proving decidability of intuitionistic propositional calculus on coq
DESCRIPTION
直観主義命題論理の決定性をCoqで証明した話 @ Logic Zoo Workshop 2013 http://logiczoo13.pira.jp/TRANSCRIPT
Proving decidability of Intuitionistic Propositional Calculus
on Coq
Masaki Hara (qnighy)
University of Tokyo, first grade
Logic Zoo 2013 にて
1. Task & Known results
2. Brief methodology of the proof
1. Cut elimination
2. Contraction elimination
3. →𝐿 elimination
4. Proof of strictly-decreasingness
3. Implementation detail
4. Further implementation plan
Task
• Proposition: 𝐴𝑡𝑜𝑚 𝑛 , ∧, ∨, →, ⊥
• Task: Is given propositional formula P provable in LJ?
– It’s known to be decidable. [Dyckhoff]
• This talk: how to prove this decidability on Coq
Known results
• Decision problem on IPC is PSPACE complete [Statman]
– Especially, O(N log N) space decision procedure is known [Hudelmaier]
• These approaches are backtracking on LJ syntax.
Known results
• cf. classical counterpart of this problem is co-NP complete.
– Proof: find counterexample in boolean-valued semantics (SAT).
methodology
• To prove decidability, all rules should be strictly decreasing on some measuring.
• More formally, for all rules 𝑆1,𝑆2,…,𝑆𝑁
𝑆0𝑟𝑢𝑙𝑒
and all number 𝑖 (1 ≤ 𝑖 ≤ 𝑁), 𝑆𝑖 < 𝑆0
on certain well-founded relation <.
methodology
1. Eliminate cut rule of LJ
2. Eliminate contraction rule
3. Split →𝑳 rule into 4 pieces
4. Prove that every rule is strictly decreasing
Sequent Calculus LJ
•Γ⊢𝐺
𝐴,Γ⊢𝐺𝑤𝑒𝑎𝑘
𝐴,𝐴,Γ⊢𝐺
𝐴,Γ⊢𝐺𝑐𝑜𝑛𝑡𝑟
Γ⊢𝐴 𝐴,Δ⊢𝐺
Γ,Δ⊢𝐺(𝑐𝑢𝑡)
•
𝐴⊢𝐴𝑎𝑥𝑖𝑜𝑚
⊥⊢𝐺(𝑒𝑥𝑓𝑎𝑙𝑠𝑜)
•Γ⊢𝐴 𝐵,Γ⊢𝐺
𝐴→𝐵,Γ⊢𝐺→𝐿
𝐴,Γ⊢𝐵
Γ⊢𝐴→𝐵(→𝑅)
•𝐴,𝐵,Γ⊢𝐺
𝐴∧𝐵,Γ⊢𝐺∧𝐿
Γ⊢𝐴 Γ⊢𝐵
Γ⊢𝐴∧𝐵(∧𝑅)
•𝐴,Γ⊢𝐺 𝐵,Γ⊢𝐺
𝐴∨𝐵,Γ⊢𝐺∨𝐿
Γ⊢𝐴
Γ⊢𝐴∨𝐵∨𝑅1
Γ⊢𝐵
Γ⊢𝐴∨𝐵∨𝑅2
•
Sequent Calculus LJ
•Γ⊢𝐺
𝐴,Γ⊢𝐺𝑤𝑒𝑎𝑘
𝐴,𝐴,Γ⊢𝐺
𝐴,Γ⊢𝐺𝑐𝑜𝑛𝑡𝑟
Γ⊢𝐴 𝐴,Δ⊢𝐺
Γ,Δ⊢𝐺(𝑐𝑢𝑡)
•
𝐴⊢𝐴𝑎𝑥𝑖𝑜𝑚
⊥⊢𝐺(𝑒𝑥𝑓𝑎𝑙𝑠𝑜)
•Γ⊢𝐴 𝐵,Γ⊢𝐺
𝐴→𝐵,Γ⊢𝐺→𝐿
𝐴,Γ⊢𝐵
Γ⊢𝐴→𝐵(→𝑅)
•𝐴,𝐵,Γ⊢𝐺
𝐴∧𝐵,Γ⊢𝐺∧𝐿
Γ⊢𝐴 Γ⊢𝐵
Γ⊢𝐴∧𝐵(∧𝑅)
•𝐴,Γ⊢𝐺 𝐵,Γ⊢𝐺
𝐴∨𝐵,Γ⊢𝐺∨𝐿
Γ⊢𝐴
Γ⊢𝐴∨𝐵∨𝑅1
Γ⊢𝐵
Γ⊢𝐴∨𝐵∨𝑅2
• We eliminate cut rule first.
