Coq (software)

Last updated
Coq (software)
Developer(s) The Coq development team
Initial release1 May 1989;34 years ago (1989-05-01) (version 4.10)
Stable release
8.19.0 [1]   OOjs UI icon edit-ltr-progressive.svg / 24 January 2024;37 days ago (24 January 2024)
Repository github.com/coq/coq
Written in OCaml
Operating system Cross-platform
Available inEnglish
Type Proof assistant
License LGPLv2.1
Website coq.inria.fr
An interactive proof session in CoqIDE, showing the proof script on the left and the proof state on the right. Coq 8.5 stdlib proof.png
An interactive proof session in CoqIDE, showing the proof script on the left and the proof state on the right.

Coq is an interactive theorem prover first released in 1989. It allows for expressing mathematical assertions, mechanically checks proofs of these assertions, helps find formal proofs, and extracts a certified program from the constructive proof of its formal specification. Coq works within the theory of the calculus of inductive constructions, a derivative of the calculus of constructions. Coq is not an automated theorem prover but includes automatic theorem proving tactics (procedures) and various decision procedures.

Contents

The Association for Computing Machinery awarded Thierry Coquand, Gérard Huet, Christine Paulin-Mohring, Bruno Barras, Jean-Christophe Filliâtre, Hugo Herbelin, Chetan Murthy, Yves Bertot, and Pierre Castéran with the 2013 ACM Software System Award for Coq.

The name "Coq" is a wordplay on the name of Thierry Coquand, Calculus of Constructions or "CoC" and follows the French computer science tradition of naming software after animals (coq in French meaning rooster). [2] On October 11th, 2023, the development team announced that Coq will be renamed "The Rocq Prover" in the coming months, and has started updating the code base, website and associated tools. [3]

Overview

When viewed as a programming language, Coq implements a dependently typed functional programming language; [4] when viewed as a logical system, it implements a higher-order type theory. The development of Coq has been supported since 1984 by INRIA, now in collaboration with École Polytechnique, University of Paris-Sud, Paris Diderot University, and CNRS. In the 1990s, ENS Lyon was also part of the project. The development of Coq was initiated by Gérard Huet and Thierry Coquand, and more than 40 people, mainly researchers, have contributed features to the core system since its inception. The implementation team has successively been coordinated by Gérard Huet, Christine Paulin-Mohring, Hugo Herbelin, and Matthieu Sozeau. Coq is mainly implemented in OCaml with a bit of C. The core system can be extended by way of a plug-in mechanism. [5]

The name coq means 'rooster' in French and stems from a French tradition of naming research development tools after animals. [6] Up until 1991, Coquand was implementing a language called the Calculus of Constructions and it was simply called CoC at this time. In 1991, a new implementation based on the extended Calculus of Inductive Constructions was started and the name was changed from CoC to Coq in an indirect reference to Coquand, who developed the Calculus of Constructions along with Gérard Huet and contributed to the Calculus of Inductive Constructions with Christine Paulin-Mohring. [7]

Coq provides a specification language called Gallina [8] ("hen" in Latin, Spanish, Italian and Catalan). Programs written in Gallina have the weak normalization property, implying that they always terminate. This is a distinctive property of the language, since infinite loops (non-terminating programs) are common in other programming languages, [9] and is one way to avoid the halting problem.

As an example, a proof of commutativity of addition on natural numbers in Coq:

plus_comm=funnm:nat=>nat_ind(funn0:nat=>n0+m=m+n0)(plus_n_0m)(fun(y:nat)(H:y+m=m+y)=>eq_ind(S(m+y))(funn0:nat=>S(y+m)=n0)(f_equalSH)(m+Sy)(plus_n_Smmy))n:forallnm:nat,n+m=m+n

nat_ind stands for mathematical induction, eq_ind for substitution of equals, and f_equal for taking the same function on both sides of the equality. Earlier theorems are referenced showing and .

