coq-club AT inria.fr

Subject: The Coq mailing list

List archive

Re: [Coq-Club] verified or not verified

From: Li-yao Xia <lysxia AT gmail.com>
To: coq-club AT inria.fr
Cc: fritjof <fritjof AT uni-bremen.de>
Subject: Re: [Coq-Club] verified or not verified
Date: Mon, 15 Apr 2019 07:46:51 -0400
Authentication-results: mail2-smtp-roc.national.inria.fr; spf=None smtp.pra=lysxia AT gmail.com; spf=Pass smtp.mailfrom=lysxia AT gmail.com; spf=None smtp.helo=postmaster AT mail-ua1-f66.google.com
Ironport-phdr: 9a23:w7Hh2hzsR/hFNITXCy+O+j09IxM/srCxBDY+r6Qd1OMQIJqq85mqBkHD//Il1AaPAdyCragVwLaP++C4ACpcuM7H6ChDOLV3FDY9wf0MmAIhBMPXQWbaF9XNKxIAIcJZSVV+9Gu6O0UGUOz3ZlnVv2HgpWVKQka3OgV6PPn6FZDPhMqrye+y54fTYwJVjzahfL9+Nhq7oRjMusUMn4dvLqk9xxTUrnBVf+ha2X5kKUickhrh+su85oJv/zhVt/k868NOTKL2crgiQ7dFFjomKWc15MPqtRnHUwSC42YXX3sVnBRVHQXL9Qn2UZjtvCT0sOp9wzSaMtbtTb8oQzSi7rxkRwHuhSwaKjM26mDXish3jKJGvBKsogF0zoDIbI2JMvd1Y6XQds4YS2VcRMZcTzFPDJ2yb4UPDOQPM+hXoIb/qFQSohWzHhWsCeH1xzNUmnP706833uI8Gg/GxgwgGNcOvWzSotX0LasTUfq6zK7VxjrCbvNZwyr25Y/MchEhuvGNUrNwftDKxEkgEgPKlFSQqYj/MzyJ0eQNtnGW4ux9XuyhjG4nrht+ojmpxso0lobJgZsVxkrF9SV+2Io1Kty4SFJ7Yd65C5RcrT2VN4xzQs4kXmpmuz46x6UYtZKneCUG0pcqyh7FZ/CZbYSE/AjvWeeQLDtgmn5pZLOyiwyv/US+yuDwTMi53EhQoiZbktTBsG0G2QbJ5cidUPR9+1+s2TaR2ADX7eFJOUU0mrDaK54l27Iwi4AcvVnaEi/4mUj7jbWadkoj+uiv5OTnZqvpqoWAOI9zjwHyKqUumsqhDuQkKgUCQXSX9OCm2LDg/UD1WqtGguMonqXDsZ3XJNwXpqujDA9U1oYj5Qy/DzCj0NkAmXkGLElFeR2Gj4fzIFzOL/X4Au2+g1Soijtk2/fGPrj5DpXXMnfDiKvhfap660NE1AUzyslf64tIBbEFPfL8QVT8tMfYDx88Kwy72fzrCNR71oMEWGKAGLWVMK3IsQzA2uV6KO6VIYQRpTzVKv4/5veog2Vqt0UaePyN3N4GYXfwLvVvaxGdcGH8g94pHmIDvw54R+vv3g7RGQVPbmq/CvpvrgowD5irWN+aF9KdxYeZ1SL+JaV4I2VPC1SCC3DtLtzWVPIFaSbUKchkwGVdCeqRDrQ53BTrjzfUjqJ9J7ONqCIdvJPnktNy4r+LzExgxXlPF82Yllq1YSR0k2cPHWJk2al+pQlgww7G3/YmxfNfEtNX6rVCVQJobZM=

I would say that, in a very strict sense, a "verified" program means only that some formal model of it has been constructed, and some properties have been proved about it. In such an absolute sense, the word carries very little meaning on its own.

Indeed, existing projects in formal verification vary wildly in what they model and how close the model is to reality, to achieve their diverse goals. So to make sense of what is actually verified, one has to read the details.

However, in today's world where "not verified" is the default, the "verified" label still sends a pretty strong signal, and if you assume that the authors are reasonable people, you can often guess the details to a large extent. So I think the word "verified" also carries a social connotation to be aware of.

Li-yao

On 4/14/19 6:20 PM, fritjof wrote:

Hi,

I have a question about what verified means in Coq.
The coq.io/opam repository says: written and verified in Coq

https://github.com/coq-io/opam-website/blob/master/src/View.v

But I cannot see any Theorems in this repository:
https://github.com/coq-io/opam-website/search?q=Theorem&unscoped_q=Theorem

So the question is: what does verification mean in this context?

Does the fact that something is written in Gallina also mean it
is verified, as in dependent type verification systems, like idris or agda
and theorems are only a way to proof more complex properties?

Or do I miss something?

regards,
--f.

[Coq-Club] verified or not verified, fritjof, 04/15/2019
- Re: [Coq-Club] verified or not verified, Théo Zimmermann, 04/15/2019
- Re: [Coq-Club] verified or not verified, Li-yao Xia, 04/15/2019
  - Re: [Coq-Club] verified or not verified, guillaume, 04/15/2019