computer Science, University College London 2 Foundations of Computing Group Department of Computer Science, Middlesex University

1.02k views • 62 slides
Complete Axiomatization for the Bisimilarity Distance on MCs Giorgio Bacci , Giovanni Bacci, Kim

Complete Axiomatization for the Bisimilarity Distance on MCs Giorgio Bacci , Giovanni Bacci, Kim

Complete Axiomatization for the Bisimilarity Distance on MCs Giorgio Bacci , Giovanni Bacci, Kim G. Larsen, and Radu Mardare Dept. of Computer Science, Aalborg University, DK CONCUR 2016 Introduction Kleenes Theorem : fundamental

1.02k views • 75 slides
Inductive Inductive Inductive Inductive Databases Databases Databases Databases and

Inductive Inductive Inductive Inductive Databases Databases Databases Databases and

Inductive Inductive Inductive Inductive Databases Databases Databases Databases and andQueries and and Queries Queries Queries for for for for Computational Computational Computational Computational Scientific

540 views • 25 slides

More recommend