Coq is an interactive theorem prover first released in 1989. It allows for expressing mathematical assertions, mechanically checks proofs of these assertions, helps find formal proofs, and extracts a certified program from the constructive proof of its formal specification. Coq works within the theory of the calculus of inductive constructions, a derivative of the calculus of constructions. Coq is not an

automated theorem prover Automated theorem proving (also known as ATP or automated deduction) is a subfield of automated reasoning and mathematical logic dealing with proving mathematical theorems by computer programs. Automated reasoning over mathematical proof was a maj ...

but includes automatic theorem proving tactics (

procedures Procedure may refer to: * Medical procedure * Instructions or recipes, a set of commands that show how to achieve some result, such as to prepare or make something * Procedure (business), specifying parts of a business process * Standard operati ...

) and various decision

. The

Association for Computing Machinery The Association for Computing Machinery (ACM) is a US-based international learned society for computing. It was founded in 1947 and is the world's largest scientific and educational computing society. The ACM is a non-profit professional member ...

awarded

Thierry Coquand Thierry Coquand (; born 18 April 1961 in Jallieu, Isère, France) is a professor in computer science at the University of Gothenburg, known for his work in constructive mathematics, especially the calculus of constructions. He received his Ph.D. u ...

Gérard Huet Gérard Pierre Huet (; born 7 July 1947) is a French computer scientist, linguist and mathematician. He is senior research director at INRIA and mostly known for his major and seminal contributions to type theory, programming language theory and ...

Christine Paulin-Mohring Christine Paulin-Mohring (born 1962) is a mathematical logician and computer scientist, and Professor at Paris-Saclay University, best known for developing the interactive theorem prover Coq. Biography Paulin-Mohring received her PhD in 1989 un ...

, Bruno Barras, Jean-Christophe Filliâtre, Hugo Herbelin, Chetan Murthy, Yves Bertot, and Pierre Castéran with the 2013

ACM Software System Award The ACM Software System Award is an annual award that honors people or an organization "for developing a software system that has had a lasting influence, reflected in contributions to concepts, in commercial acceptance, or both". It is awarded b ...

for Coq. Coq is a wordplay on the name of Thierry Coquand, Calculus of Constructions or "CoC" and is following the French tradition to name tools after animals (''coq'' in French meaning rooster).

Overview

When viewed as a programming language, Coq implements a

dependently typed In computer science and logic, a dependent type is a type whose definition depends on a value. It is an overlapping feature of type theory and type systems. In intuitionistic type theory, dependent types are used to encode logic's quantifiers li ...

functional programming language; when viewed as a logical system, it implements a higher-order type theory. The development of Coq has been supported since 1984 by INRIA, now in collaboration with École Polytechnique, University of Paris-Sud,

Paris Diderot University Paris Diderot University, also known as Paris 7 (french: Université Paris Diderot), was a French university located in Paris, France. It was one of the inheritors of the historic University of Paris, which was split into 13 universities in 197 ...

, and

CNRS The French National Centre for Scientific Research (french: link=no, Centre national de la recherche scientifique, CNRS) is the French state research organisation and is the largest fundamental science agency in Europe. In 2016, it employed 31,637 ...

. In the 1990s, ENS Lyon was also part of the project. The development of Coq was initiated by Gérard Huet and Thierry Coquand, and more than 40 people, mainly researchers, have contributed features to the core system since its inception. The implementation team has successively been coordinated by Gérard Huet, Christine Paulin-Mohring, Hugo Herbelin, and Matthieu Sozeau. Coq is mainly implemented in

OCaml OCaml ( , formerly Objective Caml) is a general-purpose programming language, general-purpose, multi-paradigm programming language which extends the Caml dialect of ML (programming language), ML with object-oriented programming, object-oriented ...

with a bit of C. The core system can be extended by way of a

plug-in Plug-in, plug in or plugin may refer to: * Plug-in (computing) is a software component that adds a specific feature to an existing computer program. ** Audio plug-in, adds audio signal processing features ** Photoshop plugin, a piece of softwar ...

mechanism. The name means ' rooster' in

French French (french: français(e), link=no) may refer to: * Something of, from, or related to France ** French language, which originated in France, and its various dialects and accents ** French people, a nation and ethnic group identified with Franc ...

and stems from a French tradition of naming research development tools after animals. Up until 1991, Coquand was implementing a language called the Calculus of Constructions and it was simply called CoC at this time. In 1991, a new implementation based on the extended Calculus of Inductive Constructions was started and the name was changed from CoC to Coq in an indirect reference to Coquand, who developed the Calculus of Constructions along with Gérard Huet and contributed to the Calculus of Inductive Constructions with Christine Paulin-Mohring. Coq provides a specification language called Gallina (" hen" in Latin, Spanish, Italian and Catalan). Programs written in Gallina have the weak normalization property, implying that they always terminate. This is a distinctive property of the language, since infinite loops (non-terminating programs) are common in other programming languages, and is one way to avoid the halting problem. As an example, a

proof of commutativity This article contains mathematical proofs for some properties of addition of the natural numbers: the additive identity, commutativity, and associativity. These proofs are used in the article Addition of natural numbers. Definitions This article ...

