importing hol-light into coq...embedding the higher rdero logic into coq presentation what we want:...

Outlines

Importing HOL-Light into Coq

Deep and shallow embeddings of the higher order logic into Coq

Work in progress

Chantal Keller Bejamin [email protected] [email protected]

ÉNS Lyon - INRIA Saclay - LIX

2009 Types meeting

Chantal Keller [email protected] ÉNS Lyon - INRIA Saclay - LIX

Importing HOL-Light into Coq 1 / 24

[email protected]

[email protected]

[email protected]

Outlines

Introduction

What:

long term: importing HOL-Light theorems and proofs into Coq

short term:

encoding the Higher Order Logic into Coq

de�ning and exporting HOL-Light proof terms

Why:

theoretical interest

analysis libraries

veri�cation of HOL-Light into Coq



[email protected]

Outlines

Double embedding

Deep embedding (data-type to represent types and terms):

reasoning by induction over the structure

simple

compact

Shallow embedding (using Coq types and terms):

using the Coq features

obtaining Coq propositions

↪→ translation function from deep to shallow



[email protected]

Outlines

Idea

HOL−Light

theorem

encoded

proof term

proof of P

Coq proposition Ptra

nslatio

n

function

Coq +

classical axioms

HOL−Light +

proof recording

export



[email protected]

Outlines

Outlines

1 A short presentation of HOL-Light

2 Embedding the higher order logic into Coq

3 Recording and exporting HOL-Light proof terms

4 Conclusion and perspectives



[email protected]

A short presentation of HOL-Light

Part I




[email protected]


HOL-Light

HOL-Light:

proof assistant written by John Harrison et al.

in an OCaml top-level

higher order classical logic

automated tools and pre-proved theorems

programmable without compromising soundness

simpler logical kernel than HOL



[email protected]


Types and terms

Logical framework:

simply-typed λ-calculus

terms and type variables and constants

polymorphism: type schemes

all the types must be inhabited

theorem: term of type bool under the hypotheses of other

terms of type bool

no proof terms

Example: |− !x:A. ?y:A. x = y



[email protected]


Remarks

Example of an inference rule:

Γ ` p ⇔ q ∆ ` pΓ ∪∆ ` q

where ⇔ is =bool

Constants:

main type constants: bool and −>

main term constants: = : A −> A −> bool and

ε : (A −> bool)−> A (choice operator)

possibility to de�ne new constants



[email protected]

Embedding the higher order logic into Coq

Part II




[email protected]


Presentation

What we want:

deep and shallow embeddings

translation function from deep to shallow

HOL-Light inference rules

proof of correctness of these inference rules with respect to

semantics

Carrying out:

inductive Coq data-types type and term

a translation function sem_term that maps any term of type Bool

onto a term of type Prop (in particular)

inductive data-type deriv : set term −> term −> Prop

a proof of: forall G p, deriv G p −> has_sem G −> has_sem p



[email protected]


Types

Inductive data-type type:

Bool ∈ type Num ∈ type

X ∈ idT

TVar X ∈ type

C ∈ defT T1, . . . ,Tn ∈ type

TDef C [T1; . . . ;Tn] ∈ type

A,B ∈ type

A −→ B ∈ type

idT, defT two sets.



[email protected]


Constants

Inductive data-type cst:

Hand ∈ cst Hor ∈ cst Himp ∈ cst Hnot ∈ cst

Htrue ∈ cst Hfalse ∈ cst

A ∈ type

Heq A ∈ cst

A ∈ type

Heps A ∈ cst

A ∈ type

Hforall A ∈ cst

A ∈ type

Hexists A ∈ cst



[email protected]


Terms

Inductive data-type term:

c ∈ cst

Cst c ∈ term

n ∈ NDbr n ∈ term

x ∈ idV A ∈ type

Var x A ∈ term

c ∈ defV C ∈ type

Def c C ∈ term

u, v ∈ term

App u v ∈ term

A ∈ type u ∈ term

Abs A u ∈ term

idV, defV two sets



[email protected]


Translation

General idea:

types: interface between syntax and semantics

translation of a type: |T |

?

|A −→ B|

?

≡ |A|

?

→ |B|

?

translation of a term (using dependent types):

∀t,T , t : T → |T |

?

a De Bruijn context

interpretation functions for variables and de�nitions

Code



[email protected]


Translation

General idea:

types: interface between syntax and semantics

translation of a type: |T |?

|A −→ B|? ≡ |A|? → |B|?

translation of a term (using dependent types):

∀t,T , t : T → |T |?

a De Bruijn context

interpretation functions for variables and de�nitions

Code



[email protected]


Inference rules

General idea:

inductive data-type deriv : set term −> term −> Prop

a proof of: forall G p, deriv G p −> has_sem G −> has_sem p

has_sem p:

p is locally closed

p:Bool

the translation of p is a correct proposition

Code



[email protected]


Example

|− !x:A. ?y:A. x = y

` x =A xREFL ‘x ‘

` ∃y : A. x =A yEXISTS ‘∃y : A. x =A y ‘ ‘x ‘

` ∀x : A. ∃y : A. x =A yGEN ‘x ‘

Code



[email protected]

Recording and exporting HOL-Light proof terms

Part III




[email protected]


Proof-recording system by S. Obua

Challenge:

compact proofs

short recording time

Solution:

granularity

Statistics:

recording the basic HOL-Light proofs (1694 theorems): 3min



[email protected]


Exporting

Challenge:

small �les

small number of �les

Solution:

sharing (proofs, types and terms. . . )

Statistics:

exporting the basic HOL-Light proofs (1694 theorems):

14min

191652 '.v' �les

2.2 Gb



[email protected]

Conclusion and perspectives

Part IV




[email protected]


Conclusion

HOL-Light:

recording proof terms

export proofs

Coq:

Coq representation of HOL-Light data-types

standard lemmas (substitution. . . )

translation function

Coq representation of HOL-Light inference rules

proof of correctness



[email protected]


Perspectives

Perspectives:

�nish the interface and the proofs

deal with inhabited types, de�nitions, axioms

more e�cient Coq data-types

more e�cient exportation and smaller proof terms

user interface

scaling up



[email protected]

Thank you for your attention!

Any questions?



[email protected]

importing hol-light into coq...embedding the higher rdero logic into coq presentation what we want:...

Documents