440 likes | 574 Views
From Proof Animation to Limit-Computable Mathematics. Susumu Hayashi Kobe University. PA workshop Kyoto 2001/01/10,11. This is a joint work with Yoji Akama, Tohoku Univ. Hajime Ishihara, JAIST Shyun-ichi Kimura, Hiroshima Univ. Ulrich Kohlenbach, BRICS Masahiro Nakata, Kobe Univ.
E N D
From Proof Animation toLimit-Computable Mathematics Susumu Hayashi Kobe University PA workshop Kyoto 2001/01/10,11
This is a joint work with Yoji Akama, Tohoku Univ. Hajime Ishihara, JAIST Shyun-ichi Kimura, Hiroshima Univ. Ulrich Kohlenbach, BRICS Masahiro Nakata, Kobe Univ. Mariko Yasugi, Kyoto Sangyo Univ.
test of programs verification of programs = X proof checking Towards Animation of Proofs –testing proofs by examples-, Hayashi, et al., TCS, in print. Available from my home page. X = test of proofs Synonym: Proof animation Analogy to specification animation of formal methods
Why Proof Animation? • It’s a “contraposition” of the developments of correct programs by program extraction. • If something is wrong with the extracted program, then something is wrong with the original proof. • Normally, the proofs tested are incomplete proofs under development. • We can find bugs in goals, subgoals, definitions and strategies of proofs before we go far into the development of proofs.
What is “test of proof”?: An Example -- ASSUMPTION -- There is a bag. And some white or black marbles are in it. -- CONCLUSION -- All marbles in the bag are of the same color. This is wrong. However, we prove it by mathematical induction!
group A a1, a2, ・・・, an, an+1 group B Proof of the theorem • Base case n=1 is easy • The induction step • The theorem holds for group A and B, since they have only n marbles. All the marbles are of the same color, since they share an. What is wrong?
Animation of the “proof” Animating the proof by an applet Just click the button.
Systematic proof animation • The applet was written by hands. • Automatic generation of such an applet from a proof is the ultimate goal of Proof Animation project. • graphics animation library • Generation of algorithm from proof by Curry-Howard
Proof animation of classical proofs • Classical reasoning is used even in finite mathematics. • Thus, classical “proof execution” principles such as lm-calculus and double negation translation+A-translation must be used for proof animation.
Accountability of proof execution • A “proof execution” principle with the following two criteria is said accountable: • computational contents (programs) associated to proofs are legible. • association between proofs and programs is legible.
Accountability of proof execution is indispensable for proof animation • Finding bugs of a proof by its execution is understanding proofs by understanding the execution. • Thus associated computational contents and the association must be legible as the case of applet for the puzzle.
Almost accountable interpretation: Berardi’s approximation theory • Almost all proof execution methods for classical logic do not meet the criteria. • But Berardi’s approximation interpretation for classical proofs meets the first criteria for some examples: • Minimal value of numerical functions ForAll f Nat ->Nat.Exists n:Nat. ForAll x:Nat.f(n) is smaller than or equal to f(x). • an semi-algorithm is extracted from a classical proof of the theorem.
Berardi’s semi-algorithm extracted • Regard the function f as a stream f(1), f(2), f(3),… • Have a box of a natural number. • Put f(1) in the box. • Compare the content of the box with the next element of the stream. If the new one is smaller than the number in your box, put the new one in the box.Repeat it infinitely. • Caution: this is a little bit incorrect argument
In what sense the semi-algorithm compute the answer? • The process does not stop. • But your box will eventually contain the correct answer and then the content will never been changed. • In this sense, this non-terminating process computes the right answer in the limit. • You will have a right answer, but you will never know when you got it.
Second criteria? • This explanation of Berardi’s algorithm is enough for the first criteria of accountable proof execution. • But, unfortunately, it is not straight-forward to see how this explanation is obtained from his interpretation applied to the proof of the minimum value theorem. No second criteria.
A solution to the problem of accountable classical proof execution • There might be no accountable proof execution for allclassical proofs. • Thus, find a fragment F of classical mathematics such that • proof execution for F is accountable. • Enough mathematics can be done in F.
Learning Theory gives such a fragment: Gold’s argument • Berardi’s argument is the same as the central idea of Algorithmic Learning Theory • pointed out by Yamamoto • Paulin’s related comment on LPO • Gold’s theory of Limiting Recursion in JSL. 1965: a seminal work of learning theories.
Limiting Recursive Function • f(x)= limng(x,n), then f is called limiting recursive, when g is recursive. • g(x,1), g(x,2), … is guessing (learning) the value of f(x). • g is called a guessing function of f • Berardi’s semi-algorithm is a function guessing the minimum value of the function f.
LCM: Limit-Computable Mathematics • A fragment of classical mathematics whose BHK-interpretation is realized by limiting recursive functions rather than recursive functions. • A formalization: constructive formal theories enhanced with S02 –DNE.
How this idea came out?: Hilbert’s finite basis theorem • In his 1890 proof of the finite basis theorem, D. Hilbert used the same semi-algorithm as Berardi’s. And this was called “theology” by Gordan. • It solved Gordan’s problem: one of the first successes of transfinite mode of thought in modern algebra. • I was studying the paper as an far origin of “Hilbert program”
Hilbert’s argument 1890,1897 (1) • In his 1890 paper and 1897 lectures at Goettingen, Hilbert was arguing almost the same as Berardi did!! • It is the point Gordan was against(a letter from Gordan to Klein, Feb.24,1890): It does not satisfy the requirements of recursive proofs. No, full and clear arrangement (Einteilung) of forms.
Hilbert’s argument 1890,1897 (2) • Because, it was a proof by limit-argument! • Hilbert was proving a version of finite basis theorem. In a modern terminology. Every ideal of homogeneous polynomials with many (but fixed) variables are finitely generated. • But he formulated it by means of stream and argue as Berardi or Gold.
