mechanizing meta theory in beluga
play

Mechanizing Meta-Theory in Beluga Brigitte Pientka School of - PowerPoint PPT Presentation

Jan 27, 2024 •27 likes •687 views

Introduction Beluga:Design and implementation Mechanizing Meta-Theory in Beluga Brigitte Pientka School of Computer Science McGill University Montreal, Canada B. Pientka Mechanizing Meta-Theory in Beluga 1 / 35 Introduction Beluga:Design

  1. Introduction Beluga:Design and implementation Mechanizing Meta-Theory in Beluga Brigitte Pientka School of Computer Science McGill University Montreal, Canada B. Pientka Mechanizing Meta-Theory in Beluga 1 / 35

  2. Introduction Beluga:Design and implementation Mechanizing formal systems and proofs: How and Why? B. Pientka Mechanizing Meta-Theory in Beluga 2 / 35

  3. Introduction Beluga:Design and implementation Mechanizing formal systems and proofs: How and Why? • Formal systems (given via axioms and inference rules) play an important role when designing languages and more generally ensure that software are reliable, safe, and trustworthy. • Proofs ( that a given property is satisfied ) are becoming pervasive and an integral part of certified software. (see: CompCert, DeepSpec, RustBelt, Sel4, Cogent) B. Pientka Mechanizing Meta-Theory in Beluga 2 / 35

  4. Introduction Beluga:Design and implementation Mechanizing formal systems and proofs: How and Why? • Formal systems (given via axioms and inference rules) play an important role when designing languages and more generally ensure that software are reliable, safe, and trustworthy. • Proofs ( that a given property is satisfied ) are becoming pervasive and an integral part of certified software. (see: CompCert, DeepSpec, RustBelt, Sel4, Cogent) Meta-Theory Properties: Program (in Assembler, C, – Memory/Type Safety : Prog. doesn’t crash ML, Java, Rust, ...) – Contextual Equivalence : Two programs are indistinguishable in any valid program context – Bisimulation : Two systems behave the same B. Pientka Mechanizing Meta-Theory in Beluga 2 / 35

  5. Introduction Beluga:Design and implementation Challenges in Establishing Formal Guarantees B. Pientka Mechanizing Meta-Theory in Beluga 3 / 35

  6. Introduction Beluga:Design and implementation Challenges in Establishing Formal Guarantees • Costly B. Pientka Mechanizing Meta-Theory in Beluga 3 / 35

  7. Introduction Beluga:Design and implementation Challenges in Establishing Formal Guarantees • Costly • Large size of formal developments - CompCert: 4,400 lines of compiler code vs 28,000 lines of verification - A specification of dependent Haskel [ICFP’17]: 17K Coq code + 13K generated code from Ott Spec.; 1.4K Ott Specification; B. Pientka Mechanizing Meta-Theory in Beluga 3 / 35

  8. Introduction Beluga:Design and implementation Challenges in Establishing Formal Guarantees • Costly • Large size of formal developments - CompCert: 4,400 lines of compiler code vs 28,000 lines of verification - A specification of dependent Haskel [ICFP’17]: 17K Coq code + 13K generated code from Ott Spec.; 1.4K Ott Specification; • Low-level representations (variables are modelled via de Bruijn indices) - D. Hirschkoff [TPHOLs’97]: Bisimulation Proofs for the π -calculus in Coq (600 out of 800 lemmas are infrastructural) - Ambler and Crole [TPHOLs’99]: Precongruence of bisimulation for PCFL ( ≈ 160 infrastructural lemmas about de Brujn representation;main lemmas ≈ 34) - J. Kaiser et. al [FSCD’17]: Relating System F and λ 2 (PTS) de Bruijn over 1K lines of infrastructural code in Coq; over 500 lines in Abella; about 100 in Beluga B. Pientka Mechanizing Meta-Theory in Beluga 3 / 35

