To play this document inside your browser use ALT-N and ALT-P. You can save your edits inside your browser and load them back (edits are also saved when you close the window). Finally you can download the file for offline editing.

From Coq Require Import ZifyClasses ZArith_base.
From elpi Require Import elpi.
From HB Require Import structures.
From mathcomp Require Import all_ssreflect ssralg ssrnum ssrint rat intdiv.
From mathcomp Require Import ssrZ zify ring lra.

Set Implicit Arguments.
Unset Strict Implicit.
Unset Printing Implicit Defensive.

Import GRing.Theory.

Local Delimit Scope Z_scope with coqZ.

Lesson 8: Proof automation

Goals

This lecture explains how to use proof-automation tactics in MathComp
... and how to implement such proof-automation tactics for MathComp, but very briefly (because this is still an active research subject and intricate.)

Tools we use

The Mczify library adapts the lia and nia tactics to MathComp.
- This adaptation is done by relying on the zify tactic, which provides an extensible preprocessing facility for the lia tactic.
The Algebra Tactics library provides a reimplementation of ring, field, lra, nra, and psatz tactics for MathComp.
- These tactics (lia too) use large-scale Boolean reflection (cf. Lesson 1): they have proof procedures implemented in Coq, and run them inside the Coq kernel to check that the goal propositions hold.
- This reimplementation is done by reimplementing reification procedures in Coq-Elpi and reusing the proof procedures bundled in Coq. A reification procedure is a meta-function that takes the goal and produces a syntax tree representing the goal, that we can manipulate inside Coq. Coq-Elpi allows us to write Coq plugins in Elpi, a dialect of a higher-order logic programming language called λProlog.

`lia`: linear integer arithmetic (a.k.a. Presburger arithmetic) solver

This tactic provides a certifying decision procedure for quantifier-free linear integer arithmetic.

Goal forall m n : nat, n <= m -> n.*2 <= m + n.
Proof.
lia.
(*
move=> m n lenm.
Zify.zify.
lia.
*)
Qed.

Goal forall m n : int, (n <= m -> n * 2 <= m + n)%R.
Proof. lia. Qed.

(* A complicated example taken from the Coq reference manual. *)
Goal forall m n : int,
  (27 <= 11 * m + 13 * n <= 45)%R -> (-10 <= 7 * m - 9 * n <= 4)%R -> False.
Proof. lia. Qed.

The zify and lia tactics support some bool operators.

Goal forall m n : nat, (n <= m) = ~~ (m.*2 < n.*2).
Proof. lia. Qed.

Some advanced features of the `lia` tactic

The lia tactic performs normalization with respect to (semi)ring axioms, and can actually solve some non-linear problems.

Goal forall m n : nat, m * n = n * m.
Proof. lia. Qed.

Goal forall m n : nat, (m + n) ^ 2 = m ^ 2 + n ^ 2 + 2 * m * n.
Proof. lia. Qed.

The Mczify library also pre-processes Euclidean division and the divisibility relation.

Goal forall m : nat, m %/ 2 <= m.
Proof.
lia.
(*
move=> m.
Zify.zify.
lia.
*)
Qed.

Goal forall m : nat, 6 %| m -> 4 %| m -> 12 %| m.
Proof. lia. Qed.

Goal forall m : nat, (6 %| m) && (4 %| m) = (12 %| m).
Proof. lia. Qed.

`nia`: non-linear integer arithmetic solver

The nia tactic is an extension of the lia tactic that allows for some non-linear reasoning by propagating positivity and negativity conditions through multiplication and exponentiation.

Goal forall m n : int, (0 <= m -> 0 <= n -> 0 <= m * n)%R.
Proof. nia. Qed.

Goal forall (m : int) (n : nat), (0 <= (m ^+ 2) ^+ n)%R.
Proof. nia. Qed.

Goal forall m n : nat, n <= m -> n ^ 2 <= m * n.
Proof. nia. Qed.

Goal forall m n p : int,
  (0 <= n)%R -> (m %/ (n * p))%Z = ((m %/ n) %/ p)%Z.
Proof.
(* Too slow in jsCoq: *)
(* nia. *)
Abort.

