-
Notifications
You must be signed in to change notification settings - Fork 62
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Redo the sawscript ProofScript primitives #9
Comments
A discussion is planned for Wednesday, June 10 to decide how we should implement proof goal states and proof tactics in saw-script. It appears that the representations of these will need to change significantly to get the features we want. Here is a list of items we should cover during our discussion:
@robdockins, @atomb, @ntc2: Anything to add? |
Some notes from the discussion yesterday (June 24):
|
Based on the discussion, I'm thinking that the
(In place of In the definition of |
Is QBF support existing/planned? I just ask because of the note above --- "Proof states should only contain universally quantified variables." It would be nice to have proofs with alternating quantifiers, though I guess we could assert that a proof always start with the universal quantifier. |
We still have the option of putting explicit |
The success/failure of a proof script is now encoded in whether or not it finished with no remaining subgoals. This is a small step toward addressing issue #9.
I think the bulk of what is discussed here has now been implemented via #1134. |
There are various inconsistencies in the types of sawscript primitives related to ProofScripts. Currently we have:
Some proof tactics have type
ProofScript ()
, someProofScript SatResult
, and others areProofScript ProofResult
. So far we don't have any examples of binding values within the ProofScript monad (e.g.sat do { x <- assume_valid; ... x ... }
) so the types are not really helpful. Theprove
andsat
commands work on typeProofScript b
for anyb
; but for some reasonjava_verify_tactic
andllvm_verify_tactic
requireProofScript SatResult
, which makes it impossible to use a proof script that uses onlysimplify
, for example.A related problem is the return types of
prove
vsprove_print
. To create new rewrite rules for the simplifier, you need to produce aTheorem
, but right nowprove_print
is the only way to do that; there is no way to produce aTheorem
from aProofResult
, even usingcaseProofResult
.The text was updated successfully, but these errors were encountered: