iris proof mode interactive proofs in higher order
play

Iris Proof Mode Interactive Proofs in Higher-Order Concurrent - PowerPoint PPT Presentation

Aug 13, 2022 •281 likes •1.16k views

Iris Proof Mode Interactive Proofs in Higher-Order Concurrent Separation Logic Robbert Krebbers 1 Delft University of Technology, The Netherlands June 12, 2017 @ MFPS, Ljubljana, Slovenia 1 Iris is joint work with: Ralf Jung, Jacques-Henri

  1. Iris Proof Mode Interactive Proofs in Higher-Order Concurrent Separation Logic Robbert Krebbers 1 Delft University of Technology, The Netherlands June 12, 2017 @ MFPS, Ljubljana, Slovenia 1 Iris is joint work with: Ralf Jung, Jacques-Henri Jourdan, Aleˇ s Bizjak, Hoang-Hai Dang, Jan-Oliver Kaiser, David Swasey, Filip Sieczkowski, Kasper Svendsen, Aaron Turon, Amin Timany, Derek Dreyer, and Lars Birkedal 1

  2. Goal of this talk Many recent program logics come with mechanized soundness proofs, but how to reason in these logics? Goal: reasoning in an object logic in the same style as reasoning in Coq 2

  3. Goal of this talk Many recent program logics come with mechanized soundness proofs, but how to reason in these logics? Goal: reasoning in an object logic in the same style as reasoning in Coq How? ◮ Extend Coq with (spatial and non-spatial) named proof contexts for an object logic ◮ Tactics for introduction and elimination of all connectives of the object logic ◮ Entirely implemented using reflection, type classes and Ltac (no OCaml plugin needed) 2

  4. Goal of this talk Many recent program logics come with mechanized soundness proofs, but how to reason in these logics? Goal: reasoning in Iris in the same style as reasoning in Coq How? ◮ Extend Coq with (spatial and non-spatial) named proof contexts for Iris ◮ Tactics for introduction and elimination of all connectives of Iris ◮ Entirely implemented using reflection, type classes and Ltac (no OCaml plugin needed) Iris : language independent higher-order separation logic for modular reasoning about fine-grained concurrency in Coq 2

  5. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R −∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type P , R : iProp Ψ : A → iProp (1/1) P ∗ ( ∃ a : A , Ψ a ) ∗ R −∗ ∃ a : A , Ψ a ∗ P 3

  6. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R −∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp Ψ : A → iProp (1/1) P ∗ ( ∃ a : A , Ψ a ) ∗ R −∗ ∃ a : A , Ψ a ∗ P 3

  7. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R −∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp Ψ : A → iProp (1/1) "HP" : P "H Ψ " : ∃ a : A , Ψ a "HR" : R − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − −∗ ∃ a : A , Ψ a ∗ P 3

  8. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R −∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp (1/1) "HP" : P "H Ψ " : ∃ a : A , Ψ a "HR" : R − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − −∗ ∃ a : A , Ψ a ∗ P 3

  9. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R −∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp x : A (1/1) "HP" : P "H Ψ " : Ψ x "HR" : R − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − −∗ ∃ a : A , Ψ a ∗ P 3

  10. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R −∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp iExists x. x : A (1/1) "HP" : P "H Ψ " : Ψ x "HR" : R − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − −∗ ∃ a : A , Ψ a ∗ P 3

  11. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R −∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp iExists x. x : A (1/1) "HP" : P "H Ψ " : Ψ x "HR" : R − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − −∗ Ψ x ∗ P 3

  12. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R −∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp iExists x. x : A iSplitL "H Ψ ". (1/1) "HP" : P "H Ψ " : Ψ x "HR" : R − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − −∗ Ψ x ∗ P 3

  13. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 2 subgoals P ∗ ( ∃ a , Ψ a ) ∗ R −∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp iExists x. x : A iSplitL "H Ψ ". (1/2) "H Ψ " : Ψ x − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − −∗ Ψ x (2/2) "HP" : P "HR" : R − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − −∗ P 3

  14. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R −∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp iExists x. x : A iSplitL "H Ψ ". (1/1) - "H Ψ " : Ψ x − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − −∗ Ψ x 3

