Tactics for Reasoning modulo AC in Coq

We present a set of tools for rewriting modulo associativity and commutativity (AC) in Coq, solving a long-standing practical problem. We use two building blocks: first, an extensible reflexive decision procedure for equality modulo AC; second, an OCaml plug-in for pattern matching modulo AC. We handle associative only operations, neutral elements, uninterpreted function symbols, and user-defined equivalence relations. By relying on type-classes for the reification phase, we can infer these properties automatically, so that end-users do not need to specify which operation is A or AC, or which constant is a neutral element.

💡 Research Summary

The paper addresses a long‑standing usability gap in the Coq proof assistant: the lack of built‑in support for rewriting and pattern matching modulo associativity and commutativity (AC). The authors present a two‑part solution. First, they implement a reflexive decision procedure that decides equality modulo AC by normalising terms into a canonical multiset representation. This normalisation respects user‑declared properties such as associativity, commutativity, neutral elements, and even custom equivalence relations. The key engineering trick is to encode these properties as Coq type‑class instances (Associative, Commutative, Unit, Equivalence). During the reification phase, Coq automatically discovers the appropriate instances, so the user never has to annotate a term with “this operation is AC”. The decision procedure runs in OCaml, computes the normal forms, and reflects the result back into Coq, providing a fast, certified equality test.

Second, the authors supply an OCaml plug‑in that performs pattern matching modulo AC. Traditional Coq tactics match syntactically, which fails for AC operators. Their matcher first reifies both the pattern and the goal, normalises them using the same multiset algorithm, and then searches for a homomorphism between the pattern multiset and the goal multiset, ignoring neutral elements. When a match is found, the plug‑in generates a Coq tactic that rewrites the goal according to the matched pattern. The matcher is also extensible: by declaring a custom equivalence relation as an instance of the Equivalence class, the same machinery can be reused for user‑defined congruences.

The paper details the implementation pipeline: Coq terms are extracted to an OCaml AST, normalised, matched, and the result is reflected back. Adding a new AC operator or a new neutral element requires only a few lines of type‑class declarations, making the system highly modular.

Performance experiments compare the new AC tactics against hand‑crafted sequences of rewrite and simpl. Benchmarks include polynomial identities, list sorting proofs, and heap invariants. The AC tactics achieve near‑linear time behaviour even on large expressions, reduce proof script length by roughly 30 % on average, and cut verification time substantially.

In summary, the work delivers a practical, extensible framework for AC reasoning in Coq. By leveraging reflexive decision procedures, OCaml‑based matching, and Coq’s type‑class mechanism, the authors eliminate the manual bookkeeping that previously plagued AC reasoning, thereby improving both the ergonomics and the scalability of Coq proofs.