a challenge problem toward better acl2 proof technique
play

A challenge problem: Toward better ACL2 proof technique Matt - PowerPoint PPT Presentation

May 16, 2023 •194 likes •805 views

A challenge problem: Toward better ACL2 proof technique Matt Kaufmann The University of Texas at Austin Dept. of Computer Science, GDC 7.804 ACL2 Workshop 2015 October 1, 2015 I NTRODUCTION I took a break this summer to return to my roots as

  1. A challenge problem: Toward better ACL2 proof technique Matt Kaufmann The University of Texas at Austin Dept. of Computer Science, GDC 7.804 ACL2 Workshop 2015 October 1, 2015

  2. I NTRODUCTION I took a break this summer to return to my roots as a mathematical logician, hosted by Prof. Ali Enayat of the University of Gothenburg, Sweden. 2/13

  3. I NTRODUCTION I took a break this summer to return to my roots as a mathematical logician, hosted by Prof. Ali Enayat of the University of Gothenburg, Sweden. ◮ Lots of fun chats! 2/13

  4. I NTRODUCTION I took a break this summer to return to my roots as a mathematical logician, hosted by Prof. Ali Enayat of the University of Gothenburg, Sweden. ◮ Lots of fun chats! ◮ We are co-authoring a tutorial paper on iterated ultrapowers . 2/13

  5. I NTRODUCTION I took a break this summer to return to my roots as a mathematical logician, hosted by Prof. Ali Enayat of the University of Gothenburg, Sweden. ◮ Lots of fun chats! ◮ We are co-authoring a tutorial paper on iterated ultrapowers . ◮ A key lemma in that paper can be abstracted to a lemma about finite sequences, with a pretty simple hand proof. 2/13

  6. I NTRODUCTION I took a break this summer to return to my roots as a mathematical logician, hosted by Prof. Ali Enayat of the University of Gothenburg, Sweden. ◮ Lots of fun chats! ◮ We are co-authoring a tutorial paper on iterated ultrapowers . ◮ A key lemma in that paper can be abstracted to a lemma about finite sequences, with a pretty simple hand proof. ◮ Why not prove the abstracted lemma in ACL2? 2/13

  7. I NTRODUCTION I took a break this summer to return to my roots as a mathematical logician, hosted by Prof. Ali Enayat of the University of Gothenburg, Sweden. ◮ Lots of fun chats! ◮ We are co-authoring a tutorial paper on iterated ultrapowers . ◮ A key lemma in that paper can be abstracted to a lemma about finite sequences, with a pretty simple hand proof. ◮ Why not prove the abstracted lemma in ACL2? Horrors! It took me about 16 hours to complete that exercise in ACL2. 2/13

  8. I NTRODUCTION ( PAGE 2) Possible conclusions: 3/13

  9. I NTRODUCTION ( PAGE 2) Possible conclusions: ◮ I suck at using ACL2? 3/13

  10. I NTRODUCTION ( PAGE 2) Possible conclusions: ◮ I suck at using ACL2? ◮ ACL2 sucks? 3/13

  11. I NTRODUCTION ( PAGE 2) Possible conclusions: ◮ I suck at using ACL2? ◮ ACL2 sucks? ◮ There are ways to use ACL2 more productively that I didn’t use. 3/13

  12. I NTRODUCTION ( PAGE 2) Possible conclusions: ◮ I suck at using ACL2? ◮ ACL2 sucks? ◮ There are ways to use ACL2 more productively that I didn’t use. ◮ Structured development methodologies? 3/13

  13. I NTRODUCTION ( PAGE 2) Possible conclusions: ◮ I suck at using ACL2? ◮ ACL2 sucks? ◮ There are ways to use ACL2 more productively that I didn’t use. ◮ Structured development methodologies? ◮ More help from existing libraries? 3/13

  14. I NTRODUCTION ( PAGE 2) Possible conclusions: ◮ I suck at using ACL2? ◮ ACL2 sucks? ◮ There are ways to use ACL2 more productively that I didn’t use. ◮ Structured development methodologies? ◮ More help from existing libraries? ◮ Nicer formalization of the problem? 3/13

  15. I NTRODUCTION ( PAGE 2) Possible conclusions: ◮ I suck at using ACL2? ◮ ACL2 sucks? ◮ There are ways to use ACL2 more productively that I didn’t use. ◮ Structured development methodologies? ◮ More help from existing libraries? ◮ Nicer formalization of the problem? ◮ . . . 3/13

  16. I NTRODUCTION ( PAGE 3) Goal for today: Present a challenge to construct an ACL2 proof more efficiently and to present lessons learned . . . 4/13

