Logic for real number computation
advertisement
Logic for real number computation
Helmut Schwichtenberg
(j.w.w. Ulrich Berger, Kenji Miyamoto and Hideki Tsuiki)
Mathematisches Institut, LMU, München
Trends in Proof Theory, Hamburg, 20. - 21. September 2015
1 / 16
Dyadic rationals:
X ai
.
2i+1
with ai ∈ {−1, 1} =: PSD.
i<k
15
16
− 15
16
1 1̄
1̄
− 78
1 1̄
1 1̄
1 1̄
1 1̄
1 1̄
1 1̄
1
7
8
1
1̄
1
1̄
− 34
1
1̄
1
1̄
1
1̄
− 12
1
1̄
1
1̄
3
4
1
2
0
with 1̄ := −1. Adjacent dyadics can differ in many digits:
7
∼ 11̄11,
16
9
∼ 111̄1̄.
16
2 / 16
Cure: flip after 1. Binary reflected (or Gray-) code.
− 15
16
L
− 78
15
16
R R
L L
R R
L L
R R
L L
R R
L
7
8
L
R
− 34
R
L
L
L
R
R
− 12
R
R
L
R
L
L
3
4
1
2
0
7
∼ RRRL,
16
9
∼ RLRL.
16
3 / 16
Problem with productivity:
1̄111 + 11̄1̄1̄ = ?
(what is the first digit?)
Cure: delay.
I
For binary code: add 0. Signed digit code
X di
.
2i+1
with di ∈ {−1, 0, 1} =: SD.
i<k
Widely used for real number computation.
I
For Gray-code: add U, D, FinL/R . Pre-Gray code.
4 / 16
Pre-Gray code
7
16
L
U
R
U
U
FinR
U
1
4
R
FinR
3
8
9
16
D
L
D
FinR
FinL
U
R
U
FinL
5
8
R
3
4
L
1
2
0
After computation in pre-Gray code, one can remove Fina up to
U ◦ Fina 7→ a ◦ R,
1
:
2k
D ◦ Fina 7→ Fina ◦ L,
5 / 16
Goal: extract algorithms on infinite objects from proofs, in a simple
framework (TCF). Example:
I
Infinite objects: streams, in pre-Gray code.
I
Algorithm: average.
Framework:
I
Constructive logic
I
Types: only function types (Scott/Ershov partial continuous
functionals), over base types given by constructors (may
contain infinite objects).
I
Inductive & coinductive predicates, with their least & greatest
fixed point axioms (i.e., induction & coinduction).
6 / 16
We will coinductively define a predicate coG and prove
co
co
0
co
∀nc
x,x 0 ( G (x) → G (x ) → G (
x + x0
))
2
(1)
0
(∀nc
x,x 0 : the reals x, x have no computational significance).
Associated with coG is its realizability extension (coG )r (p, x)
(p is a stream representation of x witnessing coG (x)).
Soundness theorem:
(coG )r (p, x) → (coG )r (p 0 , x 0 ) → (coG )r (f (p, p 0 ),
x + x0
)
2
for some stream transformer f extracted from the proof of (1),
which never mentions streams.
7 / 16
What is coG ? Need simultaneously coH.
x −1
x
) ∨ ∃rx∈Y (y = ) },
2
2
x
+
1
x
∆(X , Y ) := { y | ∃rx∈X ∃a (y = a
) ∨ ∃rx∈Y (y = ) }
2
2
Γ(X , Y ) := { y | ∃rx∈X ∃a (y = −a
(∃rx : the real x has no computational significance)
Define (coG , coH) := ν(X ,Y ) (Γ(X , Y ), ∆(X , Y )).
Coinduction:
(X , Y ) ⊆ (Γ(coG ∪X , coH∪Y ), ∆(coG ∪X , coH∪Y )) → (X , Y ) ⊆ (coG , coH),
Associated to Γ, ∆ are algebras G, H with constructors
LR : PSD → G → G,
U: H → G
(for “undefined”),
Fin : PSD → G → H,
D: H → H
(for “delay”).
8 / 16
Realizability extensions (coG )r and (coH)r :
Γr (Z , W ) := { (p, x) | ∃(p0 ,x 0 )∈Z ∃a (x = −a
x0 − 1
∧ p = LRa (p 0 )) ∨u
2
x0
∧ p = U(q 0 )) },
2
x0 + 1
∆r (Z , W ) := { (q, x) | ∃(p0 ,x 0 )∈Z ∃a (x = a
∧ q = Fina (p 0 )) ∨u
2
x0
∃u(q0 ,x 0 )∈W (x =
∧ q = D(q 0 )) }
2
∃u(q0 ,x 0 )∈W (x =
(∨u : the whole formula has no computational significance).
Define
((coG )r , (coH)r ) := ν(Z ,W ) (Γr (Z , W ), ∆r (Z , W ))
9 / 16
CoGAverage:
co
co
co
∀nc
x,y ( G (x) → G (y ) → G (
x +y
)).
2
Consider two sets of averages, the second one with a “carry”
i ∈ SD2 := {−2, −1, 0, 1, 2}:
x +y
| x, y ∈ coG },
2
x +y +i
Avc := {
| x, y ∈ coG , i ∈ SD2 }.
