Download Complete Sequent Calculi for Induction and Infinite Descent

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
page
52
page
53
page
54
page
55
page
56
page
57
page
58
page
59
page
60
page
61
page
62
page
63
page
64
page
65
page
66
page
67
page
68
page
69
page
70
page
71
page
72
Document related concepts

Turing's proof wikipedia , lookup

Infinitesimal wikipedia , lookup

Foundations of mathematics wikipedia , lookup

Model theory wikipedia , lookup

History of logic wikipedia , lookup

Laws of Form wikipedia , lookup

Gödel's incompleteness theorems wikipedia , lookup

Argument wikipedia , lookup

Infinity wikipedia , lookup

List of first-order theories wikipedia , lookup

Georg Cantor's first set theory article wikipedia , lookup

Quantum logic wikipedia , lookup

Interpretation (logic) wikipedia , lookup

New riddle of induction wikipedia , lookup

Peano axioms wikipedia , lookup

Non-standard analysis wikipedia , lookup

Combinatory logic wikipedia , lookup

Propositional calculus wikipedia , lookup

Intuitionistic logic wikipedia , lookup

First-order logic wikipedia , lookup

Non-standard calculus wikipedia , lookup

Mathematical logic wikipedia , lookup

Inquiry wikipedia , lookup

Law of thought wikipedia , lookup

Theorem wikipedia , lookup

Curry–Howard correspondence wikipedia , lookup

Mathematical proof wikipedia , lookup

Natural deduction wikipedia , lookup

Transcript 
Complete Sequent Calculi for Induction
and Infinite Descent
James Brotherston
Programming Principles, Logic and Verification Group
Dept. of Computer Science
University College London, UK
[email protected]
Leeds Logic Seminar, 17 February 2016
1/ 26
Introduction
• We investigate and compare two related styles of inductive
reasoning:
2/ 26
Introduction
• We investigate and compare two related styles of inductive
reasoning:
1. explicit rule induction over definitions;
2/ 26
Introduction
• We investigate and compare two related styles of inductive
reasoning:
1. explicit rule induction over definitions;
2. infinite descent à la Fermat.
2/ 26
Introduction
• We investigate and compare two related styles of inductive
reasoning:
1. explicit rule induction over definitions;
2. infinite descent à la Fermat.
• We work in first-order logic with inductive definitions.
2/ 26
Introduction
• We investigate and compare two related styles of inductive
reasoning:
1. explicit rule induction over definitions;
2. infinite descent à la Fermat.
• We work in first-order logic with inductive definitions.
• We formulate and compare proof-theoretic foundations of
thes two styles of reasoning above, using Gentzen-style
sequent calculus proof systems.
2/ 26
Part I
Inductive definitions in first-order logic
3/ 26
First-order logic with inductive definitions (FOLID )
• We extend standard first-order logic with a schema for
inductive definitions.
4/ 26
First-order logic with inductive definitions (FOLID )
• We extend standard first-order logic with a schema for
inductive definitions.
• Our inductive rules are each of the form:
P1 (t1 (x)) . . . Pm (tm (x)) ⇒ P (t(x))
where P, P1 , . . . , Pm are predicate symbols.
4/ 26
First-order logic with inductive definitions (FOLID )
• We extend standard first-order logic with a schema for
inductive definitions.
• Our inductive rules are each of the form:
P1 (t1 (x)) . . . Pm (tm (x)) ⇒ P (t(x))
where P, P1 , . . . , Pm are predicate symbols.
• E.g., define N, E, O, R+ (natural nos; even/odd nos;
transitive closure of R) by rules
⇒ N0
N x ⇒ N sx
⇒ E0
Ox ⇒ Esx
Ex ⇒ Osx
4/ 26
Rxy ⇒ R+ xy