  17. I NTRODUCTION ( PAGE 3) Goal for today: Present a challenge to construct an ACL2 proof more efficiently and to present lessons learned . . . perhaps in a future ACL2 Workshop . 4/13

  18. I NTRODUCTION ( PAGE 3) Goal for today: Present a challenge to construct an ACL2 proof more efficiently and to present lessons learned . . . perhaps in a future ACL2 Workshop . In this talk I’ll point you to relevant books and I’ll also present a very informal hand proof. 4/13

  19. T HE C HALLENGE ( S ) The community book books/demos/proofs/tightness-lemma.lisp contains: 5/13

  20. T HE C HALLENGE ( S ) The community book books/demos/proofs/tightness-lemma.lisp contains: ◮ a self-contained informal proof (as a Lisp comment) using standard mathematical notation; 5/13

  21. T HE C HALLENGE ( S ) The community book books/demos/proofs/tightness-lemma.lisp contains: ◮ a self-contained informal proof (as a Lisp comment) using standard mathematical notation; ◮ encapsulate and defun events introducing the requisite notions; and 5/13

  22. T HE C HALLENGE ( S ) The community book books/demos/proofs/tightness-lemma.lisp contains: ◮ a self-contained informal proof (as a Lisp comment) using standard mathematical notation; ◮ encapsulate and defun events introducing the requisite notions; and ◮ a statement of the final theorem. 5/13

  23. T HE C HALLENGE ( S ) The community book books/demos/proofs/tightness-lemma.lisp contains: ◮ a self-contained informal proof (as a Lisp comment) using standard mathematical notation; ◮ encapsulate and defun events introducing the requisite notions; and ◮ a statement of the final theorem. I’m putting forth the following challenges. 5/13

  24. T HE C HALLENGE ( S ) The community book books/demos/proofs/tightness-lemma.lisp contains: ◮ a self-contained informal proof (as a Lisp comment) using standard mathematical notation; ◮ encapsulate and defun events introducing the requisite notions; and ◮ a statement of the final theorem. I’m putting forth the following challenges. ◮ Preferred challenge : Do a better, faster job than the proof given in community book books/demos/proofs/tightness-lemma-proof.lisp . NOTE : It’s OK to change the formalization! 5/13

  25. T HE C HALLENGE ( S ) The community book books/demos/proofs/tightness-lemma.lisp contains: ◮ a self-contained informal proof (as a Lisp comment) using standard mathematical notation; ◮ encapsulate and defun events introducing the requisite notions; and ◮ a statement of the final theorem. I’m putting forth the following challenges. ◮ Preferred challenge : Do a better, faster job than the proof given in community book books/demos/proofs/tightness-lemma-proof.lisp . NOTE : It’s OK to change the formalization! ◮ Alternate challenge : “Reverse engineer” that proof into one that shows how to complete such proofs more efficiently. 5/13

  26. V ERY I NFORMAL T HEOREM S TATEMENT I’ll be sloppy here and using pictures, just to give the idea. A more careful hand proof is in the aforementioned tightness-lemma.lisp book. 6/13

  27. V ERY I NFORMAL T HEOREM S TATEMENT I’ll be sloppy here and using pictures, just to give the idea. A more careful hand proof is in the aforementioned tightness-lemma.lisp book. Assume that we have: ◮ a set I and strict total ordering ≺ on I ; ◮ functions f ( s ) and g ( s ) , on ≺ -increasing sequences from I of length n f and n g , respectively; and ◮ a unary predicate P . 6/13

  28. V ERY I NFORMAL T HEOREM S TATEMENT I’ll be sloppy here and using pictures, just to give the idea. A more careful hand proof is in the aforementioned tightness-lemma.lisp book. Assume that we have: ◮ a set I and strict total ordering ≺ on I ; ◮ functions f ( s ) and g ( s ) , on ≺ -increasing sequences from I of length n f and n g , respectively; and ◮ a unary predicate P . The next slide illustrates the remaining assumptions for n f = 4 and n g = 3. 6/13

  29. V ERY I NFORMAL T HEOREM S TATEMENT (2) 7/13

  30. V ERY I NFORMAL T HEOREM S TATEMENT (2) ASSUMPTIONS 7/13

  31. V ERY I NFORMAL T HEOREM S TATEMENT (2) ASSUMPTIONS (d) If f ( s 1 ) = f ( s 2 ) and all of s 1 precedes all of s 2 , then P ( f ( s 1 )) : ( s 1 ) a a a a ( s 2 ) b b b b 7/13