Cut elimination
• 1. Prove these rule by induction on proof structure.
•Γ⊢𝐺
Δ,Γ⊢𝐺𝑤𝑒𝑎𝑘𝐺
Δ,Δ,Γ⊢𝐺
Δ,Γ⊢𝐺𝑐𝑜𝑛𝑡𝑟𝐺
•Γ⊢⊥
Γ⊢𝐺⊥𝑅𝐸
•Γ⊢𝐴∧𝐵
Γ⊢𝐴∧𝑅𝐸1
Γ⊢𝐴∧𝐵
Γ⊢𝐵∧𝑅𝐸2
•Γ⊢𝐴→𝐵
𝐴,Γ⊢𝐵→𝑅𝐸
• If Γ1⊢𝐴 𝐴,Δ1⊢𝐺1
Γ1,Δ1⊢𝐺1(𝑐𝑢𝑡𝐴) and
Γ2⊢𝐵 𝐵,Δ2⊢𝐺2
Γ2,Δ2⊢𝐺2(𝑐𝑢𝑡𝐵) for all
Γ1, Γ2, Δ1, Δ2, 𝐺1, 𝐺2 , then Γ⊢𝐴∨𝐵 A,Δ⊢𝐺 𝐵,Δ⊢𝐺
Γ,Δ⊢𝐺(∨𝑅𝐸)
Cut elimination
• 2. Prove the general cut rule Γ ⊢ 𝐴 𝐴𝑛, Δ ⊢ 𝐺
Γ, Δ ⊢ 𝐺𝑐𝑢𝑡𝐺
by induction on the size of 𝐴 and proof structure of the right hand.
• 3. specialize 𝑐𝑢𝑡𝐺 (n = 1) ■
Cut-free LJ
•Γ⊢𝐺
𝐴,Γ⊢𝐺𝑤𝑒𝑎𝑘
𝐴,𝐴,Γ⊢𝐺
𝐴,Γ⊢𝐺𝑐𝑜𝑛𝑡𝑟
•
𝐴⊢𝐴𝑎𝑥𝑖𝑜𝑚
⊥⊢𝐺(𝑒𝑥𝑓𝑎𝑙𝑠𝑜)
•Γ⊢𝐴 𝐵,Γ⊢𝐺
𝐴→𝐵,Γ⊢𝐺→𝐿
𝐴,Γ⊢𝐵
Γ⊢𝐴→𝐵(→𝑅)
•𝐴,𝐵,Γ⊢𝐺
𝐴∧𝐵,Γ⊢𝐺∧𝐿
Γ⊢𝐴 Γ⊢𝐵
Γ⊢𝐴∧𝐵(∧𝑅)
•𝐴,Γ⊢𝐺 𝐵,Γ⊢𝐺
𝐴∨𝐵,Γ⊢𝐺∨𝐿
Γ⊢𝐴
Γ⊢𝐴∨𝐵∨𝑅1
Γ⊢𝐵
Γ⊢𝐴∨𝐵∨𝑅2
•
Cut-free LJ
•Γ⊢𝐺
𝐴,Γ⊢𝐺𝑤𝑒𝑎𝑘
𝐴,𝐴,Γ⊢𝐺
𝐴,Γ⊢𝐺𝑐𝑜𝑛𝑡𝑟
•
𝐴⊢𝐴𝑎𝑥𝑖𝑜𝑚
⊥⊢𝐺(𝑒𝑥𝑓𝑎𝑙𝑠𝑜)
•Γ⊢𝐴 𝐵,Γ⊢𝐺
𝐴→𝐵,Γ⊢𝐺→𝐿
