coq-club AT inria.fr

Subject: The Coq mailing list

List archive

[Coq-Club] Trouble understanding Coq tutorials

From: Andrew Pennebaker <andrew.pennebaker AT gmail.com>
To: Coq <coq-club AT inria.fr>
Subject: [Coq-Club] Trouble understanding Coq tutorials
Date: Tue, 1 Nov 2011 13:33:34 -0400

I'm familiar with programming, and I'm familiar with formal methods, but I have trouble understanding the various Coq tutorials.

What prevents me from cheating by assuming enough hypotheses that my goal is reached?

How can Coq A) prove that an algorithm for reversing a string is correct and B) prove that a C implementation of the algorithm is correct?

I'm used to unit testing my programs with QuickCheck, a probabilistic verifier that brute forces properties such as propReversible :: String -> Bool (Haskell notation). How easy would it be to refactor QuickCheck tests into Coq tests? If Coq verifies that my C code is correct, how should I provide "certificates" of verification? Is it enough to provide a code comment to a URL of a .v file?

Cheers,

Andrew Pennebaker

www.yellosoft.us

[Coq-Club] Trouble understanding Coq tutorials, Andrew Pennebaker
- Re: [Coq-Club] Trouble understanding Coq tutorials, Adam Chlipala
  - Message not available
    - [Coq-Club] Trouble understanding Coq tutorials, Andrew Pennebaker
      - [Coq-Club] Re: Trouble understanding Coq tutorials, Adam Chlipala
      - Re: [Coq-Club] Trouble understanding Coq tutorials, Jesper Louis Andersen
      - Re: [Coq-Club] Trouble understanding Coq tutorials, gallais @ ensl.org
  - Re: [Coq-Club] Trouble understanding Coq tutorials, Tom Prince
- Re: [Coq-Club] Trouble understanding Coq tutorials, Claude Marche
  - Re: [Coq-Club] Trouble understanding Coq tutorials, Andrew Pennebaker
    - Re: [Coq-Club] Trouble understanding Coq tutorials, Adam Chlipala
    - Re: [Coq-Club] Trouble understanding Coq tutorials, Julien Narboux