interactive proofs in higher order concurrent separation
play

Interactive Proofs in Higher-Order Concurrent Separation Logic - PowerPoint PPT Presentation

Jul 23, 2023 •230 likes •953 views

Interactive Proofs in Higher-Order Concurrent Separation Logic Robbert Krebbers 1 Amin Timany 2 Lars Birkedal 3 1 Delft University of Technology, The Netherlands 2 imec-Distrinet, KU Leuven, Belgium 3 Aarhus University, Denmark January 18, 2017 @

  1. Interactive Proofs in Higher-Order Concurrent Separation Logic Robbert Krebbers 1 Amin Timany 2 Lars Birkedal 3 1 Delft University of Technology, The Netherlands 2 imec-Distrinet, KU Leuven, Belgium 3 Aarhus University, Denmark January 18, 2017 @ POPL, Paris, France 1

  2. Goal of this talk Many POPL papers about complicated program logics come with mechanized soundness proofs, but how to reason in these logics? Goal: reasoning in an object logic in the same style as reasoning in Coq 2

  3. Goal of this talk Many POPL papers about complicated program logics come with mechanized soundness proofs, but how to reason in these logics? Goal: reasoning in an object logic in the same style as reasoning in Coq 2

  4. Goal of this talk Many POPL papers about complicated program logics come with mechanized soundness proofs, but how to reason in these logics? Goal: reasoning in an object logic in the same style as reasoning in Coq How? ◮ Extend Coq with (spatial and non-spatial) named proof contexts for an object logic ◮ Tactics for introduction and elimination of all connectives of the object logic ◮ Entirely implemented using reflection, type classes and Ltac (no OCaml plugin needed) 2

  5. Goal of this talk Many POPL papers about complicated program logics come with mechanized soundness proofs, but how to reason in these logics? Goal: reasoning in Iris in the same style as reasoning in Coq How? ◮ Extend Coq with (spatial and non-spatial) named proof contexts for Iris ◮ Tactics for introduction and elimination of all connectives of Iris ◮ Entirely implemented using reflection, type classes and Ltac (no OCaml plugin needed) Iris : language independent higher-order separation logic for modular reasoning about fine-grained concurrency in Coq 2

  6. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R − ∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type P , R : iProp Ψ : A → iProp (1/1) P ∗ ( ∃ a : A , Ψ a ) ∗ R − ∗ ∃ a : A , Ψ a ∗ P 3

  7. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R − ∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp Ψ : A → iProp (1/1) P ∗ ( ∃ a : A , Ψ a ) ∗ R − ∗ ∃ a : A , Ψ a ∗ P 3

  8. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R − ∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp Ψ : A → iProp (1/1) "HP" : P "H Ψ " : ∃ a : A , Ψ a "HR" : R − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − ∗ ∃ a : A , Ψ a ∗ P 3

  9. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R − ∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp (1/1) "HP" : P "H Ψ " : ∃ a : A , Ψ a "HR" : R − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − ∗ ∃ a : A , Ψ a ∗ P 3

  10. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R − ∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp x : A (1/1) "HP" : P "H Ψ " : Ψ x "HR" : R − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − ∗ ∃ a : A , Ψ a ∗ P 3

  11. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R − ∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp iExists x. x : A (1/1) "HP" : P "H Ψ " : Ψ x "HR" : R − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − ∗ ∃ a : A , Ψ a ∗ P 3

  12. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R − ∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp iExists x. x : A (1/1) "HP" : P "H Ψ " : Ψ x "HR" : R − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − ∗ Ψ x ∗ P 3

  13. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R − ∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp iExists x. x : A iSplitL "H Ψ ". (1/1) "HP" : P "H Ψ " : Ψ x "HR" : R − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − ∗ Ψ x ∗ P 3

  14. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 2 subgoals P ∗ ( ∃ a , Ψ a ) ∗ R − ∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp iExists x. x : A iSplitL "H Ψ ". (1/2) "H Ψ " : Ψ x − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − ∗ Ψ x (2/2) "HP" : P "HR" : R − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − ∗ P 3

  15. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R − ∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp iExists x. x : A iSplitL "H Ψ ". (1/1) - "H Ψ " : Ψ x − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − ∗ Ψ x 3