of addition on natural numbers in Coq: plus_comm = fun n m : nat => nat_ind (fun n0 : nat => n0 + m = m + n0) (plus_n_0 m) (fun (y : nat) (H : y + m = m + y) => eq_ind (S (m + y)) (fun n0 : nat => S (y + m) = n0) (f_equal S H) (m + S y) (plus_n_Sm m y)) n : forall n m : nat, n + m = m + n stands for mathematical induction, for substitution of equals, and for taking the same function on both sides of the equality. Earlier theorems are referenced showing

m = m + 0

and

S (m + y) = m + S y

Notable uses

Four color theorem and SSReflect extension

Georges Gonthier of

Microsoft Research Microsoft Research (MSR) is the research subsidiary of Microsoft. It was created in 1991 by Richard Rashid, Bill Gates and Nathan Myhrvold with the intent to advance state-of-the-art computing and solve difficult world problems through technologi ...

in Cambridge, England and Benjamin Werner of INRIA used Coq to create a surveyable proof of the

four color theorem In mathematics, the four color theorem, or the four color map theorem, states that no more than four colors are required to color the regions of any map so that no two adjacent regions have the same color. ''Adjacent'' means that two regions sh ...

, which was completed in 2002. Their work led to the development of the SSReflect ("Small Scale Reflection") package, which was a significant extension to Coq. Despite its name, most of the features added to Coq by SSReflect are general-purpose features and are not limited to the computational reflection style of proof. These features include: * Additional convenient notations for irrefutable and refutable pattern matching, on

inductive type In type theory, a system has inductive types if it has facilities for creating a new type from constants and functions that create terms of that type. The feature serves a role similar to data structures in a programming language and allows a ty ...

s with one or two constructors * Implicit arguments for functions applied to zero arguments, which is useful when programming with

higher-order function In mathematics and computer science, a higher-order function (HOF) is a function that does at least one of the following: * takes one or more functions as arguments (i.e. a procedural parameter, which is a parameter of a procedure that is itself ...

s * Concise anonymous arguments * An improved set tactic with more powerful matching * Support for reflection SSReflect 1.11 is freely available, dual-licensed under the open source

CeCILL-B CeCILL (from CEA CNRS INRIA Logiciel Libre) is a free software license adapted to both international and French legal matters, in the spirit of and retaining compatibility with the GNU General Public License (GPL). It was jointly developed by ...

or CeCILL-2.0 license, and compatible with Coq 8.11.

Other applications

CompCert CompCert is a formally verified optimizing compiler for a large subset of the C99 programming language (known as Clight) which currently targets PowerPC, ARM, RISC-V, x86 and x86-64 architectures. This project, led by Xavier Leroy, started o ...

: an optimizing compiler for almost all of the

C programming language ''The C Programming Language'' (sometimes termed ''K&R'', after its authors' initials) is a computer programming book written by Brian Kernighan and Dennis Ritchie, the latter of whom originally designed and implemented the language, as well as ...

which is largely programmed and proven correct in Coq. * Disjoint-set data structure: correctness proof in Coq was published in 2007. *

Feit–Thompson theorem In mathematics, the Feit–Thompson theorem, or odd order theorem, states that every finite group of odd order is solvable. It was proved by . History conjectured that every nonabelian finite simple group has even order. suggested using th ...

: formal proof using Coq was completed in September 2012.

References

External links

The Coq proof assistant
– the official English website
coq/coq
– the project's source code repository on GitHub
JsCoq Interactive Online System
– allows Coq to be run in a web browser, without the need for any software installation

– a library to process Coq snippets embedded in documents, showing goals and messages for each Coq sentence
Coq WikiMathematical Components library
– widely used library of mathematical structures, part of which is the SSReflect proof language
Constructive Coq Repository at NijmegenMath Classes
*{{Openhub, coq, Coq ; Textbooks

– a book on Coq by Yves Bertot and Pierre Castéran
Certified Programming with Dependent Types
– online and printed textbook by Adam Chlipala
Software Foundations
– online textbook by

Benjamin C. Pierce Benjamin Crawford Pierce is the Henry Salvatori Professor of computer science at the University of Pennsylvania. Pierce joined Penn in 1998 from Indiana University and held research positions at the University of Cambridge and the University of E ...