Affine functions and series with co-inductive real numbers

We extend the work of A. Ciaffaglione and P. Di Gianantonio on mechanical verification of algorithms for exact computation on real numbers, using infinite streams of digits implemented as co-inductive types. Four aspects are studied: the first aspect concerns the proof that digit streams can be related to the axiomatized real numbers that are already axiomatized in the proof system (axiomatized, but with no fixed representation). The second aspect re-visits the definition of an addition function, looking at techniques to let the proof search mechanism perform the effective construction of an algorithm that is correct by construction. The third aspect concerns the definition of a function to compute affine formulas with positive rational coefficients. This should be understood as a testbed to describe a technique to combine co-recursion and recursion to obtain a model for an algorithm that appears at first sight to be outside the expressive power allowed by the proof system. The fourth aspect concerns the definition of a function to compute series, with an application on the series that is used to compute Euler's number e. All these experiments should be reproducible in any proof system that supports co-inductive types, co-recursion and general forms of terminating recursion, but we performed with the Coq system [12, 3, 14]

On the Rationality of Escalation

Escalation is a typical feature of infinite games. Therefore tools conceived for studying infinite mathematical structures, namely those deriving from coinduction are essential. Here we use coinduction, or backward coinduction (to show its connection with the same concept for finite games) to study carefully and formally the infinite games especially those called dollar auctions, which are considered as the paradigm of escalation. Unlike what is commonly admitted, we show that, provided one assumes that the other agent will always stop, bidding is rational, because it results in a subgame perfect equilibrium. We show that this is not the only rational strategy profile (the only subgame perfect equilibrium). Indeed if an agent stops and will stop at every step, we claim that he is rational as well, if one admits that his opponent will never stop, because this corresponds to a subgame perfect equilibrium. Amazingly, in the infinite dollar auction game, the behavior in which both agents stop at each step is not a Nash equilibrium, hence is not a subgame perfect equilibrium, hence is not rational.Comment: 19 p. This paper is a duplicate of arXiv:1004.525

Inductive and Coinductive Components of Corecursive Functions in Coq

In Constructive Type Theory, recursive and corecursive definitions are subject to syntactic restrictions which guarantee termination for recursive functions and productivity for corecursive functions. However, many terminating and productive functions do not pass the syntactic tests. Bove proposed in her thesis an elegant reformulation of the method of accessibility predicates that widens the range of terminative recursive functions formalisable in Constructive Type Theory. In this paper, we pursue the same goal for productive corecursive functions. Notably, our method of formalisation of coinductive definitions of productive functions in Coq requires not only the use of ad-hoc predicates, but also a systematic algorithm that separates the inductive and coinductive parts of functions.Comment: Dans Coalgebraic Methods in Computer Science (2008

From coinductive proofs to exact real arithmetic: theory and applications

Based on a new coinductive characterization of continuous functions we extract certified programs for exact real number computation from constructive proofs. The extracted programs construct and combine exact real number algorithms with respect to the binary signed digit representation of real numbers. The data type corresponding to the coinductive definition of continuous functions consists of finitely branching non-wellfounded trees describing when the algorithm writes and reads digits. We discuss several examples including the extraction of programs for polynomials up to degree two and the definite integral of continuous maps

Type classes for efficient exact real arithmetic in Coq

Floating point operations are fast, but require continuous effort on the part of the user in order to ensure that the results are correct. This burden can be shifted away from the user by providing a library of exact analysis in which the computer handles the error estimates. Previously, we [Krebbers/Spitters 2011] provided a fast implementation of the exact real numbers in the Coq proof assistant. Our implementation improved on an earlier implementation by O'Connor by using type classes to describe an abstract specification of the underlying dense set from which the real numbers are built. In particular, we used dyadic rationals built from Coq's machine integers to obtain a 100 times speed up of the basic operations already. This article is a substantially expanded version of [Krebbers/Spitters 2011] in which the implementation is extended in the various ways. First, we implement and verify the sine and cosine function. Secondly, we create an additional implementation of the dense set based on Coq's fast rational numbers. Thirdly, we extend the hierarchy to capture order on undecidable structures, while it was limited to decidable structures before. This hierarchy, based on type classes, allows us to share theory on the naturals, integers, rationals, dyadics, and reals in a convenient way. Finally, we obtain another dramatic speed-up by avoiding evaluation of termination proofs at runtime.Comment: arXiv admin note: text overlap with arXiv:1105.275