  16. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R − ∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp iExists x. x : A iSplitL "H Ψ ". (1/1) - iAssumption. "H Ψ " : Ψ x − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − ∗ Ψ x 3

  17. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : This subproof is complete , but there are some unfocused goals : P ∗ ( ∃ a , Ψ a ) ∗ R − ∗ ∃ a , Ψ a ∗ P . Proof . (1/1) iIntros "[HP [H Ψ HR]]". "HP" : P iDestruct "H Ψ " as (x) "H Ψ ". "HR" : R iExists x. − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − ∗ iSplitL "H Ψ ". P - iAssumption. 3

  18. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R − ∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp iExists x. x : A iSplitL "H Ψ ". (1/1) - iAssumption. "HP" : P - "HR" : R − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − ∗ P 3

  19. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R − ∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp iExists x. x : A iSplitL "H Ψ ". (1/1) - iAssumption. "HP" : P - iAssumption. "HR" : R − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − ∗ P 3

Recommend

Iris Proof Mode Interactive Proofs in Higher-Order Concurrent Separation Logic Robbert Krebbers 1

Iris Proof Mode Interactive Proofs in Higher-Order Concurrent Separation Logic Robbert Krebbers 1

Iris Proof Mode Interactive Proofs in Higher-Order Concurrent Separation Logic Robbert Krebbers 1 Delft University of Technology, The Netherlands June 12, 2017 @ MFPS, Ljubljana, Slovenia 1 Iris is joint work with: Ralf Jung, Jacques-Henri

1.16k views • 87 slides
Higher-Order Concurrent Separation Logic: Why and How Lars Birkedal Aarhus University Nijmegen,

Higher-Order Concurrent Separation Logic: Why and How Lars Birkedal Aarhus University Nijmegen,

Higher-Order Concurrent Separation Logic: Why and How Lars Birkedal Aarhus University Nijmegen, Netherlands Dec, 2015 Modular Reasoning about Higher-Order Concurrent Imperative Programs 1 / 33 Introduction Goal Program logics for

1.02k views • 63 slides
Mechanized proofs in higher-order separation logic Robbert Krebbers Delft University of

Mechanized proofs in higher-order separation logic Robbert Krebbers Delft University of

Mechanized proofs in higher-order separation logic Robbert Krebbers Delft University of Technology, The Netherlands February 5, 2019 @ Vrije Universiteit, Amsterdam, The Netherlands 1 Tactic-style proofs (as in LCF/Coq/HOL/ etc. ) have shown to

978 views • 97 slides
Iris: a framework for higher-order concurrent separation logic in Coq Robbert Krebbers 1 Delft

Iris: a framework for higher-order concurrent separation logic in Coq Robbert Krebbers 1 Delft

Iris: a framework for higher-order concurrent separation logic in Coq Robbert Krebbers 1 Delft University of Technology, The Netherlands January 15, 2017 @ TTT, Paris, France 1 Iris is joint work with: Ralf Jung, Jacques-Hendri Jourdan, Ale s

1.49k views • 124 slides
Iron: Managing Obligations in Higher-Order Concurrent Separation Logic s Bizjak 1 Daniel Gratzer 1

Iron: Managing Obligations in Higher-Order Concurrent Separation Logic s Bizjak 1 Daniel Gratzer 1

Iron: Managing Obligations in Higher-Order Concurrent Separation Logic s Bizjak 1 Daniel Gratzer 1 Ale Robbert Krebbers 2 Lars Birkedal 1 1 Aarhus University 2 Delft University of Technology January 17, 2019 POPL 2019

566 views • 38 slides
MoSeL: A General, Extensible Modal Framework for Interactive Proofs in Separation Logic Robbert

MoSeL: A General, Extensible Modal Framework for Interactive Proofs in Separation Logic Robbert

MoSeL: A General, Extensible Modal Framework for Interactive Proofs in Separation Logic Robbert Krebbers 1 Jacques-Henri Jourdan 2 Ralf Jung 3 Joseph Tassarotti 4 Jan-Oliver Kaiser 3 Amin Timany 5 eraud 6 Derek Dreyer 3 Arthur Chargu 1 Delft

1.55k views • 141 slides
MoSeL: A General, Extensible Modal Framework for Interactive Proofs in Separation Logic Robbert

