program ing in coq
play

Program -ing in Coq Matthieu Sozeau under the direction of Christine - PowerPoint PPT Presentation

Program -ing in Coq Matthieu Sozeau under the direction of Christine Paulin-Mohring LRI , Univ. Paris-Sud - D emons Team & INRIA Saclay - ProVal Project Foundations of Programming seminar February 15th 2008 University of Nottingham The


  1. Program -ing in Coq Matthieu Sozeau under the direction of Christine Paulin-Mohring LRI , Univ. Paris-Sud - D´ emons Team & INRIA Saclay - ProVal Project Foundations of Programming seminar February 15th 2008 University of Nottingham

  2. The Big Picture

  3. The Big Picture

  4. The Big Picture

  5. The Big Picture

  6. The Big Picture

  7. The Big Picture

  8. The Big Picture

  9. The Big Picture Inductive diveucl a b : Set := divex : ∀ q r , b > r → a = q × b + r → diveucl a b . Lemma eucl dev : ∀ n , n > 0 → ∀ m : nat , diveucl m n . Proof . intros b H a ; pattern a in ⊢ × ; apply gt wf rec ; intros n H0 . elim ( le gt dec b n ). intro lebn . elim ( H0 ( n - b )); auto with arith . intros q r g e . apply divex with ( S q ) r ; simpl in ⊢ × ; auto with arith . elim plus assoc . elim e ; auto with arith . intros gtbn . apply divex with 0 n ; simpl in ⊢ × ; auto with arith . Qed .

  10. The Big Picture

  11. The Curry-Howard isomorphism Programming language = Proof system

  12. The Curry-Howard isomorphism Programming language = Proof system Program extends the Coq proof-assistant into a dependently-typed programming environment.

  13. The Curry-Howard isomorphism Programming language = Proof system Program extends the Coq proof-assistant into a dependently-typed programming environment. Epigram PVS DML Ω mega

  14. The Curry-Howard isomorphism Programming language = Proof system Program extends the Coq proof-assistant into a dependently-typed programming environment. ◮ Logical Framework Type Theory. Epigram PVS DML Ω mega

  15. The Curry-Howard isomorphism Programming language = Proof system Program extends the Coq proof-assistant into a dependently-typed programming environment. ◮ Logical Framework Type Theory. Separates proofs and programs using sorts ⇒ Extraction Epigram PVS DML Ω mega

  16. The Curry-Howard isomorphism Programming language = Proof system Program extends the Coq proof-assistant into a dependently-typed programming environment. ◮ Logical Framework Type Theory. Separates proofs and programs using sorts ⇒ Extraction ◮ Paradigm Purely functional. Epigram PVS DML Ω mega

  17. The Curry-Howard isomorphism Programming language = Proof system Program extends the Coq proof-assistant into a dependently-typed programming environment. ◮ Logical Framework Type Theory. Separates proofs and programs using sorts ⇒ Extraction ◮ Paradigm Purely functional. Total, no separation of terms and types. Epigram PVS DML Ω mega

  18. The Curry-Howard isomorphism Programming language = Proof system Program extends the Coq proof-assistant into a dependently-typed programming environment. ◮ Logical Framework Type Theory. Separates proofs and programs using sorts ⇒ Extraction ◮ Paradigm Purely functional. Total, no separation of terms and types. ◮ Development style and proof automation Interactive, semi-automatic proof using tactics. Epigram PVS DML Ω mega

  19. The Curry-Howard isomorphism Programming language = Proof system Program extends the Coq proof-assistant into a dependently-typed programming environment. ◮ Logical Framework Type Theory. Separates proofs and programs using sorts ⇒ Extraction ◮ Paradigm Purely functional. Total, no separation of terms and types. ◮ Development style and proof automation Interactive, semi-automatic proof using tactics. ◮ Phase distinction none Epigram PVS DML Ω mega

