Coq as a Metatheory for Nuprl with Bar Induction Vincent Rahli and - PowerPoint PPT Presentation

Coq as a Metatheory for Nuprl with Bar Induction Vincent Rahli and Mark Bickford http://www.nuprl.org September 16, 2015 Vincent Rahli Bar Induction September 16, 2015 1/25

Overall Story Mark Bickford Luitzen Egbertus Jan Brouwer Robert L. Constable Vincent Rahli Bar Induction September 16, 2015 2/25

Nuprl in a Nutshell Similar to Coq and Agda Extensional Intuitionistic Type Theory for partial functions Consistency proof in Coq: https://github.com/vrahli/NuprlInCoq Cloud based & virtual machines: http://www.nuprl.org JonPRL: http://www.jonprl.org Vincent Rahli Bar Induction September 16, 2015 3/25

Nuprl Stack Vincent Rahli Bar Induction September 16, 2015 4/25

Howe’s Computational Equality ĺ is a simulation relation Greatest fixpoint of the following relation: t r R s u if whenever t computes to a value θ p b q , then u also computes to a value θ p b 1 q such that b R b 1 . Examples: K ĺ 1, xK , 1 y ĺ x 1 , 1 y „ is a bisimulation relation ( a „ b “ a ĺ b ^ b ĺ a ) Purely by computation: map( f ,map( g , l )) „ map( f ˝ g , l ) ĺ and „ are congruences Vincent Rahli Bar Induction September 16, 2015 5/25

Howe’s Computational Equality Type checking and type inference are undecidable Proving that terms are well-formed can be cumbersome „ saves us from having to prove well-formedness It turned out that many equalities could be stated using „ Vincent Rahli Bar Induction September 16, 2015 6/25

Nuprl Types Based on Martin-L¨ of’s extensional type theory Equality : a “ b P T Dependent product : a : A Ñ B r a s Dependent sum : a : A ˆ B r a s Universe : U i Vincent Rahli Bar Induction September 16, 2015 7/25

Nuprl Types Less “conventional types” Partial : A Domain : Base Disjoint union : A ` B Simulation : t 1 ĺ t 2 Intersection : X a : A . B r a s ( Void “ 0 ĺ 1 and Unit “ 0 ĺ 0) Bisimulation : t 1 „ t 2 Union : Y a : A . B r a s Image : Img p A , f q Subset : t a : A | B r a su PER : per p R q Quotient : T {{ E Vincent Rahli Bar Induction September 16, 2015 8/25

Nuprl Types Image type (Nogin & Kopylov) Subset: t a : A | B r a su fi Img p a : A ˆ B r a s , π 1 q Union: Y a : A . B r a s fi Img p a : A ˆ B r a s , π 2 q Vincent Rahli Bar Induction September 16, 2015 9/25

Nuprl Types PER type (inspired by Allen) Top “ per p λ , . 0 ĺ 0 q halts p t q “ ‹ ĺ p let x : “ t in ‹q A [ B “ X x : Base . X y : halts p x q . isaxiom p x , A , B q T {{ E “ per p λ x , y . p x P T q [ p y P T q [ p E x y qq Vincent Rahli Bar Induction September 16, 2015 10/25

Nuprl Types Squashing t Unit | T u Ó T per p λ x .λ y . ‹ ĺ x [ ‹ ĺ y [ T q Img p T , λ . ‹q å T T {{ True per p λ x .λ y . x P T [ y P T q Û T Top {{ T per p λ .λ . T q Vincent Rahli Bar Induction September 16, 2015 11/25

Nuprl Refinements Nuprl’s proof engine is called a refiner (TB) A generic goal directed reasoner: { a rule interpreter { a proof manager Example of a rule H $ a : A Ñ B r a s t ext λ x . b u BY [lambdaFormation] H , x : A $ B r x s t ext b u H $ A P U i t ext ‹ u Vincent Rahli Bar Induction September 16, 2015 12/25

Nuprl PER Semantics Implemented in Coq Stuart Allen had his own meta-theory that was meant to be meaningful on its own and needs not be framed into type theory. We chose to use Coq and Agda. Vincent Rahli Bar Induction September 16, 2015 13/25

Nuprl PER Semantics Implemented in Coq Vincent Rahli Bar Induction September 16, 2015 14/25

The More Inference Rules the Better! All verified Expose more of the metatheory Encode Mathematical knowledge Vincent Rahli Bar Induction September 16, 2015 15/25