⇒ R+ xz
R+ xy, R+ yz
Standard models of FOLID
• The inductive rules determine a monotone operator ϕΦ on
any first-order structure M .
5/ 26
Standard models of FOLID
• The inductive rules determine a monotone operator ϕΦ on
any first-order structure M . E.g., for N :
ϕΦN (X) = {0M } ∪ {sM x | x ∈ X}
• In standard models, P M is the least prefixed point of the
corresponding operator.
5/ 26
Standard models of FOLID
• The inductive rules determine a monotone operator ϕΦ on
any first-order structure M . E.g., for N :
ϕΦN (X) = {0M } ∪ {sM x | x ∈ X}
• In standard models, P M is the least prefixed point of the
corresponding operator.
• This least prefixed point can be approached via a sequence
(ϕαΦ ) of approximants.
5/ 26
Standard models of FOLID
• The inductive rules determine a monotone operator ϕΦ on
any first-order structure M . E.g., for N :
ϕΦN (X) = {0M } ∪ {sM x | x ∈ X}
• In standard models, P M is the least prefixed point of the
corresponding operator.
• This least prefixed point can be approached via a sequence
(ϕαΦ ) of approximants. E.g. for N we have:
ϕ0ΦN = ∅, ϕ1ΦN = {0M }, ϕ2ΦN = {0M , sM 0M }, . . .
5/ 26
Henkin models of FOLID
• We can also give non-standard interpretations to the
inductive predicates of the language, in so-called Henkin
models.
6/ 26
Henkin models of FOLID
• We can also give non-standard interpretations to the
inductive predicates of the language, in so-called Henkin
models.
• A class of sets H over a first order structure M is a Henkin
class if, roughly speaking, every first-order-definable
relation is interpretable inside it.
6/ 26
Henkin models of FOLID
• We can also give non-standard interpretations to the
inductive predicates of the language, in so-called Henkin
models.
• A class of sets H over a first order structure M is a Henkin
class if, roughly speaking, every first-order-definable
relation is interpretable inside it.
• (M, H) is a Henkin model if the least prefixed point of ϕΦ
exists inside H; we define P M to be this point.
6/ 26
Part II
Sequent calculus for explicit induction
7/ 26
LKID: a sequent calculus for induction in FOLID
Extend the usual sequent calculus LKe for classical first-order
logic with equality by adding rules for inductive predicates.
8/ 26
LKID: a sequent calculus for induction in FOLID
Extend the usual sequent calculus LKe for classical first-order
logic with equality by adding rules for inductive predicates.
E.g., right-introduction rules for N are:
Γ ⊢ N 0, ∆
Γ ⊢ N t, ∆
(N R1 )
Γ ⊢ N st, ∆
8/ 26
(N R2 )
LKID: a sequent calculus for induction in FOLID
Extend the usual sequent calculus LKe for classical first-order
logic with equality by adding rules for inductive predicates.
E.g., right-introduction rules for N are:
Γ ⊢ N 0, ∆
Γ ⊢ N t, ∆
(N R1 )
Γ ⊢ N st, ∆
(N R2 )
The left-introduction rule embodies rule induction:
Γ ⊢ F 0, ∆
Γ, F x ⊢ F sx, ∆
Γ, N t ⊢ ∆
8/ 26
Γ, F t ⊢ ∆
(x fresh) (Ind N )
LKID: a sequent calculus for induction in FOLID
Extend the usual sequent calculus LKe for classical first-order
logic with equality by adding rules for inductive predicates.
E.g., right-introduction rules for N are:
Γ ⊢ N 0, ∆
Γ ⊢ N t, ∆
(N R1 )
Γ ⊢ N st, ∆
(N R2 )
The left-introduction rule embodies rule induction:
Γ ⊢ F 0, ∆
Γ, F x ⊢ F sx, ∆
Γ, N t ⊢ ∆
Γ, F t ⊢ ∆
(x fresh) (Ind N )
NB. Mutual definitions give rise to mutual induction rules.
8/ 26
Results about LKID
Proposition (Soundness)
Any LKID-provable sequent is valid in all Henkin models.
9/ 26
Results about LKID
Proposition (Soundness)
Any LKID-provable sequent is valid in all Henkin models.