  32. V ERY I NFORMAL T HEOREM S TATEMENT (2) ASSUMPTIONS (d) If f ( s 1 ) = f ( s 2 ) and all of s 1 precedes all of s 2 , then P ( f ( s 1 )) : ( s 1 ) a a a a ( s 2 ) b b b b (e) For disjoint sequences s 1 and s 2 , the truth of the equation f ( s 1 ) = g ( s 2 ) depends only on how s 1 and s 2 are interleaved. ( s 1 ) x x x x ( s 2 ) y y y 7/13

  33. V ERY I NFORMAL T HEOREM S TATEMENT (2) ASSUMPTIONS (d) If f ( s 1 ) = f ( s 2 ) and all of s 1 precedes all of s 2 , then P ( f ( s 1 )) : ( s 1 ) a a a a ( s 2 ) b b b b (e) For disjoint sequences s 1 and s 2 , the truth of the equation f ( s 1 ) = g ( s 2 ) depends only on how s 1 and s 2 are interleaved. ( s 1 ) x x x x ( s 2 ) y y y (g) For two specific disjoint sequences s f and s g , f ( s f ) = g ( s g ) . 7/13

  34. V ERY I NFORMAL T HEOREM S TATEMENT (2) ASSUMPTIONS (d) If f ( s 1 ) = f ( s 2 ) and all of s 1 precedes all of s 2 , then P ( f ( s 1 )) : ( s 1 ) a a a a ( s 2 ) b b b b (e) For disjoint sequences s 1 and s 2 , the truth of the equation f ( s 1 ) = g ( s 2 ) depends only on how s 1 and s 2 are interleaved. ( s 1 ) x x x x ( s 2 ) y y y (g) For two specific disjoint sequences s f and s g , f ( s f ) = g ( s g ) . CONCLUSION : P ( f ( s f )) . 7/13

Recommend

Challenge Problems for Challenge Problems for the ACL2 Community the ACL2 Community David

Challenge Problems for Challenge Problems for the ACL2 Community the ACL2 Community David

Challenge Problems for Challenge Problems for the ACL2 Community the ACL2 Community David Hardin David Hardin First, the good news First, the good news ACL2 has been shown to scale to industrial problems ACL2 has been shown to scale

239 views • 11 slides
ACL2(ml): Machine-Learning for ACL2 J. Heras and E. Komendantskaya

ACL2(ml): Machine-Learning for ACL2 J. Heras and E. Komendantskaya

ACL2(ml): Machine-Learning for ACL2 J. Heras and E. Komendantskaya http://staff.computing.dundee.ac.uk/katya/acl2ml/ 12 July 2014 ACL214 J. Heras ACL2(ml): Machine-Learning for ACL2 1/23 Outline Some Challenges in ACL2 1 An overview of

871 views • 56 slides
So#ware Synthesis with ACL2 Eric Smith Kestrel Ins9tute

So#ware Synthesis with ACL2 Eric Smith Kestrel Ins9tute

So#ware Synthesis with ACL2 Eric Smith Kestrel Ins9tute ACL2 Workshop 2015 Outline Overview of Refinement-Based Synthesis Proof-EmiJng Transforma9ons

460 views • 21 slides
Partial Clock Functions in ACL2 John Matthews and Daron Vroon ACL2 Workshop 2004 Goals

Partial Clock Functions in ACL2 John Matthews and Daron Vroon ACL2 Workshop 2004 Goals

Partial Clock Functions in ACL2 John Matthews and Daron Vroon ACL2 Workshop 2004 Goals Given a state machine, we want : A termination proof: from a set of starting states, a desired goal state will always eventually be reached. An

423 views • 26 slides
Literate Proofs Ruben Gamboa July 14, 2003 Motivation Make it easier to understand ACL2 books

Literate Proofs Ruben Gamboa July 14, 2003 Motivation Make it easier to understand ACL2 books

Literate Proofs Ruben Gamboa July 14, 2003 Motivation Make it easier to understand ACL2 books after the fact Organize ACL2 books in a human-oriented, not a proof-oriented manner Publish ACL2 books in different formats (web, print, ...) and

372 views • 15 slides
A Proof of the Group Properties of an Elliptic Curve David M. Russinoff ACL2 Workshop 2017 May

A Proof of the Group Properties of an Elliptic Curve David M. Russinoff ACL2 Workshop 2017 May

A Proof of the Group Properties of an Elliptic Curve David M. Russinoff ACL2 Workshop 2017 May 22, 2017 1/21 C URVE 25519 Let = 2 255 19, A = 486662, and E = { ( x , y ) F F | y 2 = x 3 + Ax 2 + x } {} . Our goal