Intuitionistic Type Theory We’ve proved these rules correct using our Coq model: Brouwer’s Continuity Principle for numbers Π F : B Ñ N . Π f : B . å Σ n : N . Π g : B . f “ N N n g Ñ F p f q “ N F p g q ( B “ N N “ N Ñ N ) Bar induction { On free choice sequences of closed terms without atoms { We can build indexed W types Vincent Rahli Bar Induction September 16, 2015 16/25

Weak Continuity False in Nuprl (following Escard´ o and Xu) Π F : B Ñ N . Π f : B . Σ n : N . Π g : B . f “ N N n g Ñ F p f q “ N F p g q Easy in Coq model (almost purely by computation) because it doesn’t have computational content Π F : B Ñ N . Π f : B . Ó Σ n : N . Π g : B . f “ N N n g Ñ F p f q “ N F p g q Harder in Coq because it has computational content: uses named exceptions + ν (following Longley’s method) Π F : B Ñ N . Π f : B . å Σ n : N . Π g : B . f “ N N n g Ñ F p f q “ N F p g q Vincent Rahli Bar Induction September 16, 2015 17/25

Strong Continuity Actually what we proved in Coq is essentially Π F : B Ñ N . å Σ M : p Π n : N . N N n Ñ N ` Unit q . Π f : B . Σ n : N . M n f “ N ` Unit inl p F p f qq ^ Π m : N . isl p M m f q Ñ m “ N n which is equivalent to weak continuity because (standard) AC 1 , 0 å ñ (WCP å ð ñ SCP å ) Vincent Rahli Bar Induction September 16, 2015 18/25

Axiom of Choice Trivial Π a : A . Σ b : B . P a b ñ Σ f : B A . Π a : A . P a f p a q Harder to prove (AC 0 , 0 ) in Coq: uses the axiom of choice and free choice sequences Π a : N . Ó Σ b : N . P a b ñ Ó Σ f : N N . Π a : N . P a f p a q Non-trivial to prove (AC 0 , n and AC 1 , n ) in Nuprl Π a : N . å Σ b : B . P a b ñ å Σ f : B N . Π a : N . P a f p a q Π a : B . å Σ b : B . P a b ñ å Σ f : B B . Π a : B . P a f p a q Vincent Rahli Bar Induction September 16, 2015 19/25

Uniform Continuity Follows from the Fan Theorem (every decidable bar is uniform) and Weak Continuity (standard) Π F : C Ñ N . å Σ n : N . Π f , g : C . f “ 2 N n g Ñ F p f q “ N F p g q ( C “ 2 N ) Following Escard´ o and Xu: Π F : C Ñ N . Σ n : N . Π f , g : C . f “ 2 N n g Ñ F p f q “ N F p g q Vincent Rahli Bar Induction September 16, 2015 20/25

Bar Induction Fan Theorem follows from Bar Induction on Decidable Bars (BID) H $ Óp X 0 c q BY [BID] H , n : N , s : N N n $ B n s _ � B n s p dec q H , s : N N $ ÓD n : N . B n s p bar q H , n : N , s : N N n , m : B n s $ X n s p imp q H , n : N , s : N N n , x : p@ m : N . X p n ` 1 q ext p s , n , m qq p ind q $ X n s Vincent Rahli Bar Induction September 16, 2015 21/25

Bar Induction We proved BID for free choice sequences of numbers in Coq following Dummett’s “standard” classical proof (easy) We added free choice sequences of numbers to Nuprl’s model: all Coq functions from N to N What about sequences of terms? Vincent Rahli Bar Induction September 16, 2015 22/25

Bar Induction We proved BID for free choice sequences of closed terms without names (in Coq following Dummett’s “standard” classical proof) Harder because we had to turn our terms into a big W type: a function from N to terms is now a term! Why without names? ν picks fresh names and we can’t compute the collection of all names anymore (still doable I think) Vincent Rahli Bar Induction September 16, 2015 23/25

Law of Excluded Middle LEM is false in Nuprl (Anand) Π P : P . P _ � P Follows from: � Π t : Base . t ó _ � t ó (call the function magic) We can prove: if magic pKq then K else ‹ ĺ if magic p‹q then K else ‹ We get: ‹ ĺ K Squashed version is true in Coq (using LEM in Coq) Π P : P . Óp P _ � P q Vincent Rahli Bar Induction September 16, 2015 24/25

Questions Can we prove continuity for sequences of terms instead of B ? Can we prove BID/BIM on sequences of terms with atoms? What does that give us? ­“ proof-theoretic strength? Can I hope to be able to prove BID in Coq/Agda without LEM/AC? Vincent Rahli Bar Induction September 16, 2015 25/25