Mendler-style Iso-(Co)inductive predicates: a strongly normalizing approach

We present an extension of the second-order logic AF2 with iso-style inductive and coinductive definitions specifically designed to extract programs from proofs a la Krivine-Parigot by means of primitive (co)recursion principles. Our logic includes primitive constructors of least and greatest fixed points of predicate transformers, but contrary to the common approach, we do not restrict ourselves to positive operators to ensure monotonicity, instead we use the Mendler-style, motivated here by the concept of monotonization of an arbitrary operator on a complete lattice. We prove an adequacy theorem with respect to a realizability semantics based on saturated sets and saturated-valued functions and as a consequence we obtain the strong normalization property for the proof-term reduction, an important feature which is absent in previous related work.Comment: In Proceedings LSFA 2011, arXiv:1203.542

Implicit complexity for coinductive data: a characterization of corecurrence

We propose a framework for reasoning about programs that manipulate coinductive data as well as inductive data. Our approach is based on using equational programs, which support a seamless combination of computation and reasoning, and using productivity (fairness) as the fundamental assertion, rather than bi-simulation. The latter is expressible in terms of the former. As an application to this framework, we give an implicit characterization of corecurrence: a function is definable using corecurrence iff its productivity is provable using coinduction for formulas in which data-predicates do not occur negatively. This is an analog, albeit in weaker form, of a characterization of recurrence (i.e. primitive recursion) in [Leivant, Unipolar induction, TCS 318, 2004].Comment: In Proceedings DICE 2011, arXiv:1201.034

Beating the Productivity Checker Using Embedded Languages

Some total languages, like Agda and Coq, allow the use of guarded corecursion to construct infinite values and proofs. Guarded corecursion is a form of recursion in which arbitrary recursive calls are allowed, as long as they are guarded by a coinductive constructor. Guardedness ensures that programs are productive, i.e. that every finite prefix of an infinite value can be computed in finite time. However, many productive programs are not guarded, and it can be nontrivial to put them in guarded form. This paper gives a method for turning a productive program into a guarded program. The method amounts to defining a problem-specific language as a data type, writing the program in the problem-specific language, and writing a guarded interpreter for this language.Comment: In Proceedings PAR 2010, arXiv:1012.455

Coiterative Morphisms: Interactive Equational Reasoning for Bisimulation, using Coalgebras

ter: SEN 3 Abstract: We study several techniques for interactive equational reasoning with the bisimulation equivalence. Our work is based on a modular library, formalised in Coq, that axiomatises weakly final coalgebras and bisimulation. As a theory we derive some coalgebraic schemes and an associated coinduction principle. This will help in interactive proofs by coinduction, modular derivation of congruence and co-fixed point equations and enables an extensional treatment of bisimulation. Finally we present a version of the lambda-coinduction proof principle in our framework

Guard Your Daggers and Traces: On The Equational Properties of Guarded (Co-)recursion

Motivated by the recent interest in models of guarded (co-)recursion we study its equational properties. We formulate axioms for guarded fixpoint operators generalizing the axioms of iteration theories of Bloom and Esik. Models of these axioms include both standard (e.g., cpo-based) models of iteration theories and models of guarded recursion such as complete metric spaces or the topos of trees studied by Birkedal et al. We show that the standard result on the satisfaction of all Conway axioms by a unique dagger operation generalizes to the guarded setting. We also introduce the notion of guarded trace operator on a category, and we prove that guarded trace and guarded fixpoint operators are in one-to-one correspondence. Our results are intended as first steps leading to the description of classifying theories for guarded recursion and hence completeness results involving our axioms of guarded fixpoint operators in future work.Comment: In Proceedings FICS 2013, arXiv:1308.589

Corecursive featherweight Java revisited

We describe a Java-like calculus which supports cyclic data structures, and offers a mechanism of flexible regular corecursion for their manipulation. The calculus enhances an earlier proposal by a more sophisticated reduction semantics, which filters out, by an additional check, some spurious results which were obtained in the previous model

Total Haskell is Reasonable Coq

We would like to use the Coq proof assistant to mechanically verify properties of Haskell programs. To that end, we present a tool, named hs-to-coq, that translates total Haskell programs into Coq programs via a shallow embedding. We apply our tool in three case studies -- a lawful Monad instance, "Hutton's razor", and an existing data structure library -- and prove their correctness. These examples show that this approach is viable: both that hs-to-coq applies to existing Haskell code, and that the output it produces is amenable to verification.Comment: 13 pages plus references. Published at CPP'18, In Proceedings of 7th ACM SIGPLAN International Conference on Certified Programs and Proofs (CPP'18). ACM, New York, NY, USA, 201

Friends with benefits: implementing corecursion in foundational proof assistants

We introduce AmiCo, a tool that extends a proof assistant, Isabelle/HOL, with flexible function definitions well beyond primitive corecursion. All definitions are certified by the assistant’s inference kernel to guard against inconsistencies. A central notion is that of friends: functions that preserve the productivity of their arguments and that are allowed in corecursive call contexts. As new friends are registered, corecursion benefits by becoming more expressive. We describe this process and its implementation, from the user’s specification to the synthesis of a higher-order definition to the registration of a friend. We show some substantial case studies where our approach makes a difference

On Extensions of AF2 with Monotone and Clausular (Co)inductive Definitions

This thesis discusses some extensions of second-order logic AF2 with primitive constructors representing least and greatest fixed points of monotone operators, which allow to define predicates by induction and coinduction. Though the expressive power of second-order logic has been well-known for a long time and suffices to define (co)inductive predicates by means of its (co)induction principles, it is more user-friendly to have a direct way of defining predicates inductively. Moreover recent applications in computer science oblige to consider also coinductive definitions useful for handling infinite objects, the most prominent example being the data type of streams or infinite lists. Main features of our approach are the use clauses in the (co)inductive definition mechanism, concept which simplifies the syntactic shape of the predicates, as well as the inclusion of not only (co)iteration but also primitive (co)recursion principles and in the case of coinductive definitions an inversion principle. For sake of generality we consider full monotone, and not only positive definitions, after all positivity is only used to ensure monotonicity. Working towards practical use of our systems we give them realizability interpretations where the systems of realizers are strongly normalizing extensions of the second-order polymorphic lambda calculus, system F in Curry-style, with (co)inductive types corresponding directly to the logical systems via the Curry-Howard correspondence. Such realizability interpretations are therefore not reductive: the definition of realizability for a (co)inductive definition is again a (co)inductive definition. As main application of realizability we extend the so-called programming-with-proofs paradigm of Krivine and Parigot to our logics, by means of which a correct program of the lambda calculus can be extracted from a proof in the logic