288 views • 24 slides
Axiomatic Events in ACL2 ( r ) Ruben Gamboa, John Cowles, and Nadya Kuzmina University of Wyoming

Axiomatic Events in ACL2 ( r ) Ruben Gamboa, John Cowles, and Nadya Kuzmina University of Wyoming

Axiomatic Events in ACL2 ( r ) Ruben Gamboa, John Cowles, and Nadya Kuzmina University of Wyoming Introduction ACL2 ( r ) is a variant of ACL2 that supports the irrational numbers It is distributed with the ACL2 sources The foundations of ACL2

479 views • 29 slides
Double Rewriting for Equivalential Reasoning in ACL2 Matt Kaufmann and J Strother Moore ACL2

Double Rewriting for Equivalential Reasoning in ACL2 Matt Kaufmann and J Strother Moore ACL2

Double Rewriting for Equivalential Reasoning in ACL2 Matt Kaufmann and J Strother Moore ACL2 Workshop, FLoC, Seattle, August 16, 2006 1 Introduction ACL2 provides a powerful congruence-based rewriting capability. However, some have

537 views • 19 slides
How Can I Do That with ACL2? Recent Enhancements to ACL2 Matt Kaufmann and J Strother Moore 1

How Can I Do That with ACL2? Recent Enhancements to ACL2 Matt Kaufmann and J Strother Moore 1

How Can I Do That with ACL2? Recent Enhancements to ACL2 Matt Kaufmann and J Strother Moore 1 Introduction (1) ACL2 Version 3.5 was released in May, 2009. Release note items (see :DOC release-notes) since then: (+ 41 ; 3.6 (8/2009) 3 ;

622 views • 49 slides
Flat Domains and Recursive Equations in ACL2 by John Cowles University of Wyoming 1 ACL2 is a

Flat Domains and Recursive Equations in ACL2 by John Cowles University of Wyoming 1 ACL2 is a

Flat Domains and Recursive Equations in ACL2 by John Cowles University of Wyoming 1 ACL2 is a logic of total functions. Some recursive equations have no satisfying ACL2 functions: No ACL2 function g satisfies this recursive equation

518 views • 35 slides
A Simple Java Code Generator for ACL2 Based on a Deep Embedding of ACL2 in Java Alessandro

A Simple Java Code Generator for ACL2 Based on a Deep Embedding of ACL2 in Java Alessandro

A Simple Java Code Generator for ACL2 Based on a Deep Embedding of ACL2 in Java Alessandro Coglio Kestrel Institute Workshop 2018 ATJ Java code generator for ACL2 (ACL2 To Java) based on AIJ deep embedding of ACL2 in Java (ACL2 In Java)

901 views • 38 slides
Hygienic Macros for ACL2 Carl Eastlund Matthias Felleisen cce@ccs.neu.edu matthias@ccs.neu.edu

Hygienic Macros for ACL2 Carl Eastlund Matthias Felleisen cce@ccs.neu.edu matthias@ccs.neu.edu

Hygienic Macros for ACL2 Carl Eastlund Matthias Felleisen cce@ccs.neu.edu matthias@ccs.neu.edu Northeastern University Boston, MA, USA 1 ACL2 2 ACL2 Formal verification based on pure, first-order Common Lisp. Used to model critical

909 views • 61 slides
Hint Orchestration Using ACL2's Simplifier Sol Swords Centaur Technology, Inc. ACL2 Workshop

Hint Orchestration Using ACL2's Simplifier Sol Swords Centaur Technology, Inc. ACL2 Workshop

Hint Orchestration Using ACL2's Simplifier Sol Swords Centaur Technology, Inc. ACL2 Workshop 2018 This talk is for hint abusers This might be you if: You cant be bothered to figure out a good rewriting strategy You just dont know

541 views • 30 slides
Adding a typing Adding a typing mechanism to ACL2 mechanism to ACL2 Vernon Austel Vernon

Adding a typing Adding a typing mechanism to ACL2 mechanism to ACL2 Vernon Austel Vernon

Adding a typing Adding a typing mechanism to ACL2 mechanism to ACL2 Vernon Austel Vernon Austel IBM IBM Outline Outline What a typed ACL2 might look like Vague proposal concerning how to change ACL2 to allow experimentation with type

873 views • 19 slides
DrACuLa: ACL2 in DrScheme Dale Vaillancourt Rex Page Matthias Felleisen ACL2 Workshop August

DrACuLa: ACL2 in DrScheme Dale Vaillancourt Rex Page Matthias Felleisen ACL2 Workshop August