  15. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R −∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp iExists x. x : A iSplitL "H Ψ ". (1/1) - iAssumption. "H Ψ " : Ψ x − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − −∗ Ψ x 3

  16. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : This subproof is complete , but there are P ∗ ( ∃ a , Ψ a ) ∗ R −∗ ∃ a , Ψ a ∗ P . some unfocused goals : Proof . iIntros "[HP [H Ψ HR]]". (1/1) iDestruct "H Ψ " as (x) "H Ψ ". "HP" : P iExists x. "HR" : R iSplitL "H Ψ ". − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − −∗ - iAssumption. P 3

  17. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R −∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp iExists x. x : A iSplitL "H Ψ ". (1/1) - iAssumption. "HP" : P "HR" : R - − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − −∗ P 3

  18. Iris Proof Mode (IPM) demo Lemma and exist sep { A } P R (Ψ: A → iProp ) : 1 subgoal P ∗ ( ∃ a , Ψ a ) ∗ R −∗ ∃ a , Ψ a ∗ P . M : ucmraT Proof . A : Type iIntros "[HP [H Ψ HR]]". P , R : iProp iDestruct "H Ψ " as (x) "H Ψ ". Ψ : A → iProp iExists x. x : A iSplitL "H Ψ ". (1/1) - iAssumption. "HP" : P "HR" : R - iAssumption. − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − − −∗ P 3

Recommend

Interactive Proof System We have seen interactive proofs, in various disguised forms, in the

Interactive Proof System We have seen interactive proofs, in various disguised forms, in the

Interactive Proof System We have seen interactive proofs, in various disguised forms, in the definitions of NP , OTM, Cook reduction and PH . We will see that interactive proofs have fundamental connections to cryptography and approximation

1.46k views • 107 slides
Interactive Proofs in Higher-Order Concurrent Separation Logic Robbert Krebbers 1 Amin Timany 2

Interactive Proofs in Higher-Order Concurrent Separation Logic Robbert Krebbers 1 Amin Timany 2

Interactive Proofs in Higher-Order Concurrent Separation Logic Robbert Krebbers 1 Amin Timany 2 Lars Birkedal 3 1 Delft University of Technology, The Netherlands 2 imec-Distrinet, KU Leuven, Belgium 3 Aarhus University, Denmark January 18, 2017 @

953 views • 71 slides
(Interactive) Proofs Proofs from 900 BCE until 1800s Pythagorass Theorem: Proof: Looks legit.

(Interactive) Proofs Proofs from 900 BCE until 1800s Pythagorass Theorem: Proof: Looks legit.

15-251: Great Theoretical Ideas in Computer Science Lecture 24 (Interactive) Proofs Proofs from 900 BCE until 1800s Pythagorass Theorem: Proof: Looks legit. Then there was Russell Principia Mathematica Volume 2 Russell and others worked

949 views • 50 slides
Higher Order Proof Engineering Robert White ILLC/INRIA Cool Logic, ILLC 1/23 Higher Order

Higher Order Proof Engineering Robert White ILLC/INRIA Cool Logic, ILLC 1/23 Higher Order

Higher Order Proof Engineering Higher Order Proof Engineering Robert White ILLC/INRIA Cool Logic, ILLC 1/23 Higher Order Proof Engineering Outline Introduction HOL Light and HOL Proof Checking OpenTheory Holide and Dedukti ProofCloud

767 views • 23 slides
Portable Higher Order Logic Proofs Joe Hurd and Rob Arthan Galois, Inc. and Lemma 1 Ltd.

Portable Higher Order Logic Proofs Joe Hurd and Rob Arthan Galois, Inc. and Lemma 1 Ltd.

Introduction Articles of Proof Theories Compressing Articles Summary Portable Higher Order Logic Proofs Joe Hurd and Rob Arthan Galois, Inc. and Lemma 1 Ltd. joe@galois.com and rda@lemma-one.com TEITP Workshop Wednesday 11 August 2010 Joe

565 views • 19 slides
Iris: a framework for higher-order concurrent separation logic in Coq Robbert Krebbers 1 Delft

Iris: a framework for higher-order concurrent separation logic in Coq Robbert Krebbers 1 Delft

Iris: a framework for higher-order concurrent separation logic in Coq Robbert Krebbers 1 Delft University of Technology, The Netherlands January 15, 2017 @ TTT, Paris, France 1 Iris is joint work with: Ralf Jung, Jacques-Hendri Jourdan, Ale s

