Results 1  10
of
59
How to make ad hoc proof automation less ad hoc
 In ICFP
, 2011
"... Most interactive theorem provers provide support for some form of usercustomizable proof automation. In a number of popular systems, such as Coq and Isabelle, this automation is achieved primarily through tactics, which are programmed in a separate language from that of the prover’s base logic. Whi ..."
Abstract

Cited by 28 (7 self)
 Add to MetaCart
(Show Context)
Most interactive theorem provers provide support for some form of usercustomizable proof automation. In a number of popular systems, such as Coq and Isabelle, this automation is achieved primarily through tactics, which are programmed in a separate language from that of the prover’s base logic. While tactics are clearly useful in practice, they can be difficult to maintain and compose because, unlike lemmas, their behavior cannot be specified within the expressive type system of the prover itself. We propose a novel approach to proof automation in Coq that allows the user to specify the behavior of custom automated routines in terms of Coq’s own type system. Our approach involves a sophisticated application of Coq’s canonical structures, which generalize Haskell type classes and facilitate a flexible style of dependentlytyped logic programming. Specifically, just as Haskell type classes are used to infer the canonical implementation of an overloaded term at a given type, canonical structures can be used to infer the canonical proof of an overloaded lemma for a given instantiation of its parameters. We present a series of design patterns for canonical structure programming that enable one to carefully and predictably coax Coq’s type inference engine into triggering the execution of usersupplied algorithms during unification, and we illustrate these patterns through several realistic examples drawn from Hoare Type Theory. We assume no prior knowledge of Coq and describe the relevant aspects of Coq type inference from first principles.
Toward a Verified Relational Database Management System
, 2010
"... We report on our experience implementing a lightweight, fully verified relational database management system (RDBMS). The functional specification of RDBMS behavior, RDBMS implementation, and proof that the implementation meets the specification are all written and verified in Coq. Our contributions ..."
Abstract

Cited by 27 (3 self)
 Add to MetaCart
(Show Context)
We report on our experience implementing a lightweight, fully verified relational database management system (RDBMS). The functional specification of RDBMS behavior, RDBMS implementation, and proof that the implementation meets the specification are all written and verified in Coq. Our contributions include: (1) a complete specification of the relational algebra in Coq; (2) an efficient realization of that model (B+ trees) implemented with the Ynot extension to Coq; and (3) a set of simple query optimizations proven to respect both semantics and runtime cost. In addition to describing the design and implementation of these artifacts, we highlight the challenges we encountered formalizing them, including the choice of representation for finite relations of typed tuples and the challenges of reasoning about data structures with complex sharing. Our experience shows that though many challenges remain, building fullyverified systems software in Coq is within reach.
The Matita Interactive Theorem Prover
 Proceedings of the 23rd International Conference on Automated Deduction (CADE2011), volume 6803 of Lecture Notes in Computer Science
, 2011
"... Abstract. Matita is an interactive theorem prover being developed by the Helm team at the University of Bologna. Its stable version 0.5.x may be downloaded at http://matita.cs.unibo.it. The tool originated in the European project MoWGLI as a set of XMLbased tools aimed to provide a mathematicianf ..."
Abstract

Cited by 22 (10 self)
 Add to MetaCart
(Show Context)
Abstract. Matita is an interactive theorem prover being developed by the Helm team at the University of Bologna. Its stable version 0.5.x may be downloaded at http://matita.cs.unibo.it. The tool originated in the European project MoWGLI as a set of XMLbased tools aimed to provide a mathematicianfriendly webinterface to repositories of formal mathematical knoweldge, supporting advanced contentbased functionalities for querying, searching and browsing the library. It has since then evolved into a light but fully fledged ITP, particularly suited for the assessment of innovative ideas, both at foundational and logical level. In this paper, we give an account of the whole system, its peculiarities and its main applications.
An introduction to small scale reflection in Coq
 Journal of Formalized Reasoning
"... Georges Gonthier, Assia Mahboubi. An introduction to small scale reflection in Coq. Journal ..."
Abstract

Cited by 19 (7 self)
 Add to MetaCart
(Show Context)
Georges Gonthier, Assia Mahboubi. An introduction to small scale reflection in Coq. Journal
An Efficient Coq Tactic for Deciding Kleene Algebras
, 2009
"... We present a reflexive tactic for deciding the equational theory of Kleene algebras in the Coq proof assistant. This tactic relies on a careful implementation of efficient finite automata algorithms, so that it solves casual equations almost instantaneously. The corresponding decision procedure was ..."
Abstract

