#### Filter Results:

#### Publication Year

2007

2016

#### Publication Type

#### Co-author

#### Publication Venue

#### Key Phrases

Learn More

We present a way to enjoy the power of SAT and SMT provers in Coq without compromising soundness. This requires these provers to return not only a yes/no answer, but also a proof witness that can be independently rechecked. We present such a checker, written and fully certified in Coq. It is conceived in a modular way, in order to tame the proofs'… (More)

We present a new scheme to translate mathematical developments from HOL-Light to Coq, where they can be re-used and rechecked. By relying on a carefully chosen embedding of Higher-Order Logic into Type Theory, we try to avoid some pitfalls of inter-operation between proof systems. In particular, our translation keeps the mathematical statements… (More)

- Nikhil Swamy, Catalin Hritcu, Chantal Keller, Aseem Rastogi, Antoine Delignat-Lavaud, Simon Forest +6 others
- POPL
- 2016

We present a new, completely redesigned, version of F*, a language that works both as a proof assistant as well as a general-purpose, verification-oriented, effectful programming language. In support of these complementary roles, F* is a dependently typed, higher-order, call-by-value language with _primitive_ effects including state, exceptions, divergence… (More)

Reynold's abstraction theorem is now a well-established result for a large class of type systems. We propose here a definition of relational parametricity and a proof of the abstraction theorem in the Calculus of Inductive Constructions (CIC), the underlying formal language of Coq, in which parametricity relations' codomain is the impredicative sort of… (More)

We analyze a normalization function for the simply typed λ-calculus based on hereditary substitutions, a technique developed by Pfenning et al. The normalizer is implemented in <b>Agda</b>, a total language where all programs terminate. It requires no termination proof since it is structurally recursive which is recognized by <b>Agda's</b> termination… (More)

When checking answers coming from automatic provers, or when skeptically integrating them into proof assistants, a major problem is the wide variety of formats of certificates, which forces to write lots of different checkers. In this paper, we propose to use the extended resolution as a common format for every propositional prover. To be able to do this,… (More)

This thesis studies the cooperation between the Coq proof assistant and external provers through proof witnesses. We concentrate on two dierent kinds of provers that can return certicates: rst, answers coming from SAT and SMT solvers can be checked in Coq to increase both the condence in these solvers and Coq's automation; second, theorems established in… (More)

We present the first typeful implementation of Normalization by Evaluation for the simply typed λ-calculus with sums and control operators: we guarantee type preservation and η-long (modulo commuting conversions), β-normal forms using only Generalized Algebraic Data Types in a general-purpose programming language, here OCaml; and we account for finite sums… (More)

This paper presents BEAGLE TAC, a HOL4 tactic for using Beagle as an external ATP for discharging HOL4 goals. We implement a translation of the higher-order goals to the TFA format of TPTP and add trace output to Beagle to reconstruct the intermediate steps derived by the ATP in HOL4. Our translation combines the characteristics of existing successful… (More)

- Chantal Keller
- 2013

Boolean unsatisability and extended resolution Tableaux BDDs Conclusion Motivation Observations: many dierent automatic theorem provers based on dierent paradigms should be able to explain their results: give proof witness Claim: no need for hundreds of checkers! a standard for proof witnesses provers should be able to transform their reasoning into such… (More)