  9. Introduction Beluga:Design and implementation Challenges in Establishing Formal Guarantees • Costly • Large size of formal developments - CompCert: 4,400 lines of compiler code vs 28,000 lines of verification - A specification of dependent Haskel [ICFP’17]: 17K Coq code + 13K generated code from Ott Spec.; 1.4K Ott Specification; • Low-level representations (variables are modelled via de Bruijn indices) - D. Hirschkoff [TPHOLs’97]: Bisimulation Proofs for the π -calculus in Coq (600 out of 800 lemmas are infrastructural) - Ambler and Crole [TPHOLs’99]: Precongruence of bisimulation for PCFL ( ≈ 160 infrastructural lemmas about de Brujn representation;main lemmas ≈ 34) - J. Kaiser et. al [FSCD’17]: Relating System F and λ 2 (PTS) de Bruijn over 1K lines of infrastructural code in Coq; over 500 lines in Abella; about 100 in Beluga • Scalability, reusability, maintainability, automation B. Pientka Mechanizing Meta-Theory in Beluga 3 / 35

  10. Introduction Beluga:Design and implementation Proofs: The tip of the iceberg “We may think of [the] proof as an iceberg. In the top of it, we find what we usually consider the real proof; underwater, the most of the matter, consisting of all mathematical preliminaries a reader must know in order to understand what is going on.” S. Berardi [1990] B. Pientka Mechanizing Meta-Theory in Beluga 4 / 35

  11. Introduction Beluga:Design and implementation Proofs: The tip of the iceberg Main Proof Scope Renaming Binding Hypothesis Variables Context Substitution s l e b Derivation Tree a i a r v n e g E i “We may think of [the] proof as an iceberg. In the top of it, we find what we usually consider the real proof; underwater, the most of the matter, consisting of all mathematical preliminaries a reader must know in order to understand what is going on.” S. Berardi [1990] B. Pientka Mechanizing Meta-Theory in Beluga 5 / 35

  12. Introduction Beluga:Design and implementation Question What are good meta-languages to program and reason with formal systems and proofs? “The motivation behind the work in very-high-level languages is to ease the programming task by providing the programmer with a language containing primitives or abstractions suitable to his problem area. The programmer is then able to spend his effort in the right place; he concentrates on solving his problem, and the resulting program will be more reliable as a result. Clearly, this is a worthwhile goal.” B. Liskov [1974] B. Pientka Mechanizing Meta-Theory in Beluga 6 / 35

  13. Introduction Beluga:Design and implementation Above and Below the Surface Beluga : Dependently typed Programming and Proof Environment Functional Programmming Main Proof with Indexed Types Scope Renaming Binding Hypothesis Variables Contextual LF Context Substitution s e b l Derivation Tree a r i a v n e g i E • Below the surface: Support for key concepts based on Contextual LF • Above the surface: (Co)Inductive Proofs = (Co)Recursive Programs using (Co)pattern Matching with built-in index language of Contextual LF objects B. Pientka Mechanizing Meta-Theory in Beluga 7 / 35

  14. Introduction Beluga:Design and implementation Design of Beluga • Top : Functional programming with indexed (co)data types [POPL’08,POPL’12,POPL’13,ICFP’16] On paper proof In Beluga [IJCAR’10,CADE’15] Case analysis of inputs Case analysis via pattern matching Inversion Pattern matching using let-expression Observations on output Case analysis via copattern matching (Co)Induction hypothesis (Co)Recursive call • Bottom: Contextual LF Well-formed derivations Dependent types Renaming,Substitution α -renaming, β -reduction in LF Well-scoped derivation Contextual types and objects [TOCL’08] Context Context schemas Properties of contexts Typing for schemas (weakening, uniqueness) Simultaneous Substitutions Substitution type [LFMTP’13,15] (composition, identity) B. Pientka Mechanizing Meta-Theory in Beluga 8 / 35

  15. Introduction Beluga:Design and implementation This Talk Design and implementation of Beluga • Introduction • Example: Proof by logical relation • Writing a proof in Beluga . . . • Conclusion and curent work “The limits of my language mean the limits of my world.” - L. Wittgenstein B. Pientka Mechanizing Meta-Theory in Beluga 9 / 35

  16. Introduction Beluga:Design and implementation This Talk Design and implementation of Beluga • Introduction • Example: Proof by logical relations • Writing a proof in Beluga . . . • Conclusion and curent work “The limits of my language mean the limits of my world.” - L. Wittgenstein B. Pientka Mechanizing Meta-Theory in Beluga 9 / 35