Theorem (Completeness)
Any sequent valid in all Henkin models is cut-free provable in
LKID.
9/ 26
Results about LKID
Proposition (Soundness)
Any LKID-provable sequent is valid in all Henkin models.
Theorem (Completeness)
Any sequent valid in all Henkin models is cut-free provable in
LKID.
• Supposing Γ ⊢ ∆ not provable, we use a uniform infinitary
search procedure to build an unprovable limit sequent
Γω ⊢ ∆ ω .
9/ 26
Results about LKID
Proposition (Soundness)
Any LKID-provable sequent is valid in all Henkin models.
Theorem (Completeness)
Any sequent valid in all Henkin models is cut-free provable in
LKID.
• Supposing Γ ⊢ ∆ not provable, we use a uniform infinitary
search procedure to build an unprovable limit sequent
Γω ⊢ ∆ ω .
• We then use this limit sequent to define a syntactic
countermodel for Γ ⊢ ∆.
9/ 26
Results about LKID
Proposition (Soundness)
Any LKID-provable sequent is valid in all Henkin models.
Theorem (Completeness)
Any sequent valid in all Henkin models is cut-free provable in
LKID.
• Supposing Γ ⊢ ∆ not provable, we use a uniform infinitary
search procedure to build an unprovable limit sequent
Γω ⊢ ∆ ω .
• We then use this limit sequent to define a syntactic
countermodel for Γ ⊢ ∆.
• (We need to define a Henkin class and deal with inductive
predicates though.)
9/ 26
Cut-elimination in LKID
Corollary
Any LKID-provable sequent is provable without cut.
10/ 26
Cut-elimination in LKID
Corollary
Any LKID-provable sequent is provable without cut.
This is contrary to the popular myth that cut-elimination is
impossible in the presence of induction.
10/ 26
Cut-elimination in LKID
Corollary
Any LKID-provable sequent is provable without cut.
This is contrary to the popular myth that cut-elimination is
impossible in the presence of induction. In fact, the real
limitation is that the subformula property is not achievable.
10/ 26
Cut-elimination in LKID
Corollary
Any LKID-provable sequent is provable without cut.
This is contrary to the popular myth that cut-elimination is
impossible in the presence of induction. In fact, the real
limitation is that the subformula property is not achievable.
Proposition
The eliminability of cut in LKID implies the consistency of
Peano arithmetic.
10/ 26
Cut-elimination in LKID
Corollary
Any LKID-provable sequent is provable without cut.
This is contrary to the popular myth that cut-elimination is
impossible in the presence of induction. In fact, the real
limitation is that the subformula property is not achievable.
Proposition
The eliminability of cut in LKID implies the consistency of
Peano arithmetic.
Hence there is no elementary proof of cut-eliminability in LKID.
10/ 26
Part III
Sequent calculus for infinite descent
11/ 26
LKIDω : a proof system for infinite descent in FOLID
• Rules are as for LKID except the induction rules are
replaced by weaker case-split rules.
12/ 26
LKIDω : a proof system for infinite descent in FOLID
• Rules are as for LKID except the induction rules are
replaced by weaker case-split rules. E.g. for N :
Γ, t = 0 ⊢ ∆ Γ, t = sx, N x ⊢ ∆
Γ, N t ⊢ ∆
12/ 26
(x fresh) (Case N )
LKIDω : a proof system for infinite descent in FOLID
• Rules are as for LKID except the induction rules are
replaced by weaker case-split rules. E.g. for N :
Γ, t = 0 ⊢ ∆ Γ, t = sx, N x ⊢ ∆
Γ, N t ⊢ ∆
(x fresh) (Case N )
• Pre-proofs are infinite (non-well-founded) derivation trees.
12/ 26
LKIDω : a proof system for infinite descent in FOLID
• Rules are as for LKID except the induction rules are
replaced by weaker case-split rules. E.g. for N :