MoSeL: A General, Extensible Modal Framework for Interactive Proofs in Separation Logic Robbert

MoSeL: A General, Extensible Modal Framework for Interactive Proofs in Separation Logic Robbert Krebbers 1 Jacques-Henri Jourdan 2 Ralf Jung 3 Joseph Tassarotti 4 Jan-Oliver Kaiser 3 Amin Timany 5 eraud 6 Derek Dreyer 3 Arthur Chargu 1 Delft

710 views • 49 slides
Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2

Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2

Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2 Interactive Proofs IP[k] IP[poly] = PSPACE 2 Interactive Proofs IP[k] IP[poly] = PSPACE IP protocol for TQBF using arithmetization 2 Interactive

1.75k views • 136 slides
MoSeL: A General, Extensible Modal Framework for Interactive Proofs in Separation Logic Robbert

MoSeL: A General, Extensible Modal Framework for Interactive Proofs in Separation Logic Robbert

MoSeL: A General, Extensible Modal Framework for Interactive Proofs in Separation Logic Robbert Krebbers 1 Delft University of Technology, The Netherlands October 9, 2018 @ Types Meeting, Aarhus, Denmark 1 MoSeL is joint work with Jacques-Henri

1.14k views • 98 slides
On Congruence Property of Scope Equivalence for Concurrent Programs with Higher-Order

On Congruence Property of Scope Equivalence for Concurrent Programs with Higher-Order

On Congruence Property of Scope Equivalence for Concurrent Programs with Higher-Order Communication Masaki Murakami Okayama University JAPAN A Formal Model of Concurrent Systems the model presented here is a translation of asynchronous

847 views • 31 slides
A Simple Model of Separation Logic for Higher-order Store Lars Birkedal IT University of

A Simple Model of Separation Logic for Higher-order Store Lars Birkedal IT University of

A Simple Model of Separation Logic for Higher-order Store Lars Birkedal IT University of Copenhagen Joint work with B. Reus, J. Schwinghammer, H. Yang July, 2008 Lars Birkedal (ITU) Sep. Logic for Higher-order Store ICALP 1 / 20

457 views • 20 slides
Lecture 2 : Interactive Proofs in EasyCrypt July 16th, 2013 The Ambient Logic EasyCrypt ambient

Lecture 2 : Interactive Proofs in EasyCrypt July 16th, 2013 The Ambient Logic EasyCrypt ambient

Lecture 2 : Interactive Proofs in EasyCrypt July 16th, 2013 The Ambient Logic EasyCrypt ambient logic is a general higher-order logic. In this talk How define facts about user defined operators How to prove them when automatic techniques

1.08k views • 71 slides
Foundation of Cryptography (0368-4162-01), Lecture 5 Interactive Proofs and Zero Knowledge

Foundation of Cryptography (0368-4162-01), Lecture 5 Interactive Proofs and Zero Knowledge

Foundation of Cryptography (0368-4162-01), Lecture 5 Interactive Proofs and Zero Knowledge Iftach Haitner, Tel Aviv University December 4, 2011 IP for GNI Part I Interactive Proofs IP for GNI Interactive Vs. Interactive Proofs Definition 1 (

1.51k views • 110 slides
Charge! a framework for higher-order separation logic in Coq Lars Birkedal Logic and Semantics

Charge! a framework for higher-order separation logic in Coq Lars Birkedal Logic and Semantics

Charge! a framework for higher-order separation logic in Coq Lars Birkedal Logic and Semantics Group Dept. of Comp. Science, Aarhus University (Joint work with J. Bengtson, J.B. Jensen, H. Mehnert, P . Sestoft, F . Sieczkowski) April 2013

499 views • 34 slides
HO in Coq Guillaume Ambal, Sergue Lenglet and Alan Schmitt Higher-Order -calculus

HO in Coq Guillaume Ambal, Sergue Lenglet and Alan Schmitt Higher-Order -calculus

HO in Coq Guillaume Ambal, Sergue Lenglet and Alan Schmitt Higher-Order -calculus Model of concurrent and communicating systems First-order: inert data (channel names, . . . ) Higher-order: executable processes

