Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Interactive Computer Theorem Proving CS294-9 September 14, 2006 Adam Chlipala UC Berkeley Lecture 4: Inductively- Defined Predicates.

Published byEverett Cummings Modified over 7 years ago

Similar presentations

Presentation on theme: "1 Interactive Computer Theorem Proving CS294-9 September 14, 2006 Adam Chlipala UC Berkeley Lecture 4: Inductively- Defined Predicates."— Presentation transcript:

1 1 Interactive Computer Theorem Proving CS294-9 September 14, 2006 Adam Chlipala UC Berkeley Lecture 4: Inductively- Defined Predicates

2 2 Administrivia ● The course registration database has been updated so that you can change your units for this class to 1. – Stay at 3 units if you plan to do a class project for credit. – Otherwise, reduce to 1 unit. ● Resource links added to web site. ● Created Majordomo mailing list for the class (details to follow by e-mail) ● You can check HW1 yourself, so not being “handed back.” :-)

3 3 What Is “less than or equal to”? Fixpoint le_f (n m : nat) {struct n} : Prop := match n with | O => True | S n' => match m with | O => False | S m' => le_f n' m' end end. le_f 1 3 le_f 0 2 True le_f 3 1 le_f 2 0 False

4 4 Proving Transitivity ● Theorem: le_f n1 n2 -> le_f n2 n3 -> le_f n1 n3 ● Proof: By induction on n1. ● Case: n1 = 0. – le_f n1 n3 follows by computation. ● Case: n1 = S n1'. – By computation, n2 = S n2' with le_f n1' n2'. – From le_f (S n2') n3, we have n3 = S n3' with le_f n2' n3'. – By the IH, le_f n1' n3'. – By computation, le_f (S n1') (S n3').

5 5 Pros and Cons ● Pros – We used the same recursive function mechanism that's worked before. ● Cons – That was a fairly acrobatic proof for such a simple theorem! – How could we use this same approach to define what it means for a Turing machine to halt with a particular configuration?

6 6 Another “less than or equal to” n · nn · n le_n n · S mn · S m n · mn · m le_S 4 · 4 le_n 1 · 3 le_S 1 · 2 le_S 1 · 1 le_n 3 · 1 ? ?

7 7 Transitivity Again If P : n1 · n2 and Q : n2 · n3, then there exists R : n1 · n3. Proof: Induction on the structure of Q. Case: P : n1 · n2; Q = n2 · n2 le_n (n3 = n2) Answer: R = P Case: P : n1 · n2; Q = n2 · S n3' le_S Q' : n2 · n3' (n3 = S n3') IH: For any P' : n1 · n2, there exists R' : n1 · n3'. n1 · S n3' le_S R' (with P' := P) Answer: R =

8 8 A Comparison ● Computation proves many theorems atomically. ● Proofs follow the structure of the data type. ● The natural formulation only works for a limited subset of the computable functions. ● Explicit “logic programming” needed in all cases. ● Proofs follow the structure of your custom proof rules. ● Natural formulations work for expressing very uncomputable notions. FixpointInductive

9 9 Example: Turing Machines Let F be the set of final states. Let ) 1 be a binary relation expressing a single step. We want to define ), the state reachability relation. C ) CC ) C C ) C'' C ) 1 C' C' ) C'' 9 C', C' 2 F ^ C ) C' How do we express “a machine starting in configuration C terminates”? How is it that we got around the undecidability of this problem? Fixpoint run (n : nat) (C : config) {struct n} : Prop := match n with | O => F C | S n' => F C \/ run n' (s1 C) end. run 2 C F C \/ F (s1 C) \/ F (s1 (s1 C)) 9 n, run n C

10 10 Example: Sorted Lists sorted [] sorted [n] sorted (n :: m :: ls) sorted (m :: ls) n · mn · m We want to define what it means for a list nat to be sorted.

11 11 Sublists sublist [] [] sublist (n :: ls) (n :: ls') sublist ls ls' sublist (n :: ls) ls' sublist ls ls' We want to define what it means for one list to be a sublist of another. Example: [1], [1, 4], and [2, 3] are some sublists of [1, 2, 3, 4]. [3, 2] is not a sublist of [1, 2, 3, 4], because order matters.

12 12 A Theorem sorted [] sorted [n] sorted (n :: m :: ls) sorted (m :: ls) n · mn · m sublist [] [] sublist (n :: ls) (n :: ls') sublist ls ls' sublist (n :: ls) ls' sublist ls ls' If sorted ls and sublist ls ls' then sorted ls'.

13 13 Example: A Programming Language Interpreter n ::= O | S n b ::= true | false x ::= [variable] e ::= n | b | x | e + e | e = e c ::= skip | x := e | c; c | if e then c else c | while e do c

14 14 Conclusion ● Sample HW2 solution will be on the web site. ● HW3 is posted – Inductively-defined predicates involving lists ● Next lecture: Proofs as programs – Given by George, since I'll be out of town at the Workshop on Mechanizing Metatheory 1 – http://www.cis.upenn.edu/~sweirich/wmm/ 1 That means using computers to write proofs about programming languages.