Instructing the `zify` tactic to pre-process new arithmetic operators

The zify and lia tactics do not recognize user-defined operators out of the box:

Definition triple (n : nat) : nat := n * 3.

Goal forall n, triple (triple n) = n * 9.
Proof.
Fail lia.
Zify.zify.
Abort.

Declare an instance of type UnOp triple, and register it through the Add Zify UnOp command:

Fact Op_triple_subproof (n : nat) : Z.of_nat (triple n) = (3 * Z.of_nat n)%coqZ.
Proof. rewrite /triple; lia. Qed.

#[global]
Instance Op_triple : UnOp triple :=
  { TUOp := Z.mul 3; TUOpInj := Op_triple_subproof }.
Add Zify UnOp Op_triple.

Then, the zify tactic starts recognizing the new operator triple:

Goal forall n, triple (triple n) = n * 9.
Proof. lia. Qed.

`ring`: polynomial equation solver

This tactic provides a certified decision procedure for polynomial equations over commutative rings.

Goal forall a b : int, ((a + b) ^+ 2 = a ^+ 2 + b ^+ 2 + 2 * a * b :> int)%R.
Proof. move=> a b; ring. Qed.

It works for any abstract or concrete commutative rings:

Goal forall a b : rat, ((a + b) ^+ 2 = a ^+ 2 + b ^+ 2 + 2 * a * b :> rat)%R.
Proof. move=> a b; ring. Qed.

Goal forall (R : comRingType) (a b : R),
    ((a + b) ^+ 2 = a ^+ 2 + b ^+ 2 + 2 * a * b :> R)%R.
Proof. move=> R a b; ring. Qed.

Goal forall (R : comRingType) (a : R) (b : R * int),
    (((a, 1) + b) ^+ 2 = (a, 1) ^+ 2 + b ^+ 2 + 2 * (a, 1) * b :> R * int)%R.
Proof. move=> R a b; ring. Qed.

Some advanced features of the `ring` tactic

The ring tactic can prove polynomial equations modulo monomial equalities:

Goal forall a b : int, (a * b = 15 -> (a + b) ^+ 2 = a ^+ 2 + b ^+ 2 + 30)%R.
Proof.
move=> a b H.
ring: H.
Qed.

The Algebra Tactics library implements preprocessors to push down homomorphism applications:

Goal forall (R : ringType) (S : comRingType) (f : {rmorphism R -> S}) (a b : R),
    (f ((a + b) ^+ 2) = f a ^+ 2 + f b ^+ 2 + 2 * f a * f b)%R.
Proof.
move=> R S f a b.
rewrite rmorphX rmorphD. (* This line can be removed. *)
ring.
Qed.

`field`: rational equation solver

This tactic provides a certified decision procedure for rational equations over fields.

Goal forall (F : fieldType) (x : F),
    (x != 0 -> (1 - 1 / x) * x - x + 1 = 0)%R.
Proof.
move=> F x x_neq0.
field.
(*
The field tactic leaves a proof obligation saying that the denominators in the
input are non-zero.
*)
exact: x_neq0.
Qed.

Goal forall (F : fieldType) (n : nat),
    (n%:R != 0 :> F -> (2 * n)%:R / n%:R = 2 :> F)%R.
Proof.
move=> F n n_neq0.
field.
exact: n_neq0.
Qed.

For a partially ordered field (numFieldType), non-nullity conditions of the form n%:R != 0 and n%:~R != 0 where n is a non-zero constant are trivial, and thus are not generated.

Goal forall (F : numFieldType) (x : F), ((x / 2) * 2)%R = x.
Proof.
move=> F x.
field.
by [].
Qed.

As in the ring tactic, the field tactic supports homomorphisms and reasoning modulo monomial equalities.

`lra` and `nra`: linear and non-linear real arithmetic

NB: The support for the lra and nra tactics in Algebra Tactics is experimental for the moment.

Goal forall (x y : int), (y <= x -> 0 <= x -> y <= x * 2)%R.
Proof. move=> R x y; lra. Qed.

For realFieldTypes, division and multiplicative inverse are avairable.

Goal forall (x y : rat), (y <= x -> 0 <= x -> y / 2 <= x)%R.
Proof. move=> R x y; lra. Qed.

