the type checking problem (TCP) schema the proof checking problem the type synthesis problem (TSP) decidability input: Γ M :? polymorphism in Coq

Transcription

1 schema the type checking problem (TCP) decidability polymorphism in Coq dependent inductive data-types in Coq further reading overview input: Γ M : N? output: true yes the typing judgement is derivable false no the typing judgement is not derivable (usually) decidable overview the proof checking problem the type synthesis problem (TSP) input: is candidate-proof P a proof of formula A? output: true yes P is a proof of A false no P is not a proof of A corresponds to type checking input: Γ M :? output: yes and term N typing judgment is derivable no typing judgment is not derivable generally decidable

2 the type inhabitation problem (TIP) the provability problem input: Γ? : N output: yes and term M typing judgment is derivable no typing judgment is not deriable input: is there a proof of formula A? corresponds to type inhabitation problem generally undecidable (but decidable in λ ) reduction theory schema subject reduction types are preserved under computation if Γ M : A and M β M then Γ M : A unique normal forms result of a computation is unique via confluence: if M β N and M β P then there is Q such that: N Q and P Q termination all computations eventually end in a normal form decidability polymorphism in Coq dependent inductive data-types in Coq further reading overview overview

3 identity function applications Definition natid : nat -> nat := fun n : nat => n. Definition boolid: bool -> bool := fun b : bool => b. Definition polyid : forall A : Set, A -> A := fun (A : Set) => fun (a : A) => a. polyid nat : nat -> nat polyid nat 0 polyid bool true Notation id := (polyid _). natlists and boollists in Coq polymorphic lists in Coq definition: Inductive natlist : Set := natnil : natlist natcons : nat -> natlist -> natlist. Inductive polylist (A:Set) : Set := polynil : (polylist A) polycons : A -> (polylist A) -> (polylist A). Inductive boollist : Set := boolnil : boollist boolcons : bool -> boollist -> boollist. types (use Check): polylist : Set -> Set polynil : forall A : Set, polylist A polycons : forall A : Set, A -> polylist A -> polylist A

4 instantiation by application slightly more efficient notation polylist nat : Set polynil nat : polylist nat polycons nat : nat -> polylist nat -> polylist nat polycons nat 2 (polycons nat 1 (polynil nat)) polycons bool true (polycons bool false (polynil bool)) Notation ni := (polynil _). Notation co := (polycons _). then we can write the following: Check (co 2 (co 1 ni)). Check (co true (co false ni)). type constructor for dependent lists function on natlists in Coq inductive definition of dependent natlists: Inductive natlist_dep : nat -> Set := nil_dep : natlist_dep 0 cons_dep : forall n : nat, nat -> natlist_dep n -> natlist_dep (S n). the type of the type constructor: natlist_dep : nat -> Set : Type Fixpoint natlength (l:natlist) {struct l} : nat := match l with natnil => O natcons h t => S (natlength t) end.

5 function on polymorphic lists in Coq dependent types versus polymorphism Fixpoint polylength (A:Set)(l:(polylist A)){struct l} : nat := match l with polynil => O polycons h t => S (polylength A t) end. dependent types types may depend on terms natlistdep n polymorphic types terms may depend on types polyid nat dependent types versus polymorphism inductive data-type for lists dependent types functions and quantifications over elements of a type λx : nat. x Πx:nat. natlistdep x polymorphic types functions and quantification over types λa :. λx : a. x Πa:. a a Inductive natlist : Set := natnil : natlist natcons : nat -> natlist -> natlist. Inductive boollist : Set := boolnil : boollist boolcons : bool -> boollist -> boollist. Inductive polylist (X : Set) : Set := polynil : polylist X polycons : X -> polylist X -> polylist X.

