Gandalf is a first-order resolution theorem-prover, optimized for speed and specializing in manipulations of large clauses. In this paper I describe GANDALF TAC, a HOL tactic that proves goals by calling Gandalf and mirroring the resulting proofs in HOL. This call can occur over a network, and a Gandalf server may be set up servicing multiple HOL clients. In addition, the translation of the Gandalf proof into HOL fits in with the LCF model and guarantees logical consistency.

Abstract. In this paper we evaluate the effectiveness of first-order proof procedures when used as tactics for proving subgoals in a higher-order logic interactive theorem prover. We first motivate why such first-order proof tactics are useful, and then describe the core integrating technology: an ‘LCFstyle’ logical kernel for clausal first-order logic. This allows the choice of different logical mappings between higher-order logic and first-order logic to be used depending on the subgoal, and also enables several different first-order proof procedures to cooperate on constructing the proof. This work was carried out using the HOL4 theorem prover; we comment on the ease of transferring the technology to other higher-order logic theorem provers. 1

The HOL system is a mechanized proof assistant for higher order logic that has been under continuous development since the mid-1980s, by an ever-changing group of developers and external contributors. We give a brief overview of various implementations of the HOL logic before focusing on the evolution of certain important features available in a recent implementation. We also illustrate how the module system of Standard ML provided security and modularity in the construction of the HOL kernel, as well as serving in a separate capacity as a useful representation medium for persistent, hierarchical logical theories.

. The model elimination theorem prover SETHEO (version V3.3) and its equational extension E-SETHEO are presented. SETHEO employs sophisticated mechanisms of subgoal selection, elaborate iterative deepening techniques, and local failure caching methods. Its equational counterpart E-SETHEO transforms formulae containing equality (using a variant of Brand's modification method) and processes the output with the standard SETHEO system. The paper gives an overview of the theoretical background, the system architecture, and the performance of both systems. Key words: Automated theorem proving, competition, SETHEO, E-SETHEO, first-order logic, model elimination, equality. 1. Introduction In this paper we describe the theorem provers SETHEO and E-SETHEO. SETHEO is based on the model elimination calculus [13] and performs proof search using iterative deepening. The proof procedure is implemented as an extension of the Warren Abstract Machine. The system is being continuously extended and enh...

ion is in a precise sense a converse operation to application. Given 49 50 CHAPTER 5. PRIMITIVE BASIS OF HOL LIGHT a variable x and a term t, which may or may not contain x, one can construct the so-called lambda-abstraction x: t, which means `the function of x that yields t'. (In HOL's ASCII concrete syntax the backslash is used, e.g. \x. t.) For example, x: x + 1 is the function that adds one to its argument. Abstractions are not often seen in informal mathematics, but they have at least two merits. First, they allow one to write anonymous function-valued expressions without naming them (occasionally one sees x 7! t[x] used for this purpose), and since our logic is avowedly higher order, it's desirable to place functions on an equal footing with rstorder objects in this way. Secondly, they make variable dependencies and binding explicit; by contrast in informal mathematics one often writes f(x) in situations where one really means x: f(x). We should give some idea of how ordina...

Abstract. We show how PVS-style predicate subtyping can be simulated in HOL using predicate sets, and explain how to perform subtype checking using this model. We illustrate some applications of this to specification and verification in HOL, and also demonstrate some limits of the approach. Finally we report on the effectiveness of a subtype checker used as a condition prover in a contextual rewriter. 1

Abstract. Effective formal verification tools require that robust implementations of automatic procedures for first-order logic and satisfiability modulo theories be integrated into expressive interactive frameworks for logical deduction, such as higher-order logic

ion is in a precise sense a converse operation to application. Given 49 50 CHAPTER 5. PRIMITIVE BASIS OF HOL LIGHT a variable x and a term t, which may or may not contain x, one can construct the so-called lambda-abstraction x: t, which means `the function of x that yields t'. (In HOL's ASCII concrete syntax the backslash is used, e.g. "x. t.) For example, x: x + 1 is the function that adds one to its argument. Abstractions are not often seen in informal mathematics, but they have at least two merits. First, they allow one to write anonymous function-valued expressions without naming them (occasionally one sees x 7! t[x] used for this purpose), and since our logic is avowedly higher order, it's desirable to place functions on an equal footing with firstorder objects in this way. Secondly, they make variable dependencies and binding explicit; by contrast in informal mathematics one often writes f(x) in situations where one really means x: f(x). We should give some idea of how ordinary...

We are improving equality reasoning in automatic theorem-provers, and congruence classes provide an e#cient storage mechanism for terms, as well as the congruence closure decision procedure. We describe the technical steps involved in integrating logic variables with congruence classes, and present an algorithm that can be proved to find all matches between classes (modulo certain equalities). An application of this algorithm makes possible a percolation algorithm for undirected rewriting in minimal space; this is described and an implementation in hol98 is examined in some detail. 1 Keywords: Congruence Closure, Equality Reasoning 1