Results 1  10
of
19
Fast Reflexive Arithmetic Tactics the linear case and beyond
 in &quot;Types for Proofs and Programs (TYPES’06)&quot;, Lecture Notes in Computer Science
, 2006
"... Abstract. When goals fall in decidable logic fragments, users of proofassistants expect automation. However, despite the availability of decision procedures, automation does not come for free. The reason is that decision procedures do not generate proof terms. In this paper, we show how to design ef ..."
Abstract

Cited by 27 (5 self)
 Add to MetaCart
(Show Context)
Abstract. When goals fall in decidable logic fragments, users of proofassistants expect automation. However, despite the availability of decision procedures, automation does not come for free. The reason is that decision procedures do not generate proof terms. In this paper, we show how to design efficient and lightweight reflexive tactics for a hierarchy of quantifierfree fragments of integer arithmetics. The tactics can cope with a wide class of linear and nonlinear goals. For each logic fragment, offtheshelf algorithms generate certificates of infeasibility that are then validated by straightforward reflexive checkers proved correct inside the proofassistant. This approach has been prototyped using the Coq proofassistant. Preliminary experiments are promising as the tactics run fast and produce small proof terms. 1
Proving bounds on realvalued functions with computations
 4th International Joint Conference on Automated Reasoning. Volume 5195 of Lecture Notes in Artificial Intelligence
, 2008
"... Abstract. Intervalbased methods are commonly used for computing numerical bounds on expressions and proving inequalities on real numbers. Yet they are hardly used in proof assistants, as the large amount of numerical computations they require keeps them out of reach from deductive proof processes. ..."
Abstract

Cited by 18 (3 self)
 Add to MetaCart
(Show Context)
Abstract. Intervalbased methods are commonly used for computing numerical bounds on expressions and proving inequalities on real numbers. Yet they are hardly used in proof assistants, as the large amount of numerical computations they require keeps them out of reach from deductive proof processes. However, evaluating programs inside proofs is an efficient way for reducing the size of proof terms while performing numerous computations. This work shows how programs combining automatic differentiation with floatingpoint and interval arithmetic can be used as efficient yet certified solvers. They have been implemented in a library for the Coq proof system. This library provides tactics for proving inequalities on realvalued expressions. 1
Formal global optimisation with Taylor models
 Automated Reasoning, LNCS
, 2006
"... Abstract. Formal proofs and global optimisation are two research areas that have been heavily influenced by the arrival of computers. This article aims to bring both further together by formalising a global optimisation method based on Taylor models: a set of functions is represented by a polynomi ..."
Abstract

Cited by 12 (0 self)
 Add to MetaCart
(Show Context)
Abstract. Formal proofs and global optimisation are two research areas that have been heavily influenced by the arrival of computers. This article aims to bring both further together by formalising a global optimisation method based on Taylor models: a set of functions is represented by a polynomial together with an error bound. The algorithms are implemented in the proof assistant Coq's term language, with the ultimate goal to obtain formally proven bounds for any multivariate smooth function in an efficient way. To this end we make use of constructive real numbers, interval arithmetic, and polynomial bounding techniques. 1
On the strength of proofirrelevant type theories
 of Lecture Notes in Computer Science
, 2006
"... Vol. 4 (3:13) 2008, pp. 1–20 ..."
(Show Context)
Primality Proving with Elliptic Curves
"... de recherche ISSN 02496399 ISRN INRIA/RR6155FR+ENG ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
(Show Context)
de recherche ISSN 02496399 ISRN INRIA/RR6155FR+ENG
Verifying SAT and SMT in Coq for a fully automated decision procedure
 PSATTT'11: INTERNATIONAL WORKSHOP ON PROOFSEARCH IN AXIOMATIC THEORIES AND TYPE THEORIES
, 2011
"... Enjoying the power of SAT and SMT solvers in the Coq proof assistant without compromising soundness requires more than a yes/no answer from them. SAT and SMT solvers should also return a proof witness that can be checked by an external tool. We propose a fully certified checker for such witnesses w ..."
Abstract

