From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00
	autolearn=unavailable autolearn_force=no version=3.4.4
Path: 
 eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Paul Rubin <no.email@nospam.invalid>
Newsgroups: comp.lang.ada
Subject: Re: SPARK and integer arithmetic
Date: Sun, 18 Sep 2016 12:33:52 -0700
Organization: A noiseless patient Spider
Message-ID: <87poo1atpb.fsf@jester.gateway.pace.com>
References: <87poo1a57p.fsf@mid.deneb.enyo.de> <lyy42p1anr.fsf@pushface.org>
	<87twddw0i4.fsf@mid.deneb.enyo.de>
Mime-Version: 1.0
Content-Type: text/plain
Injection-Info: mx02.eternal-september.org;
 posting-host="2aed369a7b4699bde3e169ff4d831123";
	logging-data="10639"; mail-complaints-to="abuse@eternal-september.org";
	posting-account="U2FsdGVkX188w5ateonI8SUnXUngIA5+"
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)
Cancel-Lock: sha1:tIKirTGoyD/sTQSgPVkutwHg4bo=
	sha1:jHfvnDh5VO3pPpZsoFey/avY/BU=
Xref: news.eternal-september.org comp.lang.ada:31808
Date: 2016-09-18T12:33:52-07:00
List-Id: <comp.lang.ada>

Florian Weimer <fw@deneb.enyo.de> writes:
> The intent is that I can write unbounded integer arithmetic in
> predicates and post-conditions.
> Not too surprisingly, gnatprove can't deal with this (I've already
> been told it's beyond alt-ergo, and Z3 can only brute-force it).  But
> perhaps there is a way to express the unbounded arithmetic so that
> there is less work left for the prover?

I think there is some way for Spark to use Coq, which can deal with
things like that easily.  The Wikipedia article on Presburger arithmetic
also cites http://ieeexplore.ieee.org/document/6987606/?arnumber=6987606
about using (adapting?) the CVC4 SMT solver on quantifier-free
arithmetic expressions.