Γ, t = 0 ⊢ ∆ Γ, t = sx, N x ⊢ ∆
Γ, N t ⊢ ∆
(x fresh) (Case N )
• Pre-proofs are infinite (non-well-founded) derivation trees.
• For soundness we need to impose an additional condition
on pre-proofs.
12/ 26
Traces
• A trace following a path in an LKIDω pre-proof tracks an
inductive predicate occurring on the left of the sequents on
the path.
13/ 26
Traces
• A trace following a path in an LKIDω pre-proof tracks an
inductive predicate occurring on the left of the sequents on
the path.
• A trace progresses when the inductive predicate is unfolded
using its case-split rule.
13/ 26
Traces
• A trace following a path in an LKIDω pre-proof tracks an
inductive predicate occurring on the left of the sequents on
the path.
• A trace progresses when the inductive predicate is unfolded
using its case-split rule.
• A pre-proof is a proof if, for every infinite path in it, there
is an infinitely progressing trace following some tail of the
path.
13/ 26
A sample proof
(etc.)
..
.
N x1 ⊢ Ex1 , Ox1
⊢ E0, O0
(ER1 )
x0 = 0 ⊢ Ex0 , Ox0
(=L)
(Case N )
N x1 ⊢ Ox1 , Osx1
N x1 ⊢ Esx1 , Osx1
(OR1 )
(ER2 )
x0 = sx1 , N x1 ⊢ Ex0 , Ox0
N x0 ⊢ Ex0 , Ox0
14/ 26
(=L)
(Case N )
A sample proof
(etc.)
..
.
N x1 ⊢ Ex1 , Ox1
⊢ E0, O0
(ER1 )
x0 = 0 ⊢ Ex0 , Ox0
(=L)
(Case N )
N x1 ⊢ Ox1 , Osx1
N x1 ⊢ Esx1 , Osx1
(OR1 )
(ER2 )
x0 = sx1 , N x1 ⊢ Ex0 , Ox0
N x0 ⊢ Ex0 , Ox0
(=L)
(Case N )
Continuing the expansion of the right branch, the formulas in
red form an infinitely progressing trace, so the pre-proof thus
obtained is indeed an LKIDω proof.
14/ 26
LKIDω : soundness
Proposition
Any LKIDω -provable sequent is valid in all standard models.
15/ 26
LKIDω : soundness
Proposition
Any LKIDω -provable sequent is valid in all standard models.
Roughly:
• Suppose Γ ⊢ ∆ is not valid. Since rules are locally sound,
there must be an infinite path in the pre-proof consisting of
invalid sequents.
15/ 26
LKIDω : soundness
Proposition
Any LKIDω -provable sequent is valid in all standard models.
Roughly:
• Suppose Γ ⊢ ∆ is not valid. Since rules are locally sound,
there must be an infinite path in the pre-proof consisting of
invalid sequents.
• By the soundness condition, there is an infinitely
progressing trace of this path following some predicate P
say.
15/ 26
LKIDω : soundness
Proposition
Any LKIDω -provable sequent is valid in all standard models.
Roughly:
• Suppose Γ ⊢ ∆ is not valid. Since rules are locally sound,
there must be an infinite path in the pre-proof consisting of
invalid sequents.
• By the soundness condition, there is an infinitely
progressing trace of this path following some predicate P
say.
• But then we can construct an infinite descending chain of
ordinals based on the approximants of P , contradiction.
15/ 26
Completeness of LKIDω
Theorem
Any sequent valid in all standard models has a cut-free proof in
LKIDω .
16/ 26
Completeness of LKIDω
Theorem
Any sequent valid in all standard models has a cut-free proof in
LKIDω .
• Given Γ ⊢ ∆ (not provable), we construct an infinite
derivation tree corresponding to an exhaustive search for a
proof of it.
16/ 26
Completeness of LKIDω
Theorem
Any sequent valid in all standard models has a cut-free proof in
LKIDω .
• Given Γ ⊢ ∆ (not provable), we construct an infinite
derivation tree corresponding to an exhaustive search for a
proof of it.
• Either the tree gets stuck at some node which we call
Γω ⊢ ∆ω , or else some branch fails the trace condition, in
which case Γω ⊢ ∆ω is the “limit union” of the sequents
along this branch.
16/ 26
Completeness of LKIDω
Theorem