Download ppt "1 Interactive Computer Theorem Proving CS294-9 September 14, 2006 Adam Chlipala UC Berkeley Lecture 4: Inductively- Defined Predicates."

Similar presentations

Proofs and Programs Wei Hu 11/01/2007. Outline  Motivation  Theory  Lambda calculus  Curry-Howard Isomorphism  Dependent types  Practice  Coq Wei.

Proofs and Programs Wei Hu 11/01/2007. Outline  Motivation  Theory  Lambda calculus  Curry-Howard Isomorphism  Dependent types  Practice  Coq Wei.
LING 388: Language and Computers Sandiway Fong Lecture 5: 9/5.

LING 388: Language and Computers Sandiway Fong Lecture 5: 9/5.
LING 388: Language and Computers Sandiway Fong Lecture 5: 9/8.

LING 388: Language and Computers Sandiway Fong Lecture 5: 9/8.
CS 461 – Nov. 9 Chomsky hierarchy of language classes –Review –Let’s find a language outside the TM world! –Hints: languages and TM are countable, but.

CS 461 – Nov. 9 Chomsky hierarchy of language classes –Review –Let’s find a language outside the TM world! –Hints: languages and TM are countable, but.
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 11.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 11.
Nathan Brunelle Department of Computer Science University of Virginia www.cs.virginia.edu/~njb2b/theory Theory of Computation CS3102 – Spring 2014 A tale.

Nathan Brunelle Department of Computer Science University of Virginia Theory of Computation CS3102 – Spring 2014 A tale.
INHERENT LIMITATIONS OF COMPUTER PROGRAMS CSci 4011.

INHERENT LIMITATIONS OF COMPUTER PROGRAMS CSci 4011.
1 Introduction to Computability Theory Lecture15: Reductions Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture15: Reductions Prof. Amos Israeli.
Prof. Busch - LSU1 Decidable Languages. Prof. Busch - LSU2 Recall that: A language is Turing-Acceptable if there is a Turing machine that accepts Also.

Prof. Busch - LSU1 Decidable Languages. Prof. Busch - LSU2 Recall that: A language is Turing-Acceptable if there is a Turing machine that accepts Also.
Model Checking Lecture 5. Outline 1 Specifications: logic vs. automata, linear vs. branching, safety vs. liveness 2 Graph algorithms for model checking.

Model Checking Lecture 5. Outline 1 Specifications: logic vs. automata, linear vs. branching, safety vs. liveness 2 Graph algorithms for model checking.
Computability and Complexity 19-1 Computability and Complexity Andrei Bulatov Non-Deterministic Space.

Computability and Complexity 19-1 Computability and Complexity Andrei Bulatov Non-Deterministic Space.
Fall 2003Costas Busch - RPI1 Decidability. Fall 2003Costas Busch - RPI2 Recall: A language is decidable (recursive), if there is a Turing machine (decider)

Fall 2003Costas Busch - RPI1 Decidability. Fall 2003Costas Busch - RPI2 Recall: A language is decidable (recursive), if there is a Turing machine (decider)
Self-Reference - Induction Cmput 115 - Lecture 7 Department of Computing Science University of Alberta ©Duane Szafron 1999 Some code in this lecture is.

Self-Reference - Induction Cmput Lecture 7 Department of Computing Science University of Alberta ©Duane Szafron 1999 Some code in this lecture is.
Programming Language Semantics Mooly SagivEran Yahav Schrirber 317Open space 03-640-760603-640-5358 html://www.cs.tau.ac.il/~msagiv/courses/sem03.html.

Programming Language Semantics Mooly SagivEran Yahav Schrirber 317Open space html://
1 The Chomsky Hierarchy. 2 Unrestricted Grammars: Rules have form String of variables and terminals String of variables and terminals.

1 The Chomsky Hierarchy. 2 Unrestricted Grammars: Rules have form String of variables and terminals String of variables and terminals.
Fall 2004COMP 3351 The Chomsky Hierarchy. Fall 2004COMP 3352 Non-recursively enumerable Recursively-enumerable Recursive Context-sensitive Context-free.

Fall 2004COMP 3351 The Chomsky Hierarchy. Fall 2004COMP 3352 Non-recursively enumerable Recursively-enumerable Recursive Context-sensitive Context-free.
Fall 2004COMP 3351 Reducibility. Fall 2004COMP 3352 Problem is reduced to problem If we can solve problem then we can solve problem.

Fall 2004COMP 3351 Reducibility. Fall 2004COMP 3352 Problem is reduced to problem If we can solve problem then we can solve problem.
Linear Bounded Automata LBAs

Linear Bounded Automata LBAs
Homework #9 Solutions.

Homework #9 Solutions.
1 Decidability continued. 2 Undecidable Problems Halting Problem: Does machine halt on input ? State-entry Problem: Does machine enter state halt on input.

1 Decidability continued. 2 Undecidable Problems Halting Problem: Does machine halt on input ? State-entry Problem: Does machine enter state halt on input.

Similar presentations

Ads by Google