Lightweight integration of the Ergo theorem prover inside a proof assistant

Conchon, Sylvain; Contejean, Evelyne; Kanig, Johannes; Lescuyer, Stéphane

doi:10.1145/1345169.1345176

Cited by 11 publications

(16 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Indeed, we are especially interested in proving proof obligations from program verification, similar to AUFLIA and AU-FLIRA divisions of the SMT competition. Our experience with our own prover Alt-Ergo [5] is that these formulas' difficulty lies more in finding the pertinent hypotheses and lemmas' instances than in their propositional structure or the theory reasoning involved in their proofs. Consequently, these problems become rather easy as soon as we know which hypotheses and instances are sufficient for the proof.…”

Section: A Mixed Approach Based On Reflectionmentioning

confidence: 99%

“…No result has been admitted and no axioms have been assumed, therefore proofs made with our tactics are closed under context. 5 Because our development is highly modular, the procedure can be instantiated to decide boolean formulas as well as propositional formulas. We benchmarked our tactic and the different CNF conversion methods on valid and unsatisfiable formulas described by Dyckhoff [17] ; for instance holen stands for the pigeon-hole formula with n holes.…”

Section: Benchmarksmentioning

confidence: 99%

“…Finally, we compare our tactic with other methods in Sect. 5 and argue about its advantages and how they could be useful in other settings.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Improving Coq Propositional Reasoning Using a Lazy CNF Conversion Scheme

Lescuyer

Conchon

2009

Frontiers of Combining Systems

Self Cite

View full text Add to dashboard Cite

Abstract. In an attempt to improve automation capabilities in the Coq proof assistant, we develop a tactic for the propositional fragment based on the DPLL procedure. Although formulas naturally arising in interactive proofs do not require a state-of-the-art SAT solver, the conversion to clausal form required by DPLL strongly damages the performance of the procedure. In this paper, we present a reflexive DPLL algorithm formalized in Coq which outperforms the existing tactics. It is tightly coupled with a lazy CNF conversion scheme which, unlike Tseitin-style approaches, does not disrupt the procedure. This conversion relies on a lazy mechanism which requires slight adaptations of the original DPLL. As far as we know, this is the first formal proof of this mechanism and its Coq implementation raises interesting challenges.

show abstract

Section: A Mixed Approach Based On Reflectionmentioning

confidence: 99%

Section: Benchmarksmentioning

confidence: 99%

See 1 more Smart Citation

Improving Coq Propositional Reasoning Using a Lazy CNF Conversion Scheme

Lescuyer

Conchon

2009

Frontiers of Combining Systems

Self Cite

View full text Add to dashboard Cite

show abstract

“…Finally, work on integrating SMT solvers as decision procedures inside higher order logic provers include [12], [9], [4]. The main problem with these approaches is that proof generation is usually at least order of magnitude faster than proof checking inside higher order logic prover.…”

Section: Related and Future Workmentioning

confidence: 99%

“…The main problem with these approaches is that proof generation is usually at least order of magnitude faster than proof checking inside higher order logic prover. The Ergo [4] paper mentions promising preliminary results with using proof traces instead of full proofs with Coq for theory conflicts. It is possible that using traces could also work for CNF conversion and skolemization.…”

Section: Related and Future Workmentioning

confidence: 99%

Rocket-Fast Proof Checking for SMT Solvers

Moskal

Tools and Algorithms for the Construction and Analysis of Systems

View full text Add to dashboard Cite

Abstract. Modern Satisfiability Modulo Theories (SMT) solvers are used in a wide variety of software and hardware verification applications. Proof producing SMT solvers are very desirable as they increase confidence in the solver and ease debugging/profiling, while allowing for scenarios like Proof-Carrying Code (PCC). However, the size of typical proofs generated by SMT solvers poses a problem for the existing systems, up to the point where proof checking consumes orders of magnitude more computer resources than proof generation. In this paper we show how this problem can be addressed using a simple term rewriting formalism, which is used to encode proofs in a natural deduction style. We formally prove soundness of our rules and evaluate an implementation of the term rewriting engine on a set of proofs generated from industrial benchmarks. The modest memory and CPU time requirements of the implementation allow for proof checking even on a small PDA device, paving a way for PCC on such devices.

show abstract

A survey of real‐time capabilities in functional languages and compilers

Murphy

Shivkumar

Pritchard

et al. 2018

Concurrency and Computation

View full text Add to dashboard Cite

Functional programming languages play an important role in the development of correct software systems. As embedded devices become pervasive and perform critical tasks in our lives, their reliability becomes paramount. This presents a natural opportunity to explore the application of functional programming languages to systems that demand highly predictable behavior.In this paper, we explore existing functional programming language compilers and their applicability to real-time embedded systems. We do this by defining important characteristics needed by a real-time programming language and survey how well existing languages meet these characteristics. We conduct empirical analysis of language runtimes in order to assess the impact of dynamic memory management on predictability and performance. Lastly, we review different programming models for expressing real-time considerations in applications. INTRODUCTIONReal-time software is an integral part in many complex software/hardware systems that require timing guarantees in addition to traditional functional correctness guarantees. Such systems vary in nature, spanning multiple domains including industrial control, robotics, automotive, avionics, and medical devices, among others. These systems all provide services whose utility is dictated by the timeliness in which they respond to external (eg, sensor readings) and internal (eg, software events and interrupts) stimuli. Writing the software for these systems is a difficult undertaking because ensuring the system is correct requires providing predictability guarantees. This is exacerbated by the fact that most software for real-time systems is written in "low level" imperative languages.Functional languages are known for their ability to be reasoned about with respect to correctness, often with automated tools. 1-3 Given that real-time systems are frequently deployed in safety-critical and mission-critical situations, the ability to write software with a high degree of confidence in its correctness and predictability is important. Functional languages are well suited for the former task (correctness), but are not developed for the latter (predictability). Indeed, general purpose, functional programming languages are not used for developing real-time systems and there are no investigations to ensure their predictability. There are, however, many domain-specific functional languages that provide predictability for niche domains. The state of mainstream functional programming languages with respect to their ability to express and provide predictability is something we would like to investigate in this survey.One reason that functional languages are not considered for writing real-time software is because they are managed languages and automatic memory management has classically been considered unpredictable. While many may consider this a reason to reject functional programming as a target language for real-time systems development, we can instead look to managed object-oriented systems for inspiration. Indeed, the ques...

show abstract

Lightweight integration of the Ergo theorem prover inside a proof assistant

Cited by 11 publications

References 11 publications

Improving Coq Propositional Reasoning Using a Lazy CNF Conversion Scheme

Improving Coq Propositional Reasoning Using a Lazy CNF Conversion Scheme

Rocket-Fast Proof Checking for SMT Solvers

A survey of real‐time capabilities in functional languages and compilers

Contact Info

Product

Resources

About