Notable uses

Four color theorem and SSReflect extension

Georges Gonthier of Microsoft Research in Cambridge, England and Benjamin Werner of INRIA used Coq to create a surveyable proof of the four color theorem, which was completed in 2002. [10] Their work led to the development of the SSReflect ("Small Scale Reflection") package, which was a significant extension to Coq. [11] Despite its name, most of the features added to Coq by SSReflect are general-purpose features and are not limited to the computational reflection style of proof. These features include:

SSReflect 1.11 is freely available, dual-licensed under the open source CeCILL-B or CeCILL-2.0 license, and compatible with Coq 8.11. [12]

Other applications

Tactic language

In addition to constructing Gallina terms explicitly, Coq supports the use of tactics written in the built-in language Ltac or in OCaml. These tactics automate the construction of proofs, carrying out trivial or obvious steps in proofs. [15] Several tactics implement decision procedures for various theories. For example, the "ring" tactic decides the theory of equality modulo ring or semiring axioms via associative-commutative rewriting. [16] For example, the following proof establishes a complex equality in the ring of integers in just one line of proof: [17] 

RequireImportZArith.OpenScopeZ_scope.Goalforallabc:Z,(a+b+c)^2=a*a+b^2+c*c+2*a*b+2*a*c+2*b*c.intros;ring.Qed.

Built-in decision procedures are also available for the empty theory ("congruence"), propositional logic ("tauto"), quantifier-free linear integer arithmetic ("lia"), and linear rational/real arithmetic ("lra"). [18] [19] Further decision procedures have been developed as libraries, including one for Kleene algebras [20] and another for certain geometric goals. [21]

See also

Related Research Articles

<span class="mw-page-title-main">Kolmogorov complexity</span> Measure of algorithmic complexity

In algorithmic information theory, the Kolmogorov complexity of an object, such as a piece of text, is the length of a shortest computer program that produces the object as output. It is a measure of the computational resources needed to specify the object, and is also known as algorithmic complexity, Solomonoff–Kolmogorov–Chaitin complexity, program-size complexity, descriptive complexity, or algorithmic entropy. It is named after Andrey Kolmogorov, who first published on the subject in 1963 and is a generalization of classical information theory.

OCaml is a general-purpose, high-level, multi-paradigm programming language which extends the Caml dialect of ML with object-oriented features. OCaml was created in 1996 by Xavier Leroy, Jérôme Vouillon, Damien Doligez, Didier Rémy, Ascánder Suárez, and others.

In mathematics and theoretical computer science, a type theory is the formal presentation of a specific type system. Type theory is the academic study of type systems.

<span class="mw-page-title-main">Isabelle (proof assistant)</span> Higher-order logic (HOL) automated theorem prover

The Isabelle automated theorem prover is a higher-order logic (HOL) theorem prover, written in Standard ML and Scala. As an LCF-style theorem prover, it is based on a small logical core (kernel) to increase the trustworthiness of proofs without requiring — yet supporting — explicit proof objects.

In programming language theory and proof theory, the Curry–Howard correspondence is the direct relationship between computer programs and mathematical proofs.

In mathematical logic and computer science, the calculus of constructions (CoC) is a type theory created by Thierry Coquand. It can serve as both a typed programming language and as constructive foundation for mathematics. For this second reason, the CoC and its variants have been the basis for Coq and other proof assistants.

<span class="mw-page-title-main">Proof assistant</span> Software tool to assist with the development of formal proofs by human-machine collaboration

In computer science and mathematical logic, a proof assistant or interactive theorem prover is a software tool to assist with the development of formal proofs by human-machine collaboration. This involves some sort of interactive proof editor, or other interface, with which a human can guide the search for proofs, the details of which are stored in, and some steps provided by, a computer.

In computer science and logic, a dependent type is a type whose definition depends on a value. It is an overlapping feature of type theory and type systems. In intuitionistic type theory, dependent types are used to encode logic's quantifiers like "for all" and "there exists". In functional programming languages like Agda, ATS, Coq, F*, Epigram, Idris, and Lean, dependent types help reduce bugs by enabling the programmer to assign types that further restrain the set of possible implementations.

In computer science, in particular in knowledge representation and reasoning and metalogic, the area of automated reasoning is dedicated to understanding different aspects of reasoning. The study of automated reasoning helps produce computer programs that allow computers to reason completely, or nearly completely, automatically. Although automated reasoning is considered a sub-field of artificial intelligence, it also has connections with theoretical computer science and philosophy.