𝐴,Γ⊢𝐵
Γ⊢𝐴→𝐵(→𝑅)
•𝐴,𝐵,Γ⊢𝐺
𝐴∧𝐵,Γ⊢𝐺∧𝐿
Γ⊢𝐴 Γ⊢𝐵
Γ⊢𝐴∧𝐵(∧𝑅)
•𝐴,Γ⊢𝐺 𝐵,Γ⊢𝐺
𝐴∨𝐵,Γ⊢𝐺∨𝐿
Γ⊢𝐴
Γ⊢𝐴∨𝐵∨𝑅1
Γ⊢𝐵
Γ⊢𝐴∨𝐵∨𝑅2
• Contraction rule is not strictly decreasing
Contraction-free LJ
•
𝐴,Γ⊢𝐴𝑎𝑥𝑖𝑜𝑚
⊥,Γ⊢𝐺(𝑒𝑥𝑓𝑎𝑙𝑠𝑜)
•𝐴→𝐵,Γ⊢𝐴 𝐵,Γ⊢𝐺
𝐴→𝐵,Γ⊢𝐺→𝐿
𝐴,Γ⊢𝐵
Γ⊢𝐴→𝐵(→𝑅)
•𝐴,𝐵,Γ⊢𝐺
𝐴∧𝐵,Γ⊢𝐺∧𝐿
Γ⊢𝐴 Γ⊢𝐵
Γ⊢𝐴∧𝐵(∧𝑅)
•𝐴,Γ⊢𝐺 𝐵,Γ⊢𝐺
𝐴∨𝐵,Γ⊢𝐺∨𝐿
Γ⊢𝐴
Γ⊢𝐴∨𝐵∨𝑅1
Γ⊢𝐵
Γ⊢𝐴∨𝐵∨𝑅2
Contraction-free LJ
• Implicit weak
–
𝐴,Γ⊢𝐴𝑎𝑥𝑖𝑜𝑚
⊥,Γ⊢𝐺(𝑒𝑥𝑓𝑎𝑙𝑠𝑜)
• Implicit contraction
–𝐴→𝐵,Γ⊢𝐴 𝐵,Γ⊢𝐺
𝐴→𝐵,Γ⊢𝐺→𝐿
–Γ⊢𝐴 Γ⊢𝐵
Γ⊢𝐴∧𝐵(∧𝑅)
–𝐴,Γ⊢𝐺 𝐵,Γ⊢𝐺
𝐴∨𝐵,Γ⊢𝐺∨𝐿
Contraction-free LJ
• Implicit weak
–
𝐴,Γ⊢𝐴𝑎𝑥𝑖𝑜𝑚
⊥,Γ⊢𝐺(𝑒𝑥𝑓𝑎𝑙𝑠𝑜)
• Implicit contraction
–𝐴→𝐵,Γ⊢𝐴 𝐵,Γ⊢𝐺
𝐴→𝐵,Γ⊢𝐺→𝐿
–Γ⊢𝐴 Γ⊢𝐵
Γ⊢𝐴∧𝐵(∧𝑅)
–𝐴,Γ⊢𝐺 𝐵,Γ⊢𝐺
𝐴∨𝐵,Γ⊢𝐺∨𝐿
Proof of weak rule
• Easily done by induction ■
Proof of contr rule
• 1. prove these rules by induction on proof structure.
