Skip to Content.
Sympa Menu

coq-club - Re: [Coq-Club] Proof automation for large terms?

coq-club AT inria.fr

Subject: The Coq mailing list

List archive

Re: [Coq-Club] Proof automation for large terms?


Chronological Thread 
    < Chronological >      < Thread >
  • From: Andrew Appel <appel AT princeton.edu>
  • To: coq-club <coq-club AT inria.fr>
  • Subject: Re: [Coq-Club] Proof automation for large terms?
  • Date: Fri, 12 Feb 2021 11:20:18 -0500 (EST)
  • Authentication-results: mail2-smtp-roc.national.inria.fr; spf=None smtp.pra=appel AT princeton.edu; spf=Pass smtp.mailfrom=appel AT cs.princeton.edu; spf=Pass smtp.helo=postmaster AT yellowcard.cs.princeton.edu
  • Ironport-phdr: 9a23:0skRaBbdlsGoKBNwC6P0qvD/LSx+4OfEezUN459isYplN5qZr8uybnLW6fgltlLVR4KTs6sC17OH9f65Ejxbqb+681k6OKRWUBEEjchE1ycBO+WiTXPBEfjxciYhF95DXlI2t1uyMExSBdqsLwaK+i764jEdAAjwOhRoLerpBIHSk9631+ev8JHPfglEnjWwba52IRmsrAjdq8YajIhsJ60s1hbHv3xEdvhMy2h1P1yThRH85smx/J5n7Stdvu8q+tBDX6vnYak2VKRUAzs6PW874s3rrgTDQhCU5nQASGUWkwFHDBbD4RrnQ5r+qCr6tu562CmHIc37SK0/VDq+46t3ThLjlSEKPCM7/m7KkMx9lKxVrhK/qRJ8wYHUbpybO/VicaPcet0aWXFMUdxNWyNdGI6xdZcDAugHMO1Fr4f9vVwOrR6mCASwAuPg1yVIiWH43KYnz+khCRnG0xIkH9kTt3nbts31NL8MXuCx16TI1S/Db/JQ2Tjh9ofIbhchofeWUb1ubMXR1FAiGgXYhVqftYLrJSma1vgRs2eF9epgU/qihW4opQ1vrTWi2MUhh43Vio8Uyl3I6yp0zYkpKNC4R0B2b9CpHZRTuiyHN4V7X8AvTn12tCs5xLMLpYK3cSsKxZkh2hXRaOSHfpCV7h79V+udOyp0iG97dL6lmhq//0mtxvf9W8S1yFpHryhInsPSun0CyhDf8MmKR/hn8ku/xTqDyRjf5vxaLU03j6bXNoMtzqAqmpYOv0nOHzX6lUX0gaKQa04q4PKn6/79bbXjvpKcN5F7igX5Mqk2ms2wH+A4MgwJX2mV5euzzqfj8lDjTLpWlf06iLHZsIrbJcQduqG2HRNV0oEl6xqlETipzckYkWEGLFJDZh2Hk5DkN0zQLP37F/uznkmgnClxy/zbMLDsA4/BI3nCnbv5eLZy8U9cyA49zdBF4JJUD6kML+jrWk/pqtPYCgQ0PBCvw+r9ENV9zIIeWWSTDaCHLKPStlmI6vgxLOaReY8ZoCz9JOQ95/7ykX85nkcQcrWu3ZsOcXy3AvBmI1iCbnf3mdcAEWIKvhIkQ+DwiV2CVyRTZ3eoUK4m6DE7EtHuMYCWTYe0xbeFwS3zSpZRfyVNDk2GOXbubYSNHfkWPnG8OMhkxxUCWaKsVMcIzQmjsEeuwqJ/I+784jcZs5nuyN9zoeDfiEdhpnRPE82B3jTVHClPlWQSSmpuhf0tkQlG0l6GlJNArblYGNhUvaIbQwo+MZnDxOVgB5b5QUTZZNaPQ1u6RdPgDD0sHItoko0+Jn1lEtDntSjtmi+jArsbjbuOXcxm+bmax2LwIc1w13HAkqQtkgt/G5cdBSidnqd6sjPrKcvRiUzAyvSyb6Ua1yPR82HFwGaT7hlV
Question: how to improve Coq's performance on proof automation for large terms.
Short answer:  reflection

Long answer: reflection, reflection, reflection.  And perhaps uconstr.

Proof automation on large terms is exactly what I've been struggling with for the last few weeks, as I am improving the performance of the Verified Software Toolchain on its new "Verified Software Unit" feature (see "Verified Software Units" by Lennart Beringer forthcoming in ESOP 2021).   What I've found to be effective is:

1. the systematic use of computational reflection;
2. use of boolean equality tests instead of decidable equality
3. in some cases, careful staging of computation
4. in some cases, use of uconstr instead of constr
5. in some cases, use Ltac pattern matching to learn things about terms, and carefully avoid doing reductions that will cause Qed to blow up.
But I still have many residual subgoals that are not reified into things for which reflection works;  that is, this is mixed computation and typechecking in Coq.  With a lot of Ltac programming.

Many of these principles (especially 1 and 2) are the foundation of the ssreflect system, of course.  I'm not using ssreflect, but I'm sure its features would have automated some of the things that I programmed by hand.
From: "Eddy Westbrook" <westbrook AT galois.com>
To: "coq-club" <coq-club AT inria.fr>
Cc: "Matthew Yacavone" <myac AT galois.com>
Sent: Friday, February 12, 2021 11:06:06 AM
Subject: [Coq-Club] Proof automation for large terms?
Fellow Coq clubbers,

Does anyone have experience using proof automation and hint databases to prove theorems with large terms?

We are working on building a tactic to generate refinement proofs for monadic terms. Choosing the proof rule to apply in almost every case is rote, and can be done with a simple pattern-match on the top-level form of the terms. However, we have found that the automation really slows down when the terms start to get large. After profiling the tactic, it seems that it is just the “simple apply” rules generated by Resolve hints that are taking the majority of the time. I assume this is just unification running over large terms?

Anyway, any suggestions would be greatly appreciated!

Thanks,
-Eddy

Archive powered by MHonArc 2.6.19+.

Top of Page