Skip to Content.
Sympa Menu

coq-club - Re: [Coq-Club] Fwd: "Lean is like Coq but better"

coq-club AT inria.fr

Subject: The Coq mailing list

List archive

Re: [Coq-Club] Fwd: "Lean is like Coq but better"


Chronological Thread 
  • From: Thorsten Altenkirch <Thorsten.Altenkirch AT nottingham.ac.uk>
  • To: "coq-club AT inria.fr" <coq-club AT inria.fr>
  • Subject: Re: [Coq-Club] Fwd: "Lean is like Coq but better"
  • Date: Fri, 3 Jan 2020 15:54:37 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=exmail.nottingham.ac.uk; dmarc=pass action=none header.from=exmail.nottingham.ac.uk; dkim=pass header.d=exmail.nottingham.ac.uk; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=L30aKLBbGfZUpnr7jdhIvUAALRFmOeUAseHoKQ61IEM=; b=Tsr2vRgM8Q1eBtuz9gCrPmZRtY6g5QlyE3fDhbyAlyvDxMwYkfEFQjLCn0GmduS0Lm+vOYee3kBBq3Q26W2r2axuCtrKvU+BJIPaLanUBhJxx/2FFA6GAAoEkMNHbjWUSTZSydIoVmEpe7uh6YIIf8XyvyZmkU1534sunAQyrJRxvbM+CokVFmcZWTa1s2fCcuqogCFCmzhe43/hTnVL/YDiFW7FXXXtjyo+Y8BmHHWUtAFonlfw/D67vhSRxdtejYNNV2CAGSFHUcUg/xcm1trds+cGnwvN/QTG3yur4AHio27SLBG2vvCq0/Ft1/cQqgtovVdlHfRytiorMNMbLg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ll9vcwK2rYCokcMOSpSvYodF9N141M4ZDXpTGoKTMJMdlg6GasER9NrG49KIP+P0BLUOfG88H3cXSPZNyU2eAs/aJKYP7iYfXIwNlJtOj32Y5//z7wP6ZSBAEYoGLOb27Rtd1R/1AJNRKrQWFuGfMTUZDm3mgQmip0QCvBUGWgehkAW+xWzT1mK5ROcSqbz/S6jUmOljGtwqONl5Meh0iP9bjPJtgVzv7Y6m9J7sWyk5PFQZ6cr930WzkCUYc3r4Frg3yfguljCguNbbjtz3sVsPR9opNlLvfTQdcgJFny/vW8uA/MOLGHELVu5w9eGfoJvcv8HTWFpb4Xrz+S5EcQ==
  • Authentication-results: mail2-smtp-roc.national.inria.fr; spf=None smtp.pra=Thorsten.Altenkirch AT nottingham.ac.uk; spf=Pass smtp.mailfrom=Thorsten.Altenkirch AT nottingham.ac.uk; spf=None smtp.helo=postmaster AT uidappmx05.nottingham.ac.uk
  • Ironport-phdr: 9a23:RfyFtRAXCw1qbmi9JxiOUyQJP3N1i/DPJgcQr6AfoPdwSPX5ocbcNUDSrc9gkEXOFd2Cra4d0KyM7/urCTVIyK3CmUhKSIZLWR4BhJdetC0bK+nBN3fGKuX3ZTcxBsVIWQwt1Xi6NU9IBJS2PAWK8TW94jEIBxrwKxd+KPjrFY7OlcS30P2594HObwlSizexfL1/IA+ooQjeuMQajohvJrsswRbVv3VEfPhby3l1LlyJhRb84cmw/J9n8ytOvv8q6tBNX6bncakmVLJUFDspPXw7683trhnDUBCA5mAAXWUMkxpHGBbK4RfnVZrsqCT6t+592C6HPc3qSL0/RDqv47t3RBLulSwKMSMy/mPKhcxqlK9VoAyvqQFjw4DaY4+VOvhxfqLBct0VSmVMRdpRWDdEAo+gc4cDE+gMMOBFpIf9vVsOqh6+CBGyCuPvzT9InGT23bEk3OQnDArLwAggH84Qv3TSr9X1Nb0SXvy1zKLVyjjNcfNW2TDn6IjTbhAuv/eMUahsfMrV1UkgCQXFjlaRqYz/IzyV1v8As26c7+p8SeKvimgnqw5xoje1w8cgkJPGiZ4PxlDZ9iV02YA4LsC7Rk5jedOoDYVcuiKAO4doTc4vTXtktSk0x7EcpJK3YisHxIwkyhPecfCLbYuF7gj9WOqPIDp0nm9pdbGhixqq/0iv1O7xWtWx3VtPsiVIkdnBu38I2hHS7sWKRedy80Kv2TmTygzf9uRJLlwvmqXBMZEsxKM7mIAJvkTZBCD2nV37jK+IeUUg/eil8/nnYrT7qZCGL490kgT+M6sylsG/G+g4NA8OX3SH+eS90r3j8k35T69PjvEsiKbWrIrWJdkYpqKhAg9V1Jgs6wqnAju7ztgVnmMLIExKdR+JlYTkNF/DLOrlAfuhgFmgiDJryOrHPr3lDJXNNH/DkLL5cLhj605czxAzzctD551KDLENOu7+WkvttNPGCB85MA20w/z7B9V9zY4eX2WPArOFMKPTt1+I6eIvLPOJZIMPojnyN+Ip5+PtjXMhg18SYbGp3YcLaHC/BvlpP0KZYWP1jtgdFWcKoxExQffxiFyCVD5Tf2y9U7g95jE9EoKmDJ3MSpqjgLybj2+HGcgcbWdfT1uIDH3AdoOeWv5KZjjYaptqlSVBXry8Qacg0wuvvUn00ew0APDT/3gktZX5z8R44aX6kQ0/8z91Fc+dmzWxT2ZuhX8FQXkf2Lxyp0980FyD+a5/n+BZE9NT7vYPWwx8KJ2KnL8yMMz7Rg+UJoTBc12hWNjzWWhgHOJ0+McHZgNGI/vnixnC2ySwBLpMx+6NA4Ao86TT33H0Yc92jWvFhvB40gsWB/BXPGjjvZZRsgjeA4mTwheElqqjbbwZzHaQsmGE0XaPuk5YWQs2WK6DQHNNPhKK/+S83VvLSvqVMZpiKhFIkJ7QLKxWdtzvglVPQbHqM5LDYDDplg==
Quotient reasoning isn’t used enough in program verification because we are
used to think in terms of syntax missing many tricks which are based on a
more semantic perspective and which lead to nicer structures. An example is
the treatment of non-termination which is often addressed by some fuel based
approach. We have shown that non-termination is a monad given by the free
omega-cpo over a given set (in the sense of HoTT) using a quotient inductive
type. More needs to be done but there is the potential to actually use the
ideas from domain theory in practical program verification.