866 views • 57 slides
Interactive Proof System We have seen interactive proofs, in various disguised forms, in the

Interactive Proof System We have seen interactive proofs, in various disguised forms, in the

Interactive Proof System We have seen interactive proofs, in various disguised forms, in the definitions of NP , OTM, Cook reduction and PH . We will see that interactive proofs have fundamental connections to cryptography and approximation

1.46k views • 107 slides
Verifying a hash table and its iterators in higher-order separation logic Franois Pottier

Verifying a hash table and its iterators in higher-order separation logic Franois Pottier

Verifying a hash table and its iterators in higher-order separation logic Franois Pottier Vocal meeting Paris, November 10, 2016 Motivation Why verify a hash table implementation ? a simple and useful data structure implements an

499 views • 19 slides
York University www.cs.york.ac.uk/~ndm First order vs Higher order Higher order:

York University www.cs.york.ac.uk/~ndm First order vs Higher order Higher order:

First Order Haskell Neil Mitchell York University www.cs.york.ac.uk/~ndm First order vs Higher order Higher order: functions are values Can be passed around Stored in data structure Harder for reasoning and analysis More

483 views • 15 slides
Portable Higher Order Logic Proofs Joe Hurd and Rob Arthan Galois, Inc. and Lemma 1 Ltd.

Portable Higher Order Logic Proofs Joe Hurd and Rob Arthan Galois, Inc. and Lemma 1 Ltd.

Introduction Articles of Proof Theories Compressing Articles Summary Portable Higher Order Logic Proofs Joe Hurd and Rob Arthan Galois, Inc. and Lemma 1 Ltd. joe@galois.com and rda@lemma-one.com TEITP Workshop Wednesday 11 August 2010 Joe

565 views • 19 slides
Zero-Knowledge Proofs Lecture 15 Interactive Proofs Interactive Proofs Interactive Proofs

Zero-Knowledge Proofs Lecture 15 Interactive Proofs Interactive Proofs Interactive Proofs

Zero-Knowledge Proofs Lecture 15 Interactive Proofs Interactive Proofs Interactive Proofs Prover wants to convince verifier that x has some property Interactive Proofs Prover wants to convince verifier that x has some property i.e. x is in

3.29k views • 145 slides
Reasoning over Permissions Regions in Concurrent Separation Logic James Brotherston, Diana Costa,

Reasoning over Permissions Regions in Concurrent Separation Logic James Brotherston, Diana Costa,

Reasoning over Permissions Regions in Concurrent Separation Logic James Brotherston, Diana Costa, Aquinas Hobor and John Wickerson IRIS Day OScience, Coronavirus Lockdown Edition Tuesday 7th April, 2020 1/ 13 Concurrent separation logic (

164 views • 13 slides
Concurrent separation logic and operational semantics Viktor Vafeiadis MPI-SWS What is the

Concurrent separation logic and operational semantics Viktor Vafeiadis MPI-SWS What is the

Concurrent separation logic and operational semantics Viktor Vafeiadis MPI-SWS What is the paper about? Soundness proof for CSL Simple Extensible Permissions RGSep Storable locks [Buisse, Birkedal, Stvring, MFPS 2011] Concurrent

270 views • 14 slides
Zero-Knowledge Proofs 1 Zero-Knowledge Proofs Lecture 15 1 Interactive Proofs 2 Interactive

Zero-Knowledge Proofs 1 Zero-Knowledge Proofs Lecture 15 1 Interactive Proofs 2 Interactive

Zero-Knowledge Proofs 1 Zero-Knowledge Proofs Lecture 15 1 Interactive Proofs 2 Interactive Proofs 2 Interactive Proofs Prover wants to convince verifier that x has some property 2 Interactive Proofs Prover wants to convince verifier

1.9k views • 174 slides
Fast Interactive Verification through Strong Higher-Order Automation Jasmin Blanchette Pascal

Fast Interactive Verification through Strong Higher-Order Automation Jasmin Blanchette Pascal

Towards Fast Interactive Verification through Strong Higher-Order Automation Jasmin Blanchette Pascal Fontaine Stephan Schulz Uwe Waldmann Vision: Take the Hard Labor out of Vision: Interactive Verification Push button automation for

263 views • 14 slides

More recommend