4
Av := {
Suffices: Avc satisfies the clause coinductively defining coG , for
then by the greatest-fixed-point axiom for coG we have Avc ⊆ coG .
Since we also have Av ⊆ Avc we obtain Av ⊆ coG , i.e., our claim.
10 / 16
CoGAvToAvc:
r
∀nc
x,y ∈coG ∃x 0 ,y 0 ∈coG ∃i (
x +y
x0 + y0 + i
=
).
2
4
Implicit algorithm. f ∗ := cCoGPsdTimes, and s := cCoHToCoG.
cL denotes the function extracted from the proof of a lemma L.
co
co
CoGPsdTimes: ∀nc
x ∀a ( G (x) → G (a ∗ x)).
f (LRa (p), LRa0 (p 0 )) = (a + a0 , f ∗ (−a, p), f ∗ (−a0 , p 0 )),
f (LRa (p), U(q)) = (a, f ∗ (−a, p), s(q)),
f (U(q), LRa (p)) = (a, s(q), f ∗ (−a, p)),
f (U(q), U(q 0 )) = (0, s(q), s(q 0 )).
11 / 16
Need J : SD → SD → SD2 → SD2 , K : SD → SD → SD2 → SD
with d + e + 2i = J(d, e, i) + 4K (d, e, i) (cases on d, e, i). Then
x+d
2
+
y +e
2
4
+i
=
x+y +J(d,e,i)
4
+ K (d, e, i)
.
2
CoGAvcSatCoICl:
x
r
∀i ∀nc
x,y ∈coG ∃x 0 ,y 0 ∈coG ∃j,d (
+y +i
=
4
x 0 +y 0 +j
4
2
+d
).
Implicit algorithm.
f (i, LRa (p), LRa0 (p 0 )) = (J(a, a0 , i), K (a, a0 , i), f ∗ (−a, p), f ∗ (−a0 , p 0 )),
f (i, LRa (p), U(q)) = (J(a, 0, i), K (a, 0, i), f ∗ (−a, p), s(q)),
f (i, U(q), LRa (p)) = (J(0, a, i), K (0, a, i), s(q), f ∗ (−a, p)),
f (i, U(q), U(q 0 )) = (J(0, 0, i), K (0, 0, i), s(q), s(q 0 )).
12 / 16
CoGAvcToCoG:
x +y +i
) → coG (z)),
4
x +y +i
r
) → coH(z)).
∀nc
z (∃x,y ∈coG ∃i (z =
4
r
∀nc
z (∃x,y ∈coG ∃i (z =
Implicit algorithm. Proof uses SdDisj: ∀d (d = 0 ∨ ∃a (d = a)).
g (i, p, p 0 ) = let (i1 , d, p1 , p10 ) = cCoGAvcSatCoICl(i, p, p 0 ) in
case cSdDisj(d) of
0 → U(h(i, p1 , p10 ))
a → LRa (g (−ai, f ∗ (−a, p1 ), f ∗ (−a, p10 ))),
h(i, p, p 0 ) = let (i1 , d, p1 , p10 ) = cCoGAvcSatCoICl(i, p, p 0 ) in
case cSdDisj(d) of
0 → D(h(i, p1 , p10 ))
a → Fina (g (−ai, f ∗ (−a, p1 ), f ∗ (−a, p10 ))).
Composing CoGAvToAvc and CoGAvcToCoG gives CoGAverage.
13 / 16
Extracted term for CoGAvcToCoG:
[ipp](CoRec sdtwo@@ag@@ag=>ag sdtwo@@ag@@ag=>ah)ipp
([ipp0][let idpp (cCoGAvcSatCoICl
left ipp0 left right ipp0 right right ipp0)
[case (cSdDisj left right idpp)
(DummyL -> InR(InR(left idpp@right right idpp)))
(Inr a -> InL(a@InR
(a times inv left idpp@
cCoGPsdTimes inv a left right right idpp@
cCoGPsdTimes inv a right right right idpp)))]])
([ipp0][let idpp ...] ...)
ipp
variable of type SD2 × G × G
idpp
variable of type SD2 × SD × G × G
[ipp]r
lambda abstraction λipp r
sdtwo@@ag@@ag=>ah
function type SD2 × G × G → H
r@s, left r, right r
product term, components
cL
realizer for lemma L
14 / 16
Corecursion ∼ coinduction.
(G,H),(σ,τ )
: σ → δG → δH → G
(G,H),(σ,τ )
: τ → δG → δH → H
co
RG
co
RH
with step types
δG := σ → PSD × (G + σ) + (H + τ ),
δH := τ → PSD × (G + σ) + (H + τ ).
PSD × (G + σ) + (H + τ ) appears since G has constructors
LR : PSD → G → G and U : H → G,
and H has constructors
Fin : PSD → G → H and D : H → H.
15 / 16
I
Analyzing the step terms gives the “implicit algorithm”.
I
Extracted terms are in an extension T + of Gödel’s T , the
term language of TCF. They denote partial continuous
functionals (Scott/Ershov).
I
Verification is automatic (soundness theorem).
I
Minlog provides a translation to Haskell for (lazy) evaluation.
I
“Code carrying proof” can be a reasonable alternative to
“Proof carrying code” (Necula).
16 / 16