–𝐴∧𝐵,Γ⊢𝐺
𝐴,𝐵,Γ⊢𝐺∧𝐿𝐸
𝐴∨𝐵,Γ⊢𝐺
𝐴,Γ⊢𝐺∨𝐿𝐸1
𝐴∨𝐵,Γ⊢𝐺
𝐵,Γ⊢𝐺(∨𝐿𝐸2)
–𝐴→𝐵,Γ⊢𝐺
𝐵,Γ⊢𝐺(→𝑤𝑒𝑎𝑘)
• 2. prove contr rule by induction on proof structure.■
Contraction-free LJ
•
𝐴,Γ⊢𝐴𝑎𝑥𝑖𝑜𝑚
⊥,Γ⊢𝐺(𝑒𝑥𝑓𝑎𝑙𝑠𝑜)
•𝐴→𝐵,Γ⊢𝐴 𝐵,Γ⊢𝐺
𝐴→𝐵,Γ⊢𝐺→𝐿
𝐴,Γ⊢𝐵
Γ⊢𝐴→𝐵(→𝑅)
•𝐴,𝐵,Γ⊢𝐺
𝐴∧𝐵,Γ⊢𝐺∧𝐿
Γ⊢𝐴 Γ⊢𝐵
Γ⊢𝐴∧𝐵(∧𝑅)
•𝐴,Γ⊢𝐺 𝐵,Γ⊢𝐺
𝐴∨𝐵,Γ⊢𝐺∨𝐿
Γ⊢𝐴
Γ⊢𝐴∨𝐵∨𝑅1
Γ⊢𝐵
Γ⊢𝐴∨𝐵∨𝑅2
Contraction-free LJ
•
𝐴,Γ⊢𝐴𝑎𝑥𝑖𝑜𝑚
⊥,Γ⊢𝐺(𝑒𝑥𝑓𝑎𝑙𝑠𝑜)
•𝐴→𝐵,Γ⊢𝐴 𝐵,Γ⊢𝐺
𝐴→𝐵,Γ⊢𝐺→𝐿
𝐴,Γ⊢𝐵
Γ⊢𝐴→𝐵(→𝑅)
•𝐴,𝐵,Γ⊢𝐺
𝐴∧𝐵,Γ⊢𝐺∧𝐿
Γ⊢𝐴 Γ⊢𝐵
Γ⊢𝐴∧𝐵(∧𝑅)
•𝐴,Γ⊢𝐺 𝐵,Γ⊢𝐺
𝐴∨𝐵,Γ⊢𝐺∨𝐿
Γ⊢𝐴
Γ⊢𝐴∨𝐵∨𝑅1
Γ⊢𝐵
Γ⊢𝐴∨𝐵∨𝑅2
• This time, →𝐿 rule is not decreasing
Terminating LJ
• Split 𝐴→𝐵,Γ⊢𝐴 𝐵,Γ⊢𝐺
𝐴→𝐵,Γ⊢𝐺→𝐿 into 4 pieces
1. 𝐶,𝐴𝑡𝑜𝑚 𝑛 ,Γ⊢𝐺
𝐴𝑡𝑜𝑚 𝑛 →𝐶,𝐴𝑡𝑜𝑚 𝑛 ,Γ⊢𝐺→𝐿1
2. 𝐵→𝐶,Γ⊢𝐴→𝐵 C,Γ⊢𝐺
𝐴→𝐵 →𝐶,Γ⊢𝐺(→𝐿2)
3. 𝐴→ 𝐵→𝐶 ,Γ⊢𝐺
𝐴∧𝐵 →𝐶,Γ⊢𝐺(→𝐿3)
4. 𝐴→𝐶,𝐵→𝐶,Γ⊢𝐺
𝐴∨𝐵 →𝐶,Γ⊢𝐺(→𝐿4)
Correctness of Terminating LJ
• 1. If Γ ⊢ 𝐺 is provable in Contraction-free LJ, At least one of these is true:
– Γ includes ⊥, 𝐴 ∧ 𝐵, or 𝐴 ∨ 𝐵
– Γ includes both 𝐴𝑡𝑜𝑚(𝑛) and 𝐴𝑡𝑜𝑚 𝑛 → 𝐵
– Γ ⊢ 𝐺 has a proof whose bottommost rule is not the form of 𝐴𝑡𝑜𝑚 𝑛 →𝐵,𝐴𝑡𝑜𝑚 𝑛 ,Γ⊢𝐴𝑡𝑜𝑚 𝑛 𝐵,𝐴𝑡𝑜𝑚 𝑛 ,Γ⊢𝐺
𝐴𝑡𝑜𝑚 𝑛 →𝐵,𝐴𝑡𝑜𝑚(𝑛),Γ⊢𝐺(→𝐿)
• Proof: induction on proof structure
Correctness of Terminating LJ
• 2. every sequent provable in Contraction-free LJ is also provable in Terminating LJ.
• Proof: induction by size of the sequent.