The proof by limit-arguments 1890,1897 (4) • He prove it by induction on the numbers of variables. The most impressive is the base case. • A stream of 1-variable forms are c1xr1, c2xr2,…. • The basis is a single form crxr s.t. r is the minimum of r1, r2,… • He argued as follow…. (From, David Hilbert, “Theory of Algebraic Invariants”, pp. 126-7, Cambridge Univ. Press)
The proof by limit-arguments 1890,1897 (5A) • Let c1xr1 be the first form of the sequence with a coefficient different from zero. • We then look for the next form in the sequence whose order is less then r1; • if there is no such form, we retain c1xr1. • But…
The proof by limit-arguments 1890,1897 (5B) • But if there is one, say c2xr2, then we proceed to the next form in the sequence whose order is less than r2. • If we continue in this manner, then we finally arrive at a form cixri=Fm in the sequence with the property that none of the subsequent forms have order less than ri. • Every form is then divisible by Fm…
To formal businesses! • I will explain formal developments of LCM and its realizability by the paper distributed on white boards. • The paper: Limiting first order realizabiliy interpretation, by Nakata and Hayashi • Warning! The paper was just submitted for publication.Not yet accepted. The running head is a dummy.
Semi-classical principles • S0n-LEM (Law of Excluded Middle):Exists x.Aor not Exists x.Afor P0n-1-formula A. • P0n-LEM: ForAll x.Aor not ForAll x.Afor S0n-1-formula A. • S0n-DNE (Double Negation Elimination):(not not Exists x.A) implies Exists x.Afor P0n-1-formula A.
Why these principles? • Limiting recursive functions are equivalent to D02-functions by Shoenfield’s limit lemma: • a set is D0n+1-set iff its characteristic function g(x) is defined as g(x)=limt1・・・ limtnf(t1,・・・, tn,x), where f is primitive recursive.
Relations to existing principles • S01-LEM is LPO (limited principles of omniscience) without function variables. • P01-LEM is weak LPO without function variables. • S01-DNE is Markov’s principle for recursive predicates. • Note: They are not equivalent to LPO and WLPO since they do not have function variables. No repetition!
The implications of → are provable in HA S02–LEM P02–LEM D02–LEM The implications of → are not provable in HA S01–LEM P01–LEM D01–LEM The hierarchy of the semi-classical principles up to n=2 S02–DNE S01–DNE The two starred → are difficult and due to U. Kohlenbach. HA |-
Limiting realizability and S02-DNE • HAL=HA+ S02-DNE (HA with Limit) • Kleene-realizability with limiting recursive functions realizes HAL. • This gives an accountable semi-classical proof execution method. • Then next criteria: enough mathematics?
An example of LCM: Hilbert’s invariant theory • In his 1890 proof of the finite basis theorem, D. Hilbert used the same semi-algorithm as Berardi’s. And this was called “theology” by Gordan. • It solved Gordan’s problem: one of the first successes of transfinite mode of thought in modern algebra. • His proof is formalizable in HAL(f).
Analysis? • The classical theorems provable only in approximated forms in Bishop constructive mathematics seem provable in LCM in exact forms, i.e., without using approximation. • Examples: Hahn-Banach theorem, ergodic theorem, minimum value theorem, etc.etc.
LCM will be the fragment! • Proof animation by LCM • LCM has an accountable computational interpretation by learning processes or approximation. • Yet to be shown enough for many mathematics, but very promising. • It’s interesting by its own sake and is related to many other areas.
LCM: results and conjectures I • Many theorems of 19th and early 20th centuries math. will be provable in LCM including Hahn-Banach, etc. • Even many statements in such math will be P03. (Berardi) • Formal theories for such a higher order LCM are necessary.
LCM: results and conjectures II • Almost all abstract computable calculi will be closed under “limiting”-construction. • Two positive answers • w-BRFT (Nakata & Hayashi) • PCA (Akama) • Yet to know for type theories • Practical implication: e.g. Lim(Coq) is directly coded in Coq. No change of Coq kernel for proof animation.
LCM: results and conjectures III • Such a limiting-construction will be explained by some “internal” construction in W-valued sets, where W is the complete Heyting algebra of co-finite subsets of w. Akama’s construction. • A relation to finitely presented categories? • Markov’s rule for P0n-formulas (admissible rule of S0n+1-DNE) holds for HA+S0n-LEM (conjectured by Berardi for n=1 case and proved by Hayashi).
LCM: results and conjectures IV • Some computability theories over reals will be related to LCM. • computable functions of BSS theory is in a sense limiting recursive. • Yasugi’s argument of computability of Gaussian function can be explained by limit process. • The other way around, LCM will be explained by these theories alike.
A future work: calculus of limiting processes • Each limiting recursive function has only one Limit. • Hilbert’s proof suggests that each instance of LEM corresponds to a limit-process generating a stream of guesses. • Since some LEM’s are used in the proof, the limit computation associated to Hilbert’s proof will be understood as a net of communicating limit-processes.
A future work: calculus of limiting processes (continued) • It is easy to have a clear and intuitive picture of such a communication in mind just by looking at Hilbert’s proof. • We need a formal calculus for such a communication and its implementation for practical proof animation of Hilbert’s proof and others.
Other future works • “reverse mathematics” of transcendency • the proper logic of LCM • relations to • learning theory and recursion theory:degrees of unsolvability, Boolean hierarchy, etc. • numerical analysis • computer algebra (Sturmfels’ work)
Other future works (continued) • Etc. etc. • I will make their list and put it at my homepage in a month: • http://alan.scitec.kobe-u.ac.jp/~hayashi