1.49k views • 124 slides
Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2

Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2

Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2 Interactive Proofs IP[k] IP[poly] = PSPACE 2 Interactive Proofs IP[k] IP[poly] = PSPACE IP protocol for TQBF using arithmetization 2 Interactive

1.75k views • 136 slides
Proof Engineering of Higher Order Logic Wang) Collaboration, Translation, Checking and Retrieval

Proof Engineering of Higher Order Logic Wang) Collaboration, Translation, Checking and Retrieval

Proof Engineering of Higher Order Logic Robert White (Shuai Proof Engineering of Higher Order Logic Wang) Collaboration, Translation, Checking and Retrieval Introduction Higher Order Logic HOL Kernel Inference Rules Robert White

539 views • 29 slides
Mechanized proofs in higher-order separation logic Robbert Krebbers Delft University of

Mechanized proofs in higher-order separation logic Robbert Krebbers Delft University of

Mechanized proofs in higher-order separation logic Robbert Krebbers Delft University of Technology, The Netherlands February 5, 2019 @ Vrije Universiteit, Amsterdam, The Netherlands 1 Tactic-style proofs (as in LCF/Coq/HOL/ etc. ) have shown to

978 views • 97 slides
3515ICT Theory of Computation Some sample proofs 4-0 Proof types 1. Proof

3515ICT Theory of Computation Some sample proofs 4-0 Proof types 1. Proof

Griffith University 3515ICT Theory of Computation Some sample proofs 4-0 Proof types 1. Proof by construction 2. Proof by equivalence 3. Proof by contradiction 4. Proof by case analysis 5. Proof by induction

549 views • 11 slides
Proofs of communication and its application e-mails Proof-of-work for fighting spam Proof-of-

Proofs of communication and its application e-mails Proof-of-work for fighting spam Proof-of-

SOFSEM 2008 Filtering unwanted Proofs of communication and its application e-mails Proof-of-work for fighting spam Proof-of- communication Location generation Preparing proofs Verifying proof Marek Klonowski Tomasz Strumi nski Open

348 views • 23 slides
A proof-theoretic foundation for tabled higher-order logic programming Brigitte Pientka

A proof-theoretic foundation for tabled higher-order logic programming Brigitte Pientka

A proof-theoretic foundation for tabled higher-order logic programming Brigitte Pientka Department of Computer Science Carnegie Mellon University Pittsburgh, PA, 15217, USA A proof-theoretic foundation for tabled higher-order logic programming

1.19k views • 69 slides
Lecture 2 : Interactive Proofs in EasyCrypt July 16th, 2013 The Ambient Logic EasyCrypt ambient

Lecture 2 : Interactive Proofs in EasyCrypt July 16th, 2013 The Ambient Logic EasyCrypt ambient

Lecture 2 : Interactive Proofs in EasyCrypt July 16th, 2013 The Ambient Logic EasyCrypt ambient logic is a general higher-order logic. In this talk How define facts about user defined operators How to prove them when automatic techniques

1.08k views • 71 slides
Foundation of Cryptography (0368-4162-01), Lecture 5 Interactive Proofs and Zero Knowledge

Foundation of Cryptography (0368-4162-01), Lecture 5 Interactive Proofs and Zero Knowledge

Foundation of Cryptography (0368-4162-01), Lecture 5 Interactive Proofs and Zero Knowledge Iftach Haitner, Tel Aviv University December 4, 2011 IP for GNI Part I Interactive Proofs IP for GNI Interactive Vs. Interactive Proofs Definition 1 (

1.51k views • 110 slides
Projects. Probabilistically Checkable Proofs... Probabilistically Checkable Proofs Whats a

Projects. Probabilistically Checkable Proofs... Probabilistically Checkable Proofs Whats a

Projects. Probabilistically Checkable Proofs... Probabilistically Checkable Proofs Whats a proof? Statement: A formula is satisfiable. Proof: assignment, a . Property: 5 minute presentations. Can check proof in polynomial time. A real

401 views • 3 slides
Interactive proof and zero knowledge protocols Zero-knowledge: definition Probabilistic

Interactive proof and zero knowledge protocols Zero-knowledge: definition Probabilistic