  20. The Curry-Howard isomorphism Programming language = Proof system Program extends the Coq proof-assistant into a dependently-typed programming environment. ◮ Logical Framework Type Theory. Separates proofs and programs using sorts ⇒ Extraction ◮ Paradigm Purely functional. Total, no separation of terms and types. ◮ Development style and proof automation Interactive, semi-automatic proof using tactics. ◮ Phase distinction ⇒ in Program Epigram PVS DML Ω mega

  21. 1 The idea A simple idea From PVS to Coq 2 Theoretical development Russell Interpretation in Coq Inductive types 3 Program Architecture Hello world Extensions 4 Conclusion M. Sozeau (LRI) Program -ing in Coq 4 / 27

  22. A simple idea Definition { x : T | P } is the set of objects of set T verifying property P . ◮ Useful for specifying, widely used in mathematics ; ◮ Links object and property. M. Sozeau (LRI) Program -ing in Coq 5 / 27

  23. A simple idea Definition { x : T | P } is the set of objects of set T verifying property P . ◮ Useful for specifying, widely used in mathematics ; ◮ Links object and property. Adapting the idea t : T P [ t/x ] t : { x : T | P } t : T t : { x : T | P } M. Sozeau (LRI) Program -ing in Coq 5 / 27

  24. A simple idea Definition { x : T | P } is the set of objects of set T verifying property P . ◮ Useful for specifying, widely used in mathematics ; ◮ Links object and property. Adapting the idea t : T p : P [ t/x ] t : { x : T | P } proj t : T ( t, p ) : { x : T | P } M. Sozeau (LRI) Program -ing in Coq 5 / 27

  25. From “ Predicate subtyping ”. . . PVS ◮ Specialized typing algorithm for subset types, generating Type-checking conditions . t : { x : T | P } used as t : T ok t : T used as t : { x : T | P } if P [ t/x ] M. Sozeau (LRI) Program -ing in Coq 6 / 27

  26. From “ Predicate subtyping ”. . . PVS ◮ Specialized typing algorithm for subset types, generating Type-checking conditions . t : { x : T | P } used as t : T ok t : T used as t : { x : T | P } if P [ t/x ] + Practical success ; M. Sozeau (LRI) Program -ing in Coq 6 / 27

  27. From “ Predicate subtyping ”. . . PVS ◮ Specialized typing algorithm for subset types, generating Type-checking conditions . t : { x : T | P } used as t : T ok t : T used as t : { x : T | P } if P [ t/x ] + Practical success ; – No strong safety guarantee in PVS . M. Sozeau (LRI) Program -ing in Coq 6 / 27

  28. . . . to Subset coercions 1 A property-irrelevant language ( Russell ) with decidable typing ; Γ ⊢ t : { x : T | P } Γ ⊢ t : T Γ ⊢ t : T Γ , x : T ⊢ P : Prop Γ ⊢ t : { x : T | P } M. Sozeau (LRI) Program -ing in Coq 7 / 27

  29. . . . to Subset coercions 1 A property-irrelevant language ( Russell ) with decidable typing ; 2 A total interpretation to Coq terms with holes ; Γ ⊢ t : { x : T | P } Γ ⊢ proj t : T Γ ⊢ t : T Γ , x : T ⊢ P : Prop Γ ⊢ ? : P [ t/x ] Γ ⊢ ( t, ?) : { x : T | P } M. Sozeau (LRI) Program -ing in Coq 7 / 27

  30. . . . to Subset coercions 1 A property-irrelevant language ( Russell ) with decidable typing ; 2 A total interpretation to Coq terms with holes ; 3 A mechanism to turn the holes into proof obligations and manage them. Γ ⊢ t : { x : T | P } Γ ⊢ proj t : T Γ ⊢ t : T Γ , x : T ⊢ P : Prop Γ ⊢ p : P [ t/x ] Γ ⊢ ( t, p ) : { x : T | P } M. Sozeau (LRI) Program -ing in Coq 7 / 27