Sent from my iPhone

> On 3 Jan 2020, at 13:34, Adam Chlipala
> <adamc AT csail.mit.edu>
> wrote:
>
> On 1/3/20 7:37 AM, Thorsten Altenkirch wrote:
>> Both Coq and Lean fail in properly supporting structures with a
>> non-trivial equality. Lean doesn’t really offer an answer to setoid hell
>> but just adds quotients as an axiomatic principle with no computational
>> explanation. This is despite us knowing since a while (I wrote a paper on
>> this in ’99) how to turn setoid hell into setoid heaven by working within
>> the setoid model: that is if you want to talk about setoids all the time
>> just accept that every type comes with its own eqaulity and build your
>> type theory around this.
> I think one factor that might lead to surprisingly different perspectives
> from different people in this discussion is that, as far as I can tell,
> quotient reasoning is much more common in pure math than in program
> verification. Yes, it comes up often enough that everyone working on
> program verification has used it in a few projects, but it hardly seems to
> rise to the level of an essential foundation for all work (which raises
> questions of whether it is worth complicating the core type theory to
> support, expanding the trusted base). I don't think too many
> program-verification projects are avoiding quotient reasoning because it is
> awkward rather than just not especially applicable.



This message and any attachment are intended solely for the addressee
and may contain confidential information. If you have received this
message in error, please contact the sender and delete the email and
attachment.

Any views or opinions expressed by the author of this email do not
necessarily reflect the views of the University of Nottingham. Email
communications with the University of Nottingham may be monitored
where permitted by law.





Archive powered by MHonArc 2.6.18.

Top of Page