Any sequent valid in all standard models has a cut-free proof in
LKIDω .
• Given Γ ⊢ ∆ (not provable), we construct an infinite
derivation tree corresponding to an exhaustive search for a
proof of it.
• Either the tree gets stuck at some node which we call
Γω ⊢ ∆ω , or else some branch fails the trace condition, in
which case Γω ⊢ ∆ω is the “limit union” of the sequents
along this branch.
• Either way, we show Γω ⊢ ∆ω is not provable (this uses the
trace condition).
16/ 26
Completeness of LKIDω
Theorem
Any sequent valid in all standard models has a cut-free proof in
LKIDω .
• Given Γ ⊢ ∆ (not provable), we construct an infinite
derivation tree corresponding to an exhaustive search for a
proof of it.
• Either the tree gets stuck at some node which we call
Γω ⊢ ∆ω , or else some branch fails the trace condition, in
which case Γω ⊢ ∆ω is the “limit union” of the sequents
along this branch.
• Either way, we show Γω ⊢ ∆ω is not provable (this uses the
trace condition).
• Thus we can use Γω ⊢ ∆ω to construct a syntactic
counter-model (the inductive predicate case also uses the
16/ 26
trace condition).
Eliminability of cut
Corollary
Any LKIDω -provable sequent also has a cut-free LKIDω proof.
17/ 26
Eliminability of cut
Corollary
Any LKIDω -provable sequent also has a cut-free LKIDω proof.
Unlike in LKID, cut-free proofs in LKIDω enjoy a property akin
to the subformula property, which seems close to the spirit of
Girard’s “purity of methods”.
17/ 26
Part IV
Cyclic proofs by infinite descent
18/ 26
CLKIDω : a cyclic subsystem of LKIDω
• The infinitary system LKIDω is clearly unsuitable for
formal reasoning!
19/ 26
CLKIDω : a cyclic subsystem of LKIDω
• The infinitary system LKIDω is clearly unsuitable for
formal reasoning!
• Indeed, completeness for standard validity implies that
there is no complete enumeration of LKIDω proofs.
19/ 26
CLKIDω : a cyclic subsystem of LKIDω
• The infinitary system LKIDω is clearly unsuitable for
formal reasoning!
• Indeed, completeness for standard validity implies that
there is no complete enumeration of LKIDω proofs.
• However, the restriction of LKIDω to proofs given by
regular trees, which we call CLKIDω , is a natural one that
is suitable for formal reasoning.
19/ 26
CLKIDω : a cyclic subsystem of LKIDω
• The infinitary system LKIDω is clearly unsuitable for
formal reasoning!
• Indeed, completeness for standard validity implies that
there is no complete enumeration of LKIDω proofs.
• However, the restriction of LKIDω to proofs given by
regular trees, which we call CLKIDω , is a natural one that
is suitable for formal reasoning.
• In this restricted system, every proof can be represented as
a finite (cyclic) graph.
19/ 26
Cyclic proofs
•
•
•
(Axiom)
• • ···•
•
•
20/ 26
(Inference)
A cyclic proof
N z ⊢ Oz, Ez (†)
N y ⊢ Oy, Ey
⊢ E0, O0
(ER1 )
N y ⊢ Oy, Osy
N y ⊢ Esy, Osy
N z ⊢ Ez, Oz (†)
21/ 26
(Subst)
(OR1 )
(ER2 )
(N L)
A cyclic proof
N z ⊢ Oz, Ez (†)
N y ⊢ Oy, Ey
⊢ E0, O0
(ER1 )
N y ⊢ Oy, Osy
N y ⊢ Esy, Osy
N z ⊢ Ez, Oz (†)
(Subst)
(OR1 )
(ER2 )
(N L)
Any infinite path has a tail consisting of repetitions of the loop
indicated by (†), and there is a progressing trace on this loop.
By concatenating copies of this trace we obtain an infinitely
progressing trace as required.
21/ 26
Results about CLKIDω
Proposition (Proof-checking decidability)
It is decidable whether a CLKIDω pre-proof is a proof.
22/ 26
Results about CLKIDω
Proposition (Proof-checking decidability)
It is decidable whether a CLKIDω pre-proof is a proof.
Theorem
Any LKID proof can be transformed into a CLKIDω proof.
22/ 26