  17. Introduction Beluga:Design and implementation Simply Typed Lambda-calculus (Gentzen-style) Types A , B ::= i Terms M, N ::= x | c | A ⇒ B | lam x . M | app M N Evaluation Judgment: M − → M ′ read as “ M steps to M ′ ” → [ N / x ] M s / beta → M s / refl app (lam x . M ) N − M − M ′ − → M ′ M − → M ′ M − → N → app M ′ N s / app s / trans app M N − M − → N B. Pientka Mechanizing Meta-Theory in Beluga 10 / 35

  18. Introduction Beluga:Design and implementation Simply Typed Lambda-calculus (Gentzen-style) Types A , B ::= i Terms M, N ::= x | c | A ⇒ B | lam x . M | app M N Evaluation Judgment: M − → M ′ read as “ M steps to M ′ ” → [ N / x ] M s / beta → M s / refl app (lam x . M ) N − M − M ′ − → M ′ M − → M ′ M − → N → app M ′ N s / app s / trans app M N − M − → N Typing Judgment: M : A read as “ M has type A ” (Gentzen-style) x : A u . . . M : B M : A ⇒ B N : A lam x . M : A ⇒ B lam x , u app c : i const app M N : B B. Pientka Mechanizing Meta-Theory in Beluga 10 / 35

Recommend

Thinking About Mechanizing the Meta-Theory of Session Types Francisco Ferreira (joint work with

Thinking About Mechanizing the Meta-Theory of Session Types Francisco Ferreira (joint work with

Thinking About Mechanizing the Meta-Theory of Session Types Francisco Ferreira (joint work with Nobuko Yoshida) 17th Dec ABCD Meeting - Imperial College London 1 /27 Engineering the Meta-Theory of Session Types Francisco Ferreira (joint

1.26k views • 76 slides
Mechanizing Set Theory: Cardinal Arithmetic and the Axiom of Choice Krzysztof Gra bczewski ,

Mechanizing Set Theory: Cardinal Arithmetic and the Axiom of Choice Krzysztof Gra bczewski ,

Gra bczewski & Paulson Mechanizing Set Theory 1 Mechanizing Set Theory: Cardinal Arithmetic and the Axiom of Choice Krzysztof Gra bczewski , Copernicus University, Torun, Poland Lawrence C Paulson , Computer Laboratory, Cambridge

223 views • 10 slides
BELUGA GROUP Ma May 2020 PRESENTATION BELUGA GROUP at a glance Diversified business #1 Spirits

BELUGA GROUP Ma May 2020 PRESENTATION BELUGA GROUP at a glance Diversified business #1 Spirits

BELUGA GROUP Ma May 2020 PRESENTATION BELUGA GROUP at a glance Diversified business #1 Spirits producer in Russia with portfolio of own and imported brands #4 In vodka globally One of the largest Growing scale of Importer in Russia export

300 views • 27 slides
BELUGA GROUP Aug August 2019 1H2019 EARNINGS PRESENTATION Disclaimer This presentation has

BELUGA GROUP Aug August 2019 1H2019 EARNINGS PRESENTATION Disclaimer This presentation has

BELUGA GROUP Aug August 2019 1H2019 EARNINGS PRESENTATION Disclaimer This presentation has been prepared by Beluga Group, Co. (the Company , or Beluga changes in consumer preferences and tastes, demographic trends or perceptions

173 views • 15 slides
Getting to the Box of it: proof-theory for meta-programming and modal type theory Murdoch J.

Getting to the Box of it: proof-theory for meta-programming and modal type theory Murdoch J.

Getting to the Box of it: proof-theory for meta-programming and modal type theory Murdoch J. Gabbay and Aleksander Nanevski Thanks to Stephane Lengrand and Roy Dyckhoff November 18, 2011 Congratulations Roy We are all delighted to see you

318 views • 20 slides
1H2018 Earnings Presentation August 2018 This presentation has been prepared by Beluga Group, Co.

1H2018 Earnings Presentation August 2018 This presentation has been prepared by Beluga Group, Co.

