a coq retrospective at the heart of coq architecture the
play

a Coq retrospective at the heart of Coq architecture the genesis - PowerPoint PPT Presentation

Feb 01, 2023 •134 likes •561 views

a Coq retrospective at the heart of Coq architecture the genesis of version 7.0 Jean-Christophe Filli atre CNRS The Coq Workshop 2020 July 6, 2020 35 years of history 1994 2000 2020 1984 first version 7.0 release March 2001

  1. a Coq retrospective — at the heart of Coq architecture the genesis of version 7.0 Jean-Christophe Filliˆ atre CNRS The Coq Workshop 2020 July 6, 2020

  2. 35 years of history 1994 2000 2020 1984 first version 7.0 release March 2001 1.10

  3. a closer look Fall 1992 . . . . . .

  4. a closer look Fall 1992 . . . . . . Chet Murthy works on 5.8

  5. a closer look Spring 1994 . . . . . . Chet makes version 5.10

  6. a closer look Spring Dec 1994 1996 . . . . . . release of 6.1

  7. a closer look Spring May 1994 1998 . . . . . . release of 6.2

  8. a closer look Spring Dec 1994 1999 . . . . . . release of 6.3

  9. a closer look Spring Fall 1994 1999 . . . . . . building the V7 architecture

  10. what was in Chet’s 5.10

  11. what was in Chet’s 5.10 • efficiency • de Bruijn indices, space-efficient terms • hash-consed identifiers • efficient rollback mechanism (more later) • extensibility • user-extensible grammar (parser, pretty-printer) • mechanisms to declare new tables/operations • separate compilation • a Coq file is a separate module • it is compiled to a .vo file

  12. rollback mechanism 1. when declaring a table, provide freeze/unfreeze operations

  13. rollback mechanism 1. when declaring a table, provide freeze/unfreeze operations 2. a single stack of all operations (with a little bit of dynamic typing under the hood) op 1 . . .

  14. rollback mechanism 1. when declaring a table, provide freeze/unfreeze operations 2. a single stack of all operations (with a little bit of dynamic typing under the hood) op 1 op 2 . . .

  15. rollback mechanism 1. when declaring a table, provide freeze/unfreeze operations 2. a single stack of all operations (with a little bit of dynamic typing op 1 under the hood) op 2 op 3 . . .

  16. rollback mechanism 1. when declaring a table, provide freeze/unfreeze operations 2. a single stack of all operations (with a little bit of dynamic typing op 1 under the hood) op 2 op 3 3. from time to time, take snapshots op 4 snapshot 1 of all tables using freeze . . .

  17. rollback mechanism 1. when declaring a table, provide freeze/unfreeze operations 2. a single stack of all operations op 1 (with a little bit of dynamic typing op 2 under the hood) op 3 op 4 snapshot 1 3. from time to time, take snapshots op 5 of all tables using freeze . . .

  18. rollback mechanism 1. when declaring a table, provide freeze/unfreeze operations 2. a single stack of all operations op 1 (with a little bit of dynamic typing op 2 under the hood) op 3 op 4 snapshot 1 3. from time to time, take snapshots op 5 of all tables using freeze op 6 . . .

  19. rollback mechanism 1. when declaring a table, provide freeze/unfreeze operations op 1 2. a single stack of all operations op 2 (with a little bit of dynamic typing op 3 under the hood) op 4 snapshot 1 op 5 3. from time to time, take snapshots op 6 of all tables using freeze op 7 . . .

  20. rollback mechanism 1. when declaring a table, provide freeze/unfreeze operations op 1 2. a single stack of all operations op 2 (with a little bit of dynamic typing op 3 under the hood) op 4 snapshot 1 op 5 3. from time to time, take snapshots op 6 of all tables using freeze op 7 op 8 snapshot 2 . . .

  21. rollback mechanism 1. when declaring a table, provide freeze/unfreeze operations op 1 op 2 2. a single stack of all operations op 3 (with a little bit of dynamic typing op 4 snapshot 1 under the hood) op 5 op 6 3. from time to time, take snapshots op 7 of all tables using freeze op 8 snapshot 2 op 9 . . .

  22. rollback mechanism 1. when declaring a table, provide freeze/unfreeze operations 2. a single stack of all operations op 1 (with a little bit of dynamic typing op 2 under the hood) op 3 op 4 snapshot 1 3. from time to time, take snapshots op 5 of all tables using freeze op 6 . . . 4. to move back in time, roll back to the previous snapshot and redo some operations

  23. a pure beauty let table = ref ...purely functional data structure... let freeze () = !table (* O(1) *) let unfreeze v = table := v (* O(1) *) assuming some flavor of balanced trees, this is only a O (log N ) overhead factor (time and space) may even be less than that for space (depends on snapshot frequency)

  24. why changing something that works fine? despite all its marvels, 5.10 had no such thing as a kernel of trust (and subsequently the versions 6) the trusted computing base was a little bit everywhere in particular, • the rollback mechanism comes first • CIC declarations are operations like any others

  25. Coq version 7 a new architecture, with a kernel

  26. sketch 1. implement a purely functional type checker for the CIC (the kernel) 2. then the rollback mechanism (outside the kernel) 3. last, declare a table holding the current typing environment (in a reference)

  27. a safe kernel even like this, the kernel is not small (7,800 loc at that time) not convenient to put all that behind a single abstraction barrier (and no such thing as OCaml -pack back in 1999)

  28. a multistage kernel files for CIC terms type constr = ... can be ill-formed/ill-typed ...