These tactics work for any abstract or concrete realDomainType or realFieldType.

Goal forall (R : realDomainType) (x y : R),
  (x + 2 * y <= 3 -> 2 * x + y <= 3 -> x + y <= 2)%R.
Proof. move=> R x y; lra. Qed.

How do they work? -- proof by large-scale reflection

We first prove the following reflection lemma (but do not try to understand the formal statement and proof).

Import Ring_polynom.

Lemma ring_correct
  (R : comRingType)
  (* `l` below is called a variable map, whose i-th item gives the            *)
  (* interpretation of the variable i.                                        *)
  (l : seq R)
  (* `pe1` and `pe2` below are polynomial expressions with integer            *)
  (* coefficients, representing the LHS and RHS of the equation to prove.     *)
  (pe1 pe2 : PExpr Z) :
  (* If `pe1` and `pe2` normalized to polynomials (in horner normal form) are *)
  (* equal,                                                                   *)
  Peq Z.eqb (norm_subst 0%R 1%R Z.add Z.mul Z.sub Z.opp Z.eqb
               (triv_div 0%R 1%R Z.eqb) 0 [::] pe1)
            (norm_subst 0%R 1%R Z.add Z.mul Z.sub Z.opp Z.eqb
               (triv_div 0%R 1%R Z.eqb) 0 [::] pe2) ->
  (* `pe1` and `pe2` interpreted as values of the ring `R` are equal.         *)
  PEeval 0%R 1%R +%R *%R (fun x y => (x - y)%R) -%R%R
    (fun n => ((int_of_Z n)%:~R)%R) id (fun x n => (x ^+ N.to_nat n)%R) l pe1 =
  PEeval 0%R 1%R +%R *%R (fun x y => (x - y)%R) -%R%R
    (fun n => ((int_of_Z n)%:~R)%R) id (fun x n => (x ^+ N.to_nat n)%R) l pe2.
Proof. exact: (@Internals.Rcorrect R 0 l [::]). Qed.

Let us apply the above lemma to the example below.

Goal forall a b : int, ((a + b) ^+ 2 = a ^+ 2 + b ^+ 2 + 2 * a * b :> int)%R.
Proof.
move=> a b.
(* Variable map:                                                              *)
pose l := [:: a; b].
(* Polynomial expressions representing the LHS and RHS, where numbers `1` and *)
(* `2` given as arguments of `PEX` represents 1st and 2nd variables, namely,  *)
(* `a` and `b`:                                                               *)
pose pe1 : PExpr Z := PEpow (PEadd (PEX _ 1) (PEX _ 2)) 2.
pose pe2 : PExpr Z := PEadd (PEadd (PEpow (PEX _ 1) 2) (PEpow (PEX _ 2) 2))
                        (PEmul (PEmul (PEc 2%coqZ) (PEX _ 1)) (PEX _ 2)).
(* Apply the reflection lemma with the variable map and polynomial            *)
(* expressions given above:                                                   *)
apply: (@ring_correct _ [:: a; b] pe1 pe2).
(* By reducing some subterms, we notice that we are comparing the same normal *)
(* form:                                                                      *)
rewrite /norm_subst [p1 in Peq _ p1 _]/= [p2 in Peq _ _ p2]/=.
(* Actually, the entire goal reduces to `true`:                               *)
rewrite /=.
by [].
Qed.

The only missing piece in turning this methodology into a fully-automated tactic is how to obtain the variable map and the polynomial expressions from the goal, which is called reification.

A takeaway

A better understanding of the principles of MathComp leads us to better design and implementation of tools for MathComp. In my opinion, the principles of MathComp are that:

relying on the computational power of the logic (dependent type theory) makes formal proofs easier and more efficient to check, and
to properly do so, we have to carefully design computational behaviors of our definitions.

Lesson 8: Proof automation

Goals

Tools we use

lia: linear integer arithmetic (a.k.a. Presburger arithmetic) solver

Some advanced features of the lia tactic

nia: non-linear integer arithmetic solver

Instructing the zify tactic to pre-process new arithmetic operators

ring: polynomial equation solver

Some advanced features of the ring tactic

field: rational equation solver

lra and nra: linear and non-linear real arithmetic