1H2018 Earnings Presentation August 2018 This presentation has been prepared by Beluga Group, Co. (the Company , or about health related issues; Beluga Group ) and together with its subsidiaries. By attending the meeting where the

427 views • 19 slides
2017 Earnings Presentation April 2018 This presentation has been prepared by Beluga Group, Co.

2017 Earnings Presentation April 2018 This presentation has been prepared by Beluga Group, Co.

2017 Earnings Presentation April 2018 This presentation has been prepared by Beluga Group, Co. (the Company , or about health related issues; Beluga Group ) and together with its subsidiaries. By attending the meeting where the

445 views • 20 slides
Developing (Meta)Theory of -calculus in the Theory of Contexts Marino Miculan Universit` a

Developing (Meta)Theory of -calculus in the Theory of Contexts Marino Miculan Universit` a

Workshop MERLIN Siena, 18 June 2001 Developing (Meta)Theory of -calculus in the Theory of Contexts Marino Miculan Universit` a di Udine, Italy miculan@dimi.uniud.it A common scenario represent formally ( encode ) syntax and semantics

1.04k views • 35 slides
What can logic do for AI? David McAllester TTI-Chicago Motivating Type Theory Meta-Mathematics:

What can logic do for AI? David McAllester TTI-Chicago Motivating Type Theory Meta-Mathematics:

What can logic do for AI? David McAllester TTI-Chicago Motivating Type Theory Meta-Mathematics: Type Theory as Cognitive Science Mathematics exists as a human social enterprise. Modern mathematicians tend to be untrained in mathematical logic.

403 views • 29 slides
Contextual modal type theory: a foundation for meta-variables Brigitte Pientka School of

Contextual modal type theory: a foundation for meta-variables Brigitte Pientka School of

Contextual modal type theory: a foundation for meta-variables Brigitte Pientka School of Computer Science McGill University Montreal, Canada Joint work with A. Nanevski and F . Pfenning Contextual modal type theory: p.1/39 Outline

846 views • 51 slides
Conditionals: between language and reasoning Class 2, part 1 - The meta-linguistic theory April

Conditionals: between language and reasoning Class 2, part 1 - The meta-linguistic theory April

Conditionals: between language and reasoning Class 2, part 1 - The meta-linguistic theory April 30, 2019 Two classes of conditionals: Ontic (aka counterfactuals): (1) If Oswald hadnt shot Kennedy, someone else would have. Epistemic

985 views • 50 slides
Validating Constructive Meta-Theory with Rogue Aaron Stump Assistant Professor Dept. of

Validating Constructive Meta-Theory with Rogue Aaron Stump Assistant Professor Dept. of

Validating Constructive Meta-Theory with Rogue Aaron Stump Assistant Professor Dept. of Computer Science and Engineering Washington University in St. Louis St. Louis, Missouri, USA http://cl.cse.wustl.edu 2 Overview deductive systems

612 views • 37 slides
Mechanizing the Minimization of Deterministic Generalized B uchi Automata Souheib Baarir 1 , 2

Mechanizing the Minimization of Deterministic Generalized B uchi Automata Souheib Baarir 1 , 2

Mechanizing the Minimization of Deterministic Generalized B uchi Automata Souheib Baarir 1 , 2 Alexandre Duret-Lutz 3 1 Universit e Paris Ouest Nanterre la D efense, Nanterre, France 2 Sorbonne Universit es, UPMC Univ. Paris 6, UMR

795 views • 43 slides
Causal Theory of Intention Phil 255 David Armstrong Armstrong begins with some meta - philosophy:

Causal Theory of Intention Phil 255 David Armstrong Armstrong begins with some meta - philosophy:

Causal Theory of Intention Phil 255 David Armstrong Armstrong begins with some meta - philosophy: Logical positivists generated a crisis in philosophy: Wittgenstein: role for philosophy was to clarify problems Ryle: philosophers were to perform

273 views • 14 slides
Relating System F and 2: A Case Study in Coq, Abella and Beluga Jonas Kaiser Brigitte Pientka

Relating System F and 2: A Case Study in Coq, Abella and Beluga Jonas Kaiser Brigitte Pientka

Relating System F and 2: A Case Study in Coq, Abella and Beluga Jonas Kaiser Brigitte Pientka Gert Smolka FSCD 2017, Oxford September 4, 2017 saarland university computer science saarland System F [Girard 72] / PTLC [Reynolds 74]