6 instantiation polymorphic types using application Coq < Check polyid nat. polyid nat : nat -> nat Coq < Check polylist nat. polylist nat : Set polymorphic identity in lambda2: λa :. λx : a. x : Πa:. a a polymorphic identity in Coq: Definition polyid : forall A : Set, A -> A := fun (A : Set) => fun (a : A) => a. polymorphic data-type for lists in Coq: Inductive polylist (X : Set) : Set := polynil : polylist X polycons : X -> polylist X -> polylist X. schema zeroes decidability polymorphism in Coq dependent inductive data-types in Coq further reading overview overview definition in Coq: Fixpoint zeroes (n:nat) : natlist := match n with O => nil S p => cons O (zeroes p) end. using Eval compute we find: (zeroes 0) = nil : natlist (zeroes 1) = cons 0 nil : natlist (zeroes 2) = cons 0 (cons 0 nil) : natlist

7 the type of zeroes the type of zeroes: more information the type of the function: zeroes : nat -> natlist use of the application rule (as before): zeroes : nat natlist 3 : nat zeroes 3 (zeroes 0) is a natlist of length 0 (zeroes 1) is a natlist of length 1 (zeroes 2) is a natlist of length 2 (zeroes n) is a natlist of length n type constructor for dependent lists type constructor for dependent lists: type inductive definition of dependent natlists: Inductive natlist_dep : nat -> Set := nil_dep : natlist_dep 0 cons_dep : forall n : nat, nat -> natlist_dep n -> natlist_dep (S n). the type of the type constructor: natlist_dep : nat -> Set : Type the type of the type constructor: natlist_dep : nat -> Set : Type use of the application rule (as before): natlistdep : nat Set 3 : nat natlistdep 3 : Set

8 dependent types in Coq: example inductive definition of dependent zeroes: Fixpoint zeroes_dep (n:nat) : natlist_dep n := match n return natlist_dep n with O => nil_dep S p => cons_dep p O (zeroes_dep p) end. the type of the function: zeroes_dep : forall n : nat, natlist_dep n using Eval compute we find: (zeroes_dep 0) = nil_dep : natlist_dep 0 (zeroes_dep 1) = cons_dep 0 0 nil_dep : natlist_dep 1 (zeroes_dep 2) = cons_dep 1 0 (cons_dep 0 0 nil_dep) : natlist_dep 2 dependent zeroes: type the type of the function: zeroes_dep : forall n : nat, natlist_dep n (new) use of the application rule: zeroesdep : foralln : nat, natlistdepn 3 : nat zeroesdep 3 : natlistdep3 function types: non-dependent and dependent length of dependent lists: definitions non-dependent function type (as before): nat -> natlist dependent function type (new): forall n : nat, natlist_dep n uniform presentation for both: forall n:nat, natlist forall n : nat, natlist_dep n an easy definition: Definition length_dep (n : nat) (l : natlist_dep n) := n. another definition: Definition length_dep_b (n : nat) (l : natlist_dep n) : nat := match l with nil_dep => 0 cons_dep n h t => S n end.

9 append of dependent lists: definition dependent types in Coq Fixpoint append_dep (n : nat) (k : natlist_dep n) (m : nat)(l : natlist_dep m) {struct k} : natlist_dep (n + m) := match k in (natlist_dep n) return (natlist_dep (n + m)) with nil_dep => l cons_dep p h t => cons_dep (p + m) h (append_dep p t m l) end. datatype and (data)type constructor in Set: natlist : Set natlist_dep : nat -> Set proposition and predicate ( proposition constructor ) in Prop: True : Prop even : nat -> Prop we need to compute inside types examples schema decidability O : nat : Set : Type fun x:nat x : nat nat : Set : Type nil : natlist : Set : Type nildep : natlistdep O : Set : Type natlistdep : nat Set : Type polymorphism in Coq dependent inductive data-types in Coq further reading overview overview