Deconstruction of Infinite Extensive Games using coinduction

Finite objects and more specifically finite games are formalized using induction, whereas infinite objects are formalized using coinduction. In this article, after an introduction to the concept of coinduction, we revisit on infinite (discrete) extensive games the basic notions of game theory. Among others, we introduce a definition of Nash equilibrium and a notion of subgame perfect equilibrium for infinite games. We use those concepts to analyze well known infinite games, like the dollar auction game and the centipede game and we show that human behaviors that are often considered as illogic are perfectly rational, if one admits that human agents reason coinductively.Comment: 19

Coinductive Formal Reasoning in Exact Real Arithmetic

In this article we present a method for formally proving the correctness of the lazy algorithms for computing homographic and quadratic transformations -- of which field operations are special cases-- on a representation of real numbers by coinductive streams. The algorithms work on coinductive stream of M\"{o}bius maps and form the basis of the Edalat--Potts exact real arithmetic. We use the machinery of the Coq proof assistant for the coinductive types to present the formalisation. The formalised algorithms are only partially productive, i.e., they do not output provably infinite streams for all possible inputs. We show how to deal with this partiality in the presence of syntactic restrictions posed by the constructive type theory of Coq. Furthermore we show that the type theoretic techniques that we develop are compatible with the semantics of the algorithms as continuous maps on real numbers. The resulting Coq formalisation is available for public download.Comment: 40 page

Certified exact real arithmetic using co-induction in arbitrary integer base

International audienceIn this paper we describe some certified algorithms for exact real arithmetic based on co-recursion. Our work is based on previous experiences using redundant digits of base 2 but generalizes them using arbitrary integer bases. The goal is to take benefit of fast native integer computation. We extend a technique to compute converging series. We use this technique to compute the product and the inverse. We describe how we implement and certify our algorithms in the proof system Coq and evaluate the efficiency of the library inside the prover

Rationality and Escalation in Infinite Extensive Games

The aim of this of this paper is to study infinite games and to prove formally some properties in this framework. As a consequence we show that the behavior (the madness) of people which leads to speculative crashes or escalation can be fully rational. Indeed it proceeds from the statement that resources are infinite. The reasoning is based on the concept of coinduction conceived by computer scientists to model infinite computations and used by economic agents unknowingly. When used consciously, this concept is not as simple as induction and we could paraphrase Newton: "Modeling the madness of people is more difficult than modeling the motion of planets".Comment: arXiv admin note: substantial text overlap with arXiv:1004.5257, arXiv:0904.3528, and arXiv:0912.174

Extraction of programs for exact number computation using Agda.

This thesis contains the to our knowledge first research project to ex-tract in the theorem prover Agda programs from proofs involving pos-tulated axioms. Our method doesn't require to write a Meta program for extracting programs from proofs. It shows as well the correctness of the machinery. This method has been applied to the extraction of programs about real number computation. The method has been used for showing that the signed digit approximable real numbers are closed under addition, multiplication, and contain the rational numbers. Therefore we obtain in Agda a provably correct program which executes the corresponding operations on signed digit streams. The first part of the thesis introduces axioms about real numbers using postulated data types and functions in Agda without giving any computational rules. Then we investigate some properties of real numbers constructed by Cauchy sequences: we introduce the set of real numbers which are limits of Cauchy sequences of rational numbers (Cauchy Reals) and show that they are closed under addition and multiplication. We also prove that Cauchy Reals are Cauchy complete. Furthermore, we introduce the real numbers in the interval [-1,1], which have a binary signed digit representation, i.e. r = 0.d0d1d2..., where di ∈ {lcub}-1, 0, 1{rcub}. This set of real numbers is given as a codata type (SDR). We determine for rational numbers in the interval [-1, 1] their SDR and show that SDRs are closed under the average function and the multiplication function. Besides, a finding digit function is defined which determines the first n digits of a stream of signed digits. In the second part of the thesis, a theorem is given which shows the correctness of our method. It shows that under certain conditions our method always normalises and doesn't make use of the axioms. The conditions mainly guarantee that a postulated function or axiom has as result type only a postulated type, so the reduction of elements of algebraic data types to head normal form will not refer to these postulates. Because of our theorem the finding digit function applied to a real number r s.t. SDR r holds normalises to [do, d1,..., dn-1] for the first n digit d0d1...dn-1 of r. Therefore, we can compute the SDR of rational numbers and from SDRs of real numbers the SDR of their average and product