401 views • 25 slides
CS 671 Automated Reasoning Reflection Reflection basic methodology Represent object and

CS 671 Automated Reasoning Reflection Reflection basic methodology Represent object and

CS 671 Automated Reasoning Reflection Reflection basic methodology Represent object and meta level in type theory Represent meta-logical concepts as Nuprl terms Express specific object logic in represented meta logic Build

334 views • 9 slides
META-NET and META Hans Uszkoreit Co-funded, by, the, 7th, Framework, Programme, of, the,

META-NET and META Hans Uszkoreit Co-funded, by, the, 7th, Framework, Programme, of, the,

META-NET and META Hans Uszkoreit Co-funded, by, the, 7th, Framework, Programme, of, the, European, Commission, through, the, contract, T4ME,, grant, agreement, no.:, 249119. Language Technology Everywhere spell checker in Microsoft Word

624 views • 33 slides
Mechanizing Abstract Interpretation Thesis Defense David Darais University of Maryland Software

Mechanizing Abstract Interpretation Thesis Defense David Darais University of Maryland Software

Mechanizing Abstract Interpretation Thesis Defense David Darais University of Maryland Software Reliability The Usual Story } Program Testing Analysis Compiler Operating System Hardware 3 The Usual Story } Program .

1.81k views • 143 slides
META Seal of Recognition and META Prize Award Ceremony Georg Rehm (DFKI) on behalf of the

META Seal of Recognition and META Prize Award Ceremony Georg Rehm (DFKI) on behalf of the

META Seal of Recognition and META Prize Award Ceremony Georg Rehm (DFKI) on behalf of the META Technology Council and the META-NET Executive Board

809 views • 28 slides
Lecture 31/Chapter 25 More about Meta-Analysis Benefits and Pitfalls An Application:

Lecture 31/Chapter 25 More about Meta-Analysis Benefits and Pitfalls An Application:

Lecture 31/Chapter 25 More about Meta-Analysis Benefits and Pitfalls An Application: Mendels Data Mozart Effect Meta-Analysis Details Sugar/Hyperactivity Meta-Analysis Details Issues in Meta-Analysis (Review) Which studies

532 views • 24 slides
Meta- Meta -Programming with Programming with Modelica Modelica for Meta- for Meta

Meta- Meta -Programming with Programming with Modelica Modelica for Meta- for Meta

Meta- Meta -Programming with Programming with Modelica Modelica for Meta- for Meta -Modeling and Modeling and Model Transformations Model Transformations Peter Fritzson, Adrian Pop Peter Fritzson, Adrian Pop OpenModelica Course, 2007

381 views • 14 slides
Meta-Programming in KDE The technology behind KConfig XT and friends Cornelius Schumacher The

Meta-Programming in KDE The technology behind KConfig XT and friends Cornelius Schumacher The

Meta-Programming in KDE The technology behind KConfig XT and friends Cornelius Schumacher The KDE Project KDE Developer Conference 2004 p.1 Overview What is Meta-Programmig? Flavors of Meta-Programming Code Generators in KDE libkabc

514 views • 34 slides
Meta Learning Shengchao Liu Background Meta Learning (AKA Learning to Learn) A

Meta Learning Shengchao Liu Background Meta Learning (AKA Learning to Learn) A

Meta Learning Shengchao Liu Background Meta Learning (AKA Learning to Learn) A fast-learning algorithm: quickly adapted from the source tasks to the target tasks Key terminologies Support Set & Query Set C-Way K-Shot

2k views • 41 slides
Bayesian Model-Agnostic Meta-Learning Taesup Kim* (presenter), Jaesik Yoon* Ousmane Dia,

Bayesian Model-Agnostic Meta-Learning Taesup Kim* (presenter), Jaesik Yoon* Ousmane Dia,

Bayesian Model-Agnostic Meta-Learning Taesup Kim* (presenter), Jaesik Yoon* Ousmane Dia, Sungwoong Kim, Yoshua Bengio, Sungjin Ahn Model-Agnostic Meta-learning (MAML) gradient-based meta-learning framework meta-update task adaptation

886 views • 22 slides

More recommend