  31. 1 The idea A simple idea From PVS to Coq 2 Theoretical development Russell Interpretation in Coq Inductive types 3 Program Architecture Hello world Extensions 4 Conclusion M. Sozeau (LRI) Program -ing in Coq 8 / 27

  32. Russell syntax x ∈ V s, t, u, v ::= x | Set | Prop | Type M. Sozeau (LRI) Program -ing in Coq 9 / 27

  33. Russell syntax x ∈ V s, t, u, v ::= x | Set | Prop | Type | λx : s.t | s t | Π x : s.t M. Sozeau (LRI) Program -ing in Coq 9 / 27

  34. Russell syntax x ∈ V s, t, u, v ::= x | Set | Prop | Type | λx : s.t | s t | Π x : s.t | ( u, v ) Σ x : s.t | π 1 s | π 2 s | Σ x : s.t M. Sozeau (LRI) Program -ing in Coq 9 / 27

  35. Russell syntax x ∈ V s, t, u, v ::= x | Set | Prop | Type | λx : s.t | s t | Π x : s.t | ( u, v ) Σ x : s.t | π 1 s | π 2 s | Σ x : s.t | { x : s | t } M. Sozeau (LRI) Program -ing in Coq 9 / 27

  36. Russell typing ⊢ and coercion � Calculus of Constructions with Γ ⊢ t : U Γ ⊢ U ≡ βπ T : s Γ ⊢ t : T M. Sozeau (LRI) Program -ing in Coq 10 / 27

  37. Russell typing ⊢ and coercion � Calculus of Constructions with Γ ⊢ T ≡ βπ U : s Γ ⊢ t : U Γ ⊢ U � T : s Γ ⊢ t : T Γ ⊢ T � U : s M. Sozeau (LRI) Program -ing in Coq 10 / 27

  38. Russell typing ⊢ and coercion � Calculus of Constructions with Γ ⊢ T ≡ βπ U : s Γ ⊢ t : U Γ ⊢ U � T : s Γ ⊢ t : T Γ ⊢ T � U : s Γ ⊢ U � V : Set Γ , x : U ⊢ P : Prop Γ ⊢ { x : U | P } � V : Set Γ ⊢ U � V : Set Γ , x : V ⊢ P : Prop Γ ⊢ U � { x : V | P } : Set M. Sozeau (LRI) Program -ing in Coq 10 / 27

  39. Russell typing ⊢ and coercion � Calculus of Constructions with Γ ⊢ T ≡ βπ U : s Γ ⊢ t : U Γ ⊢ U � T : s Γ ⊢ t : T Γ ⊢ T � U : s Γ ⊢ U � V : Set Γ , x : U ⊢ P : Prop Γ ⊢ { x : U | P } � V : Set Γ ⊢ U � V : Set Γ , x : V ⊢ P : Prop Γ ⊢ U � { x : V | P } : Set Γ ⊢ 0 : N Γ ⊢ N � { x : N | x � = 0 } : Set Example Γ ⊢ 0 : { x : N | x � = 0 } M. Sozeau (LRI) Program -ing in Coq 10 / 27

  40. Russell typing ⊢ and coercion � Calculus of Constructions with Γ ⊢ T ≡ βπ U : s Γ ⊢ t : U Γ ⊢ U � T : s Γ ⊢ t : T Γ ⊢ T � U : s Γ ⊢ U � V : Set Γ , x : U ⊢ P : Prop Γ ⊢ { x : U | P } � V : Set Γ ⊢ U � V : Set Γ , x : V ⊢ P : Prop Γ ⊢ U � { x : V | P } : Set Γ ⊢ 0 : N Γ ⊢ N � { x : N | x � = 0 } : Set Example Γ ⊢ 0 : { x : N | x � = 0 } Γ ⊢ ? : 0 � = 0 M. Sozeau (LRI) Program -ing in Coq 10 / 27

Recommend


More recommend