<span class="mw-page-title-main">Agda (programming language)</span> Functional programming language

Agda is a dependently typed functional programming language originally developed by Ulf Norell at Chalmers University of Technology with implementation described in his PhD thesis. The original Agda system was developed at Chalmers by Catarina Coquand in 1999. The current version, originally known as Agda 2, is a full rewrite, which should be considered a new language that shares a name and tradition.

<span class="mw-page-title-main">Matita</span>

Matita is an experimental proof assistant under development at the Computer Science Department of the University of Bologna. It is a tool aiding the development of formal proofs by man–machine collaboration, providing a programming environment where formal specifications, executable algorithms and automatically verifiable correctness certificates naturally coexist.

Gérard Pierre Huet is a French computer scientist, linguist and mathematician. He is senior research director at INRIA and mostly known for his major and seminal contributions to type theory, programming language theory and to the theory of computation.

<span class="mw-page-title-main">ATS (programming language)</span> Programming language

In computing, ATS is a programming language designed by Hongwei Xi to unify programming with formal specification. ATS has support for combining theorem proving with practical programming through the use of advanced type systems. A past version of The Computer Language Benchmarks Game has demonstrated that the performance of ATS is comparable to that of the C and C++ programming languages. By using theorem proving and strict type checking, the compiler can detect and prove that its implemented functions are not susceptible to bugs such as division by zero, memory leaks, buffer overflow, and other forms of memory corruption by verifying pointer arithmetic and reference counting before the program compiles. Additionally, by using the integrated theorem-proving system of ATS (ATS/LF), the programmer may make use of static constructs that are intertwined with the operative code to prove that a function conforms to its specification.

<span class="mw-page-title-main">Thierry Coquand</span> French computer scientist and mathematician

Thierry Coquand is a French computer scientist and mathematician who is currently a professor of computer science at the University of Gothenburg, having previously worked at INRIA. He is known for his work in constructive mathematics, especially the calculus of constructions.

<span class="mw-page-title-main">Homotopy type theory</span> Type theory in logic and mathematics

In mathematical logic and computer science, homotopy type theory refers to various lines of development of intuitionistic type theory, based on the interpretation of types as objects to which the intuition of (abstract) homotopy theory applies.

Idris is a purely-functional programming language with dependent types, optional lazy evaluation, and features such as a totality checker. Idris may be used as a proof assistant, but is designed to be a general-purpose programming language similar to Haskell.

Univalent foundations are an approach to the foundations of mathematics in which mathematical structures are built out of objects called types. Types in univalent foundations do not correspond exactly to anything in set-theoretic foundations, but they may be thought of as spaces, with equal types corresponding to homotopy equivalent spaces and with equal elements of a type corresponding to points of a space connected by a path. Univalent foundations are inspired both by the old Platonic ideas of Hermann Grassmann and Georg Cantor and by "categorical" mathematics in the style of Alexander Grothendieck. Univalent foundations depart from the use of classical predicate logic as the underlying formal deduction system, replacing it, at the moment, with a version of Martin-Löf type theory. The development of univalent foundations is closely related to the development of homotopy type theory.

Christine Paulin-Mohring is a mathematical logician and computer scientist, and Professor Faculté des Sciences at Paris-Saclay University, best known for developing the interactive theorem prover Coq.

Lean is a proof assistant and programming language. It is based on the calculus of constructions with inductive types. It is an open-source project hosted on GitHub. It was principally developed by Leonardo de Moura while employed by Microsoft Research and now Amazon Web Services, and has had significant contributions from other coauthors and collaborators during its history.