Cited by 19 (5 self)
 Add to MetaCart
(Show Context)
We present a reflexive tactic for deciding the equational theory of Kleene algebras in the Coq proof assistant. This tactic relies on a careful implementation of efficient finite automata algorithms, so that it solves casual equations almost instantaneously. The corresponding decision procedure was proved correct and complete; correctness is established w.r.t. any model (including binary relations), by formalising Kozen’s initiality theorem.
A tactic for deciding Kleene algebras
 In 1st Coq Workshop. Tech. Univ
, 2009
"... We present a Coq reflexive tactic for deciding equalities or inequalities in Kleene algebras. This tactic is part of a larger project, whose aim is to provide tools for reasoning about binary relations in Coq: binary relations form a Kleene algebra, where the star operation is the reflexive transiti ..."
Abstract

Cited by 13 (3 self)
 Add to MetaCart
(Show Context)
We present a Coq reflexive tactic for deciding equalities or inequalities in Kleene algebras. This tactic is part of a larger project, whose aim is to provide tools for reasoning about binary relations in Coq: binary relations form a Kleene algebra, where the star operation is the reflexive transitive closure. Our tactic relies on an initiality theorem, whose proof goes by replaying finite automata algorithms in an algebraic way, using matrices.
Metatheory à la carte
 In POPL ’13
, 2013
"... Formalizing metatheory, or proofs about programming languages, in a proof assistant has many wellknown benefits. However, the considerable effort involved in mechanizing proofs has prevented it from becoming standard practice. This cost can be amortized by reusing as much of an existing formalizat ..."
Abstract

Cited by 13 (3 self)
 Add to MetaCart
(Show Context)
Formalizing metatheory, or proofs about programming languages, in a proof assistant has many wellknown benefits. However, the considerable effort involved in mechanizing proofs has prevented it from becoming standard practice. This cost can be amortized by reusing as much of an existing formalization as possible when building a new language or extending an existing one. Unfortunately reuse of components is typically adhoc, with the language designer cutting and pasting existing definitions and proofs, and expending considerable effort to patch up the results. This paper presents a more structured approach to the reuse of formalizations of programming language semantics through the composition of modular definitions and proofs. The key contribution is the development of an approach to induction for extensible Church encodings which uses a novel reinterpretation of the universal property of folds. These encodings provide the foundation for a framework, formalized in Coq, which uses type classes to automate the composition of proofs from modular components. Several interesting language features, including binders and general recursion, illustrate the capabilities of our framework. We reuse these features to build fully mechanized definitions and proofs for a number of languages, including a version of miniML. Bounded induction enables proofs of properties for noninductive semantic functions, and mediating type classes enable proof adaptation for more featurerich languages. 1.
Type classes for efficient exact real arithmetic
 IN COQ. CORR ABS/1106.3448
, 2011
"... Floating point operations are fast, but require continuous effort by the user to ensure correctness. This burden can be shifted to the machine by providing a library of exact analysis in which the computer handles the error estimates. Previously, we provided a fast implementation of the exact real ..."
Abstract

Cited by 10 (0 self)
 Add to MetaCart
(Show Context)
Floating point operations are fast, but require continuous effort by the user to ensure correctness. This burden can be shifted to the machine by providing a library of exact analysis in which the computer handles the error estimates. Previously, we provided a fast implementation of the exact real numbers in the Coq proof assistant. This implementation incorporates various optimizations to speed up the basic operations of O’Connor’s implementation by a 100 times. We implemented these optimizations in a modular way using type classes to define an abstract specification of the underlying dense set from which the real numbers are built. This abstraction does not hurt the efficiency. This article is a substantially expanded version of (Krebbers/Spitters, Calculemus 2011) in which the implementation is extended in the various ways. First, we implement and verify the sine and cosine function. Secondly, we create an additional implementation of the dense set based on Coq’s fast rational numbers. Thirdly, we extend the hierarchy to capture order on undecidable structures, while it was limited to decidable structures before. This hierarchy, based on type classes, allows us to share theory on the naturals, integers, rationals, dyadics, and reals in a convenient way. Finally, we obtain another dramatic speedup by avoiding evaluation of termination proofs at runtime.
Formal proofs in real algebraic geometry: from ordered fields to quantifier elimination
 LMCS
"... Vol. 8 (1:02) 2012, pp. 1–40 ..."
(Show Context)