Results about CLKIDω
Proposition (Proof-checking decidability)
It is decidable whether a CLKIDω pre-proof is a proof.
Theorem
Any LKID proof can be transformed into a CLKIDω proof.
(Proof: We show how to derive any induction rule in CLKIDω .)
22/ 26
Results about CLKIDω
Proposition (Proof-checking decidability)
It is decidable whether a CLKIDω pre-proof is a proof.
Theorem
Any LKID proof can be transformed into a CLKIDω proof.
(Proof: We show how to derive any induction rule in CLKIDω .)
Conjecture
Any CLKIDω -provable sequent is also LKID-provable.
22/ 26
Results about CLKIDω
Proposition (Proof-checking decidability)
It is decidable whether a CLKIDω pre-proof is a proof.
Theorem
Any LKID proof can be transformed into a CLKIDω proof.
(Proof: We show how to derive any induction rule in CLKIDω .)
Conjecture
Any CLKIDω -provable sequent is also LKID-provable.
This conjecture can be seen as a formalised version of:
Proof by induction is equivalent to regular proof by
infinite descent.
22/ 26
Part V
Summary
23/ 26
Summary
completeness
standard validity
soundness
cut-free provability
in LKIDω
inclusion
subsystem
+ cut-elim
Henkin validity
soundness
completeness
cut-free provability
in LKID
transformation
conjecture
24/ 26
provability
in CLKIDω
Some more recent developments
• Cyclic proof has started to see use in automatic theorem
proving and in program verification tools.
25/ 26
Some more recent developments
• Cyclic proof has started to see use in automatic theorem
proving and in program verification tools.
• Cyclic systems have been developed for various other logics
with inductive definitions or fixed point operators.
25/ 26
Some more recent developments
• Cyclic proof has started to see use in automatic theorem
proving and in program verification tools.
• Cyclic systems have been developed for various other logics
with inductive definitions or fixed point operators.
• Attempts at solving the conjecture. . .
25/ 26
Further reading
P. Martin-Löf.
Haupstatz for the intuitionistic theory of iterated inductive definitions.
In Proc. Second Scandinavian Logic Symposium, 1971.
J. Brotherston and A. Simpson.
Sequent calculi for induction and infinite descent.
In Journal of Logic and Computation 21(6), 2011.
J. Brotherston, R. Bornat and C. Calcagno.
Cyclic proofs of program termination in separation logic.
In Proc. POPL, 2008.
J. Brotherston and N. Gorogiannis.
A generic cyclic theorem prover.
In Proc. APLAS, 2012.
C. Sprenger and M. Dam.
On the structure of inductive reasoning: circular and tree-shaped
proofs in the µ-calculus.
In Proceedings of FOSSACS, 2003.
26/ 26
Related documents
R : M T
R : M T
Square roots
Square roots
Full version - Villanova Computer Science
Full version - Villanova Computer Science
Sequent calculus - Wikipedia, the free encyclopedia
Sequent calculus - Wikipedia, the free encyclopedia
A Framework for Employee Appraisals based on Inductive Logic
A Framework for Employee Appraisals based on Inductive Logic
Pattern sheet
Pattern sheet
MUltseq: a Generic Prover for Sequents and Equations*
MUltseq: a Generic Prover for Sequents and Equations*
Learning a Grammar for SMART Objectives Using Inductive Logic
Learning a Grammar for SMART Objectives Using Inductive Logic
Word document
Word document
Discrete Computational Structures (CS 225) Definition of Formal Proof
Discrete Computational Structures (CS 225) Definition of Formal Proof
9/24 Intro to Proof notes File
9/24 Intro to Proof notes File
GEOMETRY 2.1 Patterns and Inductive Reasoning
GEOMETRY 2.1 Patterns and Inductive Reasoning