Interactive proof and zero knowledge protocols Zero-knowledge: definition Probabilistic complexity classes and Interactive proofs Graph isomorphism and PCP Some zero knowledge protocols: Feige-Fiat-Shamir authentication protocol

170 views • 16 slides
Higher order Ambisonics Higher order Ambisonics A future-proof 3D audio technique A future-proof

Higher order Ambisonics Higher order Ambisonics A future-proof 3D audio technique A future-proof

Higher order Ambisonics Higher order Ambisonics A future-proof 3D audio technique A future-proof 3D audio technique What is Ambisonics? What is Ambisonics? How does it work? How does it work? Higher orders: Higher orders: theory and

859 views • 60 slides
ProverBot9000 A proof assistant assistant Proofs are hard Proof assistants are hard Big Idea:

ProverBot9000 A proof assistant assistant Proofs are hard Proof assistants are hard Big Idea:

ProverBot9000 A proof assistant assistant Proofs are hard Proof assistants are hard Big Idea: Proofs are hard, make computers do them Proofs are just language with lots of structure Local Context Global Goal Context Want to generate this!

288 views • 18 slides
York University www.cs.york.ac.uk/~ndm First order vs Higher order Higher order:

York University www.cs.york.ac.uk/~ndm First order vs Higher order Higher order:

First Order Haskell Neil Mitchell York University www.cs.york.ac.uk/~ndm First order vs Higher order Higher order: functions are values Can be passed around Stored in data structure Harder for reasoning and analysis More

483 views • 15 slides
Zero-Knowledge Proofs Lecture 15 Interactive Proofs Interactive Proofs Interactive Proofs

Zero-Knowledge Proofs Lecture 15 Interactive Proofs Interactive Proofs Interactive Proofs

Zero-Knowledge Proofs Lecture 15 Interactive Proofs Interactive Proofs Interactive Proofs Prover wants to convince verifier that x has some property Interactive Proofs Prover wants to convince verifier that x has some property i.e. x is in

3.29k views • 145 slides
Zero-Knowledge Proofs 1 Zero-Knowledge Proofs Lecture 15 1 Interactive Proofs 2 Interactive

Zero-Knowledge Proofs 1 Zero-Knowledge Proofs Lecture 15 1 Interactive Proofs 2 Interactive

Zero-Knowledge Proofs 1 Zero-Knowledge Proofs Lecture 15 1 Interactive Proofs 2 Interactive Proofs 2 Interactive Proofs Prover wants to convince verifier that x has some property 2 Interactive Proofs Prover wants to convince verifier

1.9k views • 174 slides
Higher order proof reconstruction from paramodulation-based refutations: the unit equality case

Higher order proof reconstruction from paramodulation-based refutations: the unit equality case

Higher order proof reconstruction from paramodulation-based refutations: the unit equality case Andrea Asperti and Enrico Tassi Department of Computer Science, University of Bologna 28-30 June 2007 Context What we had: Matita is an ITP

651 views • 37 slides
SUPERPOSITION FOR LAMBDA-FREE HIGHER-ORDER LOGIC Motivation: Sledgehammer 2 Proof goal

SUPERPOSITION FOR LAMBDA-FREE HIGHER-ORDER LOGIC Motivation: Sledgehammer 2 Proof goal

1 ALEXANDER BENTKAMP JASMIN BLANCHETTE SIMON CRUANES UWE WALDMANN SUPERPOSITION FOR LAMBDA-FREE HIGHER-ORDER LOGIC Motivation: Sledgehammer 2 Proof goal from Isabelle Fact selection Translation to FOL A complete HO

299 views • 17 slides
SUPERPOSITION FOR LAMBDA-FREE HIGHER-ORDER LOGIC Motivation: Sledgehammer 2 Proof goal

SUPERPOSITION FOR LAMBDA-FREE HIGHER-ORDER LOGIC Motivation: Sledgehammer 2 Proof goal

1 ALEXANDER BENTKAMP JASMIN BLANCHETTE SIMON CRUANES UWE WALDMANN SUPERPOSITION FOR LAMBDA-FREE HIGHER-ORDER LOGIC Motivation: Sledgehammer 2 Proof goal from Isabelle Fact selection Translation to FOL Superposition provers

422 views • 31 slides

More recommend