– Size: we will introduce later
Terminating LJ
•
𝐴,Γ⊢𝐴𝑎𝑥𝑖𝑜𝑚
⊥,Γ⊢𝐺(𝑒𝑥𝑓𝑎𝑙𝑠𝑜)
• 𝐶,𝐴𝑡𝑜𝑚 𝑛 ,Γ⊢𝐺
𝐴𝑡𝑜𝑚 𝑛 →𝐶,𝐴𝑡𝑜𝑚 𝑛 ,Γ⊢𝐺→𝐿1
𝐵→𝐶,Γ⊢𝐴→𝐵 C,Γ⊢𝐺
𝐴→𝐵 →𝐶,Γ⊢𝐺→𝐿2
•𝐴→ 𝐵→𝐶 ,Γ⊢𝐺
𝐴∧𝐵 →𝐶,Γ⊢𝐺→𝐿3
𝐴→𝐶,𝐵→𝐶,Γ⊢𝐺
𝐴∨𝐵 →𝐶,Γ⊢𝐺→𝐿4
•𝐴,Γ⊢𝐵
Γ⊢𝐴→𝐵→𝑅
𝐴,𝐵,Γ⊢𝐺
𝐴∧𝐵,Γ⊢𝐺∧𝐿
Γ⊢𝐴 Γ⊢𝐵
Γ⊢𝐴∧𝐵(∧𝑅)
•𝐴,Γ⊢𝐺 𝐵,Γ⊢𝐺
𝐴∨𝐵,Γ⊢𝐺∨𝐿
Γ⊢𝐴
Γ⊢𝐴∨𝐵∨𝑅1
Γ⊢𝐵
Γ⊢𝐴∨𝐵∨𝑅2
Proof of termination
• Weight of Proposition
– 𝑤 𝐴𝑡𝑜𝑚 𝑛 = 1
– 𝑤 ⊥ = 1
– 𝑤 𝐴 → 𝐵 = 𝑤 𝐴 + 𝑤 𝐵 + 1
– 𝑤 𝐴 ∧ 𝐵 = 𝑤 𝐴 + 𝑤 𝐵 + 2
– 𝑤 𝐴 ∨ 𝐵 = 𝑤 𝐴 + 𝑤 𝐵 + 1
• 𝐴 < 𝐵 ⇔ 𝑤 𝐴 < 𝑤(𝐵)
Proof of termination
• ordering of Proposition List
– Use Multiset ordering (Dershowitz and Manna ordering)
Multiset Ordering
• Multiset Ordering: a binary relation between multisets (not necessarily be ordering)
• 𝐴 > 𝐵 ⇔
A
B
Not empty
Multiset Ordering
• If 𝑅 is a well-founded binary relation, the Multiset Ordering over 𝑅 is also well-founded.
• Well-founded: every element is accessible
• 𝐴 is accessible : every element 𝐵 such that 𝐵 < 𝐴 is accessible
Multiset Ordering
Proof
• 1. induction on list
• Nil ⇒ there is no 𝐴 such that 𝐴 <𝑀 Nil, therefore it’s accessible.
• We will prove: 𝐴𝑐𝑐𝑀 𝐿 ⇒ 𝐴𝑐𝑐𝑀(𝑥 ∷ 𝐿)
Multiset Ordering
• 2. duplicate assumption
• Using 𝐴𝑐𝑐(𝑥) and 𝐴𝑐𝑐𝑀(𝐿), we will prove 𝐴𝑐𝑐𝑀 𝐿 ⇒ 𝐴𝑐𝑐𝑀(𝑥 ∷ 𝐿)
• 3. induction on 𝑥 and 𝐿
– We can use these two inductive hypotheses.
1. ∀𝐾 𝑦, 𝑦 < 𝑥 ⇒ 𝐴𝑐𝑐𝑀 𝐾 ⇒ 𝐴𝑐𝑐𝑀(𝑦 ∷ 𝐾)
2. ∀𝐾, 𝐾 <𝑀 𝐿 ⇒ 𝐴𝑐𝑐𝑀 𝐾 ⇒ 𝐴𝑐𝑐𝑀(𝑥 ∷ 𝐾)
Multiset Ordering
• 4. Case Analysis • By definition, 𝐴𝑐𝑐𝑀(𝑥 ∷ 𝐿) is equivalent to
∀𝐾, 𝐾 <𝑀 (𝑥 ∷ 𝐿) ⇒ 𝐴𝑐𝑐𝑀(𝐾) • And there are 3 patterns:
1. 𝐾 includes 𝑥 2. 𝐾 includes 𝑦s s.t. 𝑦 < 𝑥, and 𝐾 minus all such 𝑦 is
equal to 𝐿 3. 𝐾 includes 𝑦s s.t. 𝑦 < 𝑥, and 𝐾 minus all such 𝑦 is
less than 𝐿
• Each pattern is proved using the Inductive Hypotheses.
