Integrating Stålmarck’s algorithm in Coq

1 / 26

# Integrating Stålmarck’s algorithm in Coq - PowerPoint PPT Presentation

Integrating Stålmarck’s algorithm in Coq. Laurent Théry Lemme. Motivations. Verifying verification tools Adding more automation to Coq. Outline. What is Stålmarck’s algorithm? How to integrate it to Coq? How efficient is the result?. Stålmarck’s algorithm. Tautology Checker

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

## PowerPoint Slideshow about ' Integrating Stålmarck’s algorithm in Coq' - inigo

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

### Integrating Stålmarck’s algorithm in Coq

Laurent Théry

Lemme

Motivations
• Verifying verification tools
• Adding more automation to Coq
Outline
• What is Stålmarck’s algorithm?
• How to integrate it to Coq?
• How efficient is the result?
Stålmarck’s algorithm
• Tautology Checker
• Developed by Gunnar Stålmarck
• Year 1994
• Commercialised by Prover Technology
• Patented Algorithm!!!!
Boolean Formulae

Constant value:

Variables:

Negation:

Conjunction:

Disjunction:

Implication:

Checking tautologies

Checking if the formula is true for

all assignment:

Propagation Rules

If Then

If Then

If Then

Example

Case Split

Propagation

Case Split

Case Splitting

Propagation

Exponential Growth

Propagation

Intersection

Dilemma Rule

Propagation

Case Split

Propagation

Propagation

Iteration

On all variables

Till no new information is gained

Nesting

Level 2: most tautologies

Extraction

Reflection

Coq

Proof

Checking

Trace

Integrating
Implementation
• A Single Implementation for Extraction and Reflection
• Functional style
• Strict termination criterion
State
• Variables: integer (T=1,=-1)
• State: {2=-3,3=-1,4=5}
• Union-find:

{1  1, 2  1, 3  -1, 4 4, 5  4}

• Back-pointer:

{1 [2,-3],2 -1,3 -1,4 [5],5 4}

Termination
• Easy except:

fun append =

[] M => M

| L [] => L

| [a|L] [b|M] =>

if (lt a b) then [a |(append [a|L] M)]

else [b | (append L [b|M])]

• _

fun append =

[] M => M

| L [] => L

| [a|L] [b|M] =>

if (lt a b) then [a |(append L [b|M])]

else

let append1 = fun

[] => L

| [c|N] => if (lt a c) then [a|(append L [c|N])]

else [c|(append1 N)]

in [b|(append1 M)]

Trace

Coq

Ocaml

3 Level Approach
• Checking Trace:
• Correctness Theorem:
Trace

Reducing Search:

Successful case splitting (v)

Successful rule propagation (r)

Result of the intersection (i)

Conclusions
• Extraction: clearly the most efficient
• Reflection: computation is expensive in Coq (< 1s)
• Trace: practical if we can reduce the amount of computation