References

  1. "Release Coq 8.19.0". 24 January 2024. Retrieved 5 February 2024.
  2. "Alternative names · coq/coq Wiki". GitHub. Retrieved 3 March 2023.
  3. "Coq roadmap 069". GitHub .
  4. A short introduction to Coq
  5. Avigad, Jeremy; Mahboubi, Assia (3 July 2018). Interactive Theorem Proving: 9th International Conference, ITP 2018, Held as ... Springer. ISBN   9783319948218 . Retrieved 21 October 2018.
  6. "Frequently Asked Questions". GitHub . Retrieved 2019-05-08.
  7. "Introduction to the Calculus of Inductive Constructions" . Retrieved 21 May 2019.
  8. Adam Chlipala. "Certified Programming with Dependent Types": "Library Universes".
  9. Adam Chlipala. "Certified Programming with Dependent Types": "Library GeneralRec". "Library InductiveTypes".
  10. Gonthier, Georges (2008). "Formal Proof—The Four-Color Theorem" (PDF). Notices of the American Mathematical Society . 55 (11): 1382–1393. MR   2463991.
  11. Gonthier, Georges; Mahboubi, Assia (2010). "An introduction to small scale reflection in Coq". Journal of Formalized Reasoning. 3 (2): 95–152. doi:10.6092/ISSN.1972-5787/1979.
  12. "The Mathematical Components Library 1.11.0". GitHub .
  13. Conchon, Sylvain; Filliâtre, Jean-Christophe (2007). "A persistent union-find data structure". In Russo, Claudio V.; Dreyer, Derek (eds.). Proceedings of the ACM Workshop on ML, 2007, Freiburg, Germany, October 5, 2007. Association for Computing Machinery. pp. 37–46. doi:10.1145/1292535.1292541.
  14. "Feit-Thompson theorem has been totally checked in Coq". Msr-inria.inria.fr. 2012-09-20. Archived from the original on 2016-11-19. Retrieved 2012-09-25.
  15. Kaiser, Jan-Oliver; Ziliani, Beta; Krebbers, Robbert; Régis-Gianas, Yann; Dreyer, Derek (2018-07-30). "Mtac2: typed tactics for backward reasoning in Coq". Proceedings of the ACM on Programming Languages. 2 (ICFP): 78:1–78:31. doi: 10.1145/3236773 . hdl: 21.11116/0000-0003-2E8E-B .
  16. Grégoire, Benjamin; Mahboubi, Assia (2005). "Proving Equalities in a Commutative Ring Done Right in Coq". In Hurd, Joe; Melham, Tom (eds.). Theorem Proving in Higher Order Logics: 18th International Conference, TPHOLs 2005, Oxford, UK, August 22–25, 2005, Proceedings. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer. pp. 98–113. doi:10.1007/11541868_7. ISBN   978-3-540-31820-0.
  17. "The ring and field tactic families — Coq 8.11.1 documentation". coq.inria.fr. Retrieved 2023-12-04.
  18. Besson, Frédéric (2007). "Fast Reflexive Arithmetic Tactics the Linear Case and Beyond". In Altenkirch, Thorsten; McBride, Conor (eds.). Types for Proofs and Programs: International Workshop, TYPES 2006, Nottingham, UK, April 18–21, 2006, Revised Selected Papers. Lecture Notes in Computer Science. Vol. 4502. Berlin, Heidelberg: Springer. pp. 48–62. doi:10.1007/978-3-540-74464-1_4. ISBN   978-3-540-74464-1.
  19. "Micromega: solvers for arithmetic goals over ordered rings — Coq 8.18.0 documentation". coq.inria.fr. Retrieved 2023-12-04.
  20. Braibant, Thomas; Pous, Damien (2010). Kaufmann, Matt; Paulson, Lawrence C. (eds.). An Efficient Coq Tactic for Deciding Kleene Algebras. Interactive Theorem Proving: First International Conference, ITP 2010 Edinburgh, UK, July 11-14, 2010, Proceedings. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer. pp. 163–178. doi:10.1007/978-3-642-14052-5_13. ISBN   978-3-642-14052-5. S2CID   3566183.
  21. Narboux, Julien (2004). "A Decision Procedure for Geometry in Coq". In Slind, Konrad; Bunker, Annette; Gopalakrishnan, Ganesh (eds.). Theorem Proving in Higher Order Logics: 17th International Conference, TPHOLS 2004, Park City, Utah, USA, September 14–17, 2004, Proceedings. Lecture Notes in Computer Science. Vol. 3223. Berlin, Heidelberg: Springer. pp. 225–240. doi:10.1007/978-3-540-30142-4_17. ISBN   978-3-540-30142-4. S2CID   11238876.
Textbooks
Tutorials
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.