DrACuLa: ACL2 in DrScheme Dale Vaillancourt Rex Page Matthias Felleisen ACL2 Workshop August 16, 2006 1 Undergraduate Software Engineering Page teaches two SE courses at Oklahoma U. Covers usual topics - specification, documentation,

557 views • 51 slides
Proving Preservation of Partial Correctness with ACL2: A Mechanical Compiler Source Level

Proving Preservation of Partial Correctness with ACL2: A Mechanical Compiler Source Level

Proving Preservation of Partial Correctness with ACL2: A Mechanical Compiler Source Level Correctness Proof Wolfgang Goerigk Christian-Albrechts-Universit at zu Kiel, Germany wg@informatik.uni-kiel.de wg/

297 views • 28 slides
Spatial coupling: Algorithm and Proof Technique Workshop on Local Algorithms - WOLA 2018 Boston,

Spatial coupling: Algorithm and Proof Technique Workshop on Local Algorithms - WOLA 2018 Boston,

Spatial coupling: Algorithm and Proof Technique Workshop on Local Algorithms - WOLA 2018 Boston, June 15th, 2018 1 Physics inspiration: nucleation, crystallization, meta-stability 2 Supercooled water Heat packs Sodium acetate , C 2 H 3 NaO 2

838 views • 45 slides
Equihash: Asymmetric Proof-of-Work based on the Generalized Birthday Problem Alex Biryukov

Equihash: Asymmetric Proof-of-Work based on the Generalized Birthday Problem Alex Biryukov

Equihash: Asymmetric Proof-of-Work based on the Generalized Birthday Problem Alex Biryukov Dmitry Khovratovich University of Luxembourg February 22nd, 2016 Proof (Prover) Verifiers Proof of Work in cryptocurrencies PoW certificate of

550 views • 27 slides
A SAT-Based Procedure for Verifying Finite State Machines in ACL2 Warren A. Hunt, Jr. and Erik

A SAT-Based Procedure for Verifying Finite State Machines in ACL2 Warren A. Hunt, Jr. and Erik

A SAT-Based Procedure for Verifying Finite State Machines in ACL2 Warren A. Hunt, Jr. and Erik Reeber {reeber,hunt}@cs.utexas.edu The University of Texas ACL2 Workshop, August 16 , 2006 Introduction The ACL2 theorem prover is great

252 views • 22 slides
A technique for computing minors of orthogonal ( 0 , 1 ) matrices and an application to the

A technique for computing minors of orthogonal ( 0 , 1 ) matrices and an application to the

Introduction A technique for minors Main Results Application to the growth problem Numerical experiments Summary-References A technique for computing minors of orthogonal ( 0 , 1 ) matrices and an application to the Growth Problem

705 views • 69 slides
A Batch Reactor Heat Recovery Problem description Challenge Problem Simulations Discussion

A Batch Reactor Heat Recovery Problem description Challenge Problem Simulations Discussion

Heat Recovery Challenge Problem J. Jschke Introduction A Batch Reactor Heat Recovery Problem description Challenge Problem Simulations Discussion Conclusions Johannes Jschke, Sigurd Skogestad Department of Chemical Engineering NTNU

506 views • 18 slides
CROP MODELING Problem solving Challenge The challenge is how to design deficit irrigation

CROP MODELING Problem solving Challenge The challenge is how to design deficit irrigation

Antonije Zunic Caterina Tarducci Flavio Grotto Lukas Koppensteiner Wolfgang Fuchs CROP MODELING Problem solving Challenge The challenge is how to design deficit irrigation schedule for crop production under extreme water scarcity. CASE

164 views • 15 slides
Theorems About Programming Languages in ACL2 Sol Swords William Cook

Theorems About Programming Languages in ACL2 Sol Swords William Cook

Theorems About Programming Languages in ACL2 Sol Swords William Cook {sswords,wcook}@cs.utexas.edu Department of Computer Science University of Texas at Austin ACL2 Workshop, FLoC 2006 Outline 1 Introduction: Mechanizing Programming

540 views • 18 slides
Logosphere A Digital Library of Formal Proof Carsten Schrmann Processor Verification

Logosphere A Digital Library of Formal Proof Carsten Schrmann Processor Verification

Logosphere A Digital Library of Formal Proof Carsten Schrmann Processor Verification INTEL (HOL/HOL light). [John Harrison] $500mio Pentium bug. AMD (ACL2, Nqthm). [Matt Kaufmann] Siemens, Microsoft (ASM). [Yuri

502 views • 32 slides

More recommend