10 further reading decidability issues Girard Reynolds normalization of F type inhabitation problem (TIP) Γ? : A decidable in λ, undecidable in λp and in λ2 type checking problem (TCP) Γ P : A? decidable in λ, in λp, in λ2 type synthesis problem (TSP) or typability problem Γ P :? decidable in λ, in λp, in λ2 big projects in proof checking compcert by Xavier Leroy et al using Coq logical verification lecture overview four colour theorem by Georges Gonthier using Coq flyspeck project by Thomas Hales et al using HOL verificard by the Münich theorem proving group using Isabelle

11 Curry-Howard-De Bruijn isomorphism Curry-Howard-De Bruijn isomorphism formulas as types proofs as terms prop1 λ pred1 λp prop2 λ2 logic and lambda calculus logic formulas proofs proof rules provability proof checking types terms typing rules inhabitation type checking prop1 pred1 prop1 prop2 minimal intuitionistic classical

12 formulas formulas in Coq prop1 pred1 prop2 a A B x. B + a. B + a A B x. B a. B a A B forall x:terms, B forall a:prop, B proof rules proofs in minimal logic prop1 pred1 prop2 introduction rules and elimination rules I [x] E I (terms) + E (terms) + I (prop) + E (prop) +

13 proofs in intuitionistic logic proofs in intuitionistic logic prop1 pred1 prop2 I E I E E prop1 pred1 prop2 I (terms) + E (terms) + I (prop) + E (prop) + detour logic: possible questions tautology introduction rule for a connective immediately followed by an elimination rule for the same connective correctness detours encodings in prop2

14 examples formulas as types in prop1 λ : A (A B) B in pred1 λp: ( x. P(x) Q(x)) P(M) Q(M) in prop2 λ2: a b. ((a b) b) a A B x. B a. B a Πx:A. B Πx:Terms. B Πa:. B proofs as terms implication introduction and abstraction B A B Γ, x : A b : B Γ A B : Γ λx : A. b : A B proof rules correspond to typing rules prop1 λ pred1 λp prop2 λ2

15 implication elimination and application quantification introduction and abstraction A B B A Γ P : A B Γ a : A Γ (P a) : B B x. B Γ, x : Terms b : B Γ Πa:Terms. B : Γ λa : Terms. b : Πa:Terms. B prop1 λ pred1 λp prop2 λ2 pred1 λp quantification elimination and application quantification elimination and application x. B B[x := M] Γ P : Πx:Terms. B Γ M : Terms Γ (P M) : B[x := M] a. B B[a := A] Γ P : Πa:. B Γ A : Γ (P A) : B[a := A] pred1 λp prop2 λ2

16 lambda calculus the lambda cube λ λp λ λ2 inductive definitions: data-types and predicates terms and simple types terms and types general A ::= a A A M ::= x λx : A. M (M M) M ::= x Πx : M. M λx : M. M (M M)

17 term normalization three product rules β-reduction rule: (λx : A. M) N β M[x := N] β-reduction step: application of the rule in a context β-reduction: a sequence of β-reduction steps λ, λp, λ2: Γ A : Γ, x : A B : Γ Πx:A. B : only λp: Γ A : Γ, x : A B : Γ Πx:A. B : only λ2: Γ A : Γ, x : A B : Γ Πx:A. B : lambda: possible questions decidability issues typing derivation (for λ ) terms typing rules inhabitants encodings type checking problem (TCP) Γ P : A? type inhabitation problem (TIP) Γ? : A type synthesis problem (TSP) or typability problem Γ P :?

18 decidability inductive datatype: example λ λp λ2 TCP TIP + TSP + Inductive natlist : Set := natnil : natlist natcons : nat -> natlist -> natlist. typing following the product rule for λ : nat -> natlist -> natlist : Set family of inductive datatypes: example family of inductive datatypes: example Inductive natlist_dep : nat -> Set := nil_dep : natlist_dep 0 cons_dep : forall n : nat, nat -> natlist_dep n -> natlist_dep (S n). typing following the product rule for λp: nat -> Set : Type Inductive polylist (X : Set) : Set := polynil : polylist X polycons : X -> polylist X -> polylist X. typing following the product rule for λ2: forall X : Set, polylist X : Type