Decidability
• Now, decidability can be proved by induction on the size of sequent.
Implementation Detail
•
IPC Proposition (Coq)
• Inductive PProp:Set := | PPbot : PProp | PPatom : nat -> PProp | PPimpl : PProp -> PProp -> PProp | PPconj : PProp -> PProp -> PProp | PPdisj : PProp -> PProp -> PProp.
Cut-free LJ (Coq)
• Inductive LJ_provable : list PProp -> PProp -> Prop := | LJ_perm P1 L1 L2 : Permutation L1 L2 -> LJ_provable L1 P1 -> LJ_provable L2 P1 | LJ_weak P1 P2 L1 : LJ_provable L1 P2 -> LJ_provable (P1::L1) P2 | LJ_contr P1 P2 L1 : LJ_provable (P1::P1::L1) P2 -> LJ_provable (P1::L1) P2 …
Exchange rule
• Exchange rule : Γ, 𝐴, 𝐵, Δ ⊢ 𝐺
Γ, 𝐵, 𝐴, Δ ⊢ 𝐺𝑒𝑥𝑐ℎ
is replaced by more useful Γ ⊢ 𝐺
Γ′ ⊢ 𝐺𝑝𝑒𝑟𝑚𝑢𝑡𝑎𝑡𝑖𝑜𝑛
where Γ, Γ′ are permutation
Permutation Compatibility (Coq)
• Allows rewriting over Permutation equality
Instance LJ_provable_compat : Proper (@Permutation _==>eq==>iff) LJ_provable.
Permutation solver (Coq)
• Permutation should be solved automatically
Ltac perm := match goal with …
Further implementation plan
•
Further implementation plan
• Refactoring (1) : improve Permutation-associated tactics
– A smarter auto-unifying tactics is needed
– Write tactics using Objective Caml
• Refactoring (2) : use Ssreflect tacticals
– This makes the proof more manageable
Further implementation plan
• Refactoring (3) : change proof order
– Contraction first, cut next
– It will make the proof shorter
• Refactoring (4) : discard Multiset Ordering
– If we choose appropriate weight function of Propositional Formula, we don’t need Multiset Ordering. (See [Hudelmaier])
– It also enables us to analyze complexity of this procedure
Further implementation plan
• Refactoring (5) : Proof of completeness
– Now completeness theorem depends on the decidability
• New Theorem (1) : Other Syntaxes
– NJ and HJ may be introduced
• New Theorem (2) : Other Semantics
– Heyting Algebra
Further implementation plan
• New Theorem (3) : Other decision procedure
– Decision procedure using semantics (if any)
– More efficient decision procedure (especially 𝑂(𝑁 log 𝑁)-space decision procedure)
• New Theorem (4) : Complexity
– Proof of PSPACE-completeness
Source code
• Source codes are:
• https://github.com/qnighy/IPC-Coq
おわり
1. Task & Known results
2. Brief methodology of the proof
1. Cut elimination
2. Contraction elimination
3. →𝐿 elimination
4. Proof of strictly-decreasingness
3. Implementation detail
4. Further implementation plan
References
• [Dyckhoff] Roy Dyckhoff, Contraction-free Sequent Calculi for Intuitionistic Logic, The Journal of Symbolic Logic, Vol. 57, No.3, 1992, pp. 795 – 807
• [Statman] Richard Statman, Intuitionistic Propositional Logic is Polynomial-Space Complete, Theoretical Computer Science 9, 1979, pp. 67 – 72
• [Hudelmaier] Jörg Hudelmaier, An O(n log n)-Space Decision Procedure for Intuitionistic Propositional Logic, Journal of Logic and Computation, Vol. 3, Issue 1, pp. 63-75