Cited by 6 (2 self)
 Add to MetaCart
Enjoying the power of SAT and SMT solvers in the Coq proof assistant without compromising soundness requires more than a yes/no answer from them. SAT and SMT solvers should also return a proof witness that can be checked by an external tool. We propose a fully certified checker for such witnesses written in Coq. It can currently check witnesses from the SAT solvers ZChaff and MiniSat and from the SMT solver VeriT. Experiments highlight the efficiency of this checker. On top of it, new reflexive Coq tactics have been built that can decide a subset of Coq’s logic by calling external provers and carefully checking their answers.
Parametricity in an Impredicative Sort
"... Reynold’s abstraction theorem is now a wellestablished result for a large class of type systems. We propose here a definition of relational parametricity and a proof of the abstraction theorem in the Calculus of Inductive Constructions (CIC), the underlying formal language of Coq, in which parametr ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
Reynold’s abstraction theorem is now a wellestablished result for a large class of type systems. We propose here a definition of relational parametricity and a proof of the abstraction theorem in the Calculus of Inductive Constructions (CIC), the underlying formal language of Coq, in which parametricity relations ’ codomain is the impredicative sort of propositions. To proceed, we need to refine this calculus by splitting the sort hierarchy to separate informative terms from noninformative terms. This refinement is very close to CIC, but with the property that typing judgments can distinguish informative terms. Among many applications, this natural encoding of parametricity inside CIC serves both theoretical purposes (proving the independence of propositions with respect to the logical system) as well as practical aspirations (proving properties of finite algebraic structures). We finally discuss how we can simply build, on top of our calculus, a new reflexive Coq tactic that constructs proof terms by parametricity.
Towards primitive data types for COQ: 63bits integers and persistent arrays ∗
, 2013
"... As formal methods are applied to an increasingly wide variety of areas of mathematics and program verification, the need for efficient computations inside proof assistants is becoming more present. Typical applications are proofs inherently relying on costly computations, like the four color theorem ..."
Abstract
 Add to MetaCart
As formal methods are applied to an increasingly wide variety of areas of mathematics and program verification, the need for efficient computations inside proof assistants is becoming more present. Typical applications are proofs inherently relying on costly computations, like the four color theorem [Gon07], the Kepler conjecture [Hal05] or the certification of big prime numbers [GTW06]. But computational capabilities can also be used to enhance proof automation, like tactics deciding algebraic identities over rings [GM05] or Kleene algebras [BP10] or calling external solvers without trusting them [Arm+11; BCP11]. Other original applications may include importing proof objects from different proof systems [KW10] or emitting formally verified assembly code [JBK13]. Addressing this need, the COQ proof assistant has evolved to offer new features for efficient computations. Runtime environments for terms evaluation have been improved, a key step being definitely the introduction of a bytecode compiler along with a dedicated virtual machine [GL02]. This has been recently refined to evaluation by compilation to native code [BDG11]. However, another critical source of performance (or lack thereof) is the choice of data structures to represent the objects involved in the computation. The case of numbers is symptomatic: the traditional unary representation for natural numbers
Certificates Based on Hensel’s Lifting
, 2011
"... If it is quite easy to check a given integer is a root of a given polynomial with integer coefficients, verifying we know all the integral roots of a polynomial requires a different approach. In both univariate and bivariate cases, we introduce a type of integral roots certificates and the correspon ..."
Abstract
 Add to MetaCart
(Show Context)
If it is quite easy to check a given integer is a root of a given polynomial with integer coefficients, verifying we know all the integral roots of a polynomial requires a different approach. In both univariate and bivariate cases, we introduce a type of integral roots certificates and the corresponding checker specification, based on Hensel’s lifting. We provide a formalization of this iterative algorithm from which we deduce a formal proof of the correctness of the checkers, with the help of the Coq proof assistant along with the SSReflect extension. The ultimate goal of this work is to provide a component that will be involved in a complete certification chain for solving the Table Maker’s Dilemma in an exact way.