A prover framework that supports bit-blasting.
FGL is the successor to GL. It mainly
consists of a clause processor that calls on a custom rewriter/term interpreter
which features support for efficient representations of Boolean functions.
Compared to GL, FGL offers the following new features:
- Support for representing Boolean functions using the aignet package.
- Support for calling incremental SAT during rewriting/symbolic execution.
- Less functionality included in built-in primitives, but better able to be
programmed using rewrite rules and user-provided extensions.
- Explicit representation of the entire interpreter state,
allowing global simplifications (e.g. combinational-equivalence-preserving
- The symbolic object representation includes a new primitive kind
representing a fast alist or array.
- Better debugging capabilities, including a tracing facility for the
rewriter and the ability to examine the full interpreter stack at any
FGL is currently missing some important features of GL. In particular, BDD
and hons-AIG modes are not complete. Shape specifiers don't exist yet. Many
of the usual ways of doing things in GL are done differently in FGL.
To get started with FGL in the default configuration, first set up a SAT solver; the default for
FGL is glucose. To use a different SAT solver, see fgl-solving.
;; include FGL
(include-book "centaur/fgl/top" :dir :system)
;; start an external shell from which the SAT solver can be called
;; test a proof
:hyp (and (unsigned-byte-p 5 x) (unsigned-byte-p 5 y))
:concl (equal (+ x y) (+ y x)))
:hyp (unsigned-byte-p 3 x)
:concl (not (logbitp 4 x)))
In addition to a standalone SAT solver program (monolithic solver), for
certain FGL features you may also want an incremental solver implementing the
IPASIR interface; see ipasir::ipasir for an overview and
(see ipasir::building-an-ipasir-solver-library) for how to build one. Then
you'll need to set the environment variable IPASIR_SHARED_LIBRARY and
include the book centaur/ipasir/ipasir-backend in order to allow its
To learn more about FGL, here are some places to get started:
- Differences between FGL and ACL2 rewrite rules
- Limitations on what the FGL interpreter will do to resolve a call of a given function.
- FGL symbolic object type
- Proving SAT instances in FGL
- Discussion of how if-then-else objects are dealt with in FGL.
- How to ensure that FGL can reduce your conjecture to a Boolean formula
- Adding fast-executing primitive routines to FGL.
- Outline of the way the FGL interpreter works.
- Generating counterexamples from SAT checks in FGL
- Discussion of the logical justification for the bind-var feature.
- Tools for debugging FGL failures
- Advanced extralogical programming of FGL.
- Define a rule that recognizes constraints among FGL generated Boolean variables
- Representation of the FGL interpreter stack.
- How to trace the FGL rewriter
- Prove a theorem using FGL with case-splitting.
- Prove a theorem using FGL
- Support for hash-based fast alists in FGL
- Some tools for equivalence checking with FGL.
- Support for fast array lookups in FGL
- Topics describing implementation-level details.