  29. a multistage kernel files for CIC terms type constr = ... can be ill-formed/ill-typed ... files for CIC environments type env = ... just a data structure val add_constant: env -> constant -> env environments can be ill-formed ...

  30. a multistage kernel files for CIC terms type constr = ... can be ill-formed/ill-typed ... files for CIC environments type env = ... just a data structure val add_constant: env -> constant -> env environments can be ill-formed ... files for typing rules val type_constr: can be misused env -> constr -> constr ...

  31. abstraction barrier finally, wrap everything behind an abstraction barrier type safe_env val empty: safe_env val add_constant: safe_env -> constant -> safe_env ...

  32. abstraction barrier finally, wrap everything behind an abstraction barrier type safe_env val empty: safe_env val add_constant: safe_env -> constant -> safe_env ... whose implementation is trivial type safe_env = env let empty = Env.empty let add_constant env c = let c = type_constant env c in Env.add_constant env c ...

  33. global environment outside the kernel, declare a global, mutable environment let global_env = ref Kernel.empty let add_constant c = global_env := Kernel.add_constant !global_env c ... and declare it as a table let freeze () = !global_env let unfreeze v = global_env := v let _ = declare_table "typing env" freeze unfreeze

  34. how to trust the disk? one more issue: Coq’s Require loads declarations from .vo files and all this machinery is outside of the kernel

  35. how to trust the disk? one more issue: Coq’s Require loads declarations from .vo files and all this machinery is outside of the kernel the solution is borrowed from OCaml’s compiler • when writing a file to the disk, • include MD5 checksums of loaded modules • include its own checksum • when loading a file, • verify that assumptions and reality coincide

  36. if I had to do it again

  37. if I had to do it again • I would consider hash-consing+memoisation seriously • I would consider a more defensive API for the kernel, with terms that are always well-typed

  38. conclusion

  39. many, many thanks deep thanks to • Chet, for his code, for inspiring me • Christine, for a one-in-a-lifetime opportunity and to all the other Coq developers in 1994–1999 • Hugo Herbelin • Bruno Barras • G´ • Cristina Cornes erard Huet • Patrick Loiseleur • Yann Coscoy • C´ • Judica¨ esar Mu˜ noz el Courant • Catherine Parent-Vigouroux • David Delahaye • Amokrane Sa¨ • Daniel de Rauglaudre ıbi • Benjamin Werner • Eduardo Gim´ enez

  40. takeaway • if you see young interns who like coding and who are willing to contribute, give them a chance

  41. takeaway • if you see young interns who like coding and who are willing to contribute, give them a chance • your code won’t be the best cathedral ever; accept this idea and make the best compromise you can

  42. takeaway • if you see young interns who like coding and who are willing to contribute, give them a chance • your code won’t be the best cathedral ever; accept this idea and make the best compromise you can • postdoc is a sweet spot, where you can combine experience with time

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Heart Rate Characteristics Index and Extubation Outcome in Neonates A Retrospective Cohort Study

Heart Rate Characteristics Index and Extubation Outcome in Neonates A Retrospective Cohort Study

Heart Rate Characteristics Index and Extubation Outcome in Neonates A Retrospective Cohort Study N Goel M Chakraborty WJ Watkins SZ Ansari S Banerjee Heart Rate Characteristics Disease Health Moorman et al .Physiol. Meas 2011; 32: 1821

387 views • 17 slides
Fast but Not Loose: Typesafe Clients in a Distributed Service Architecture, a retrospective

Fast but Not Loose: Typesafe Clients in a Distributed Service Architecture, a retrospective

Fast but Not Loose: Typesafe Clients in a Distributed Service Architecture, a retrospective #gotocon #gotoaar #gilttech Eric Bowman @ebowman VP Architecture @ Gilt Groupe ebowman@gilt.com Monday, September 30, 13 Monday, September 30, 13

1.11k views • 86 slides
VSE: 5-Year Retrospective (March 2017) Disclaimer This VSE 5-Year Retrospective is neither an

VSE: 5-Year Retrospective (March 2017) Disclaimer This VSE 5-Year Retrospective is neither an

VSE: 5-Year Retrospective (March 2017) Disclaimer This VSE 5-Year Retrospective is neither an offer or solicitation to anyone to purchase, sell or otherwise trade in VSE common stock or any other securities. The information in this

374 views • 25 slides
THE HEART THE HEART MEDIASTINUM PERICARDIUM HEART THE HEART THE MEDIASTINUM The

THE HEART THE HEART MEDIASTINUM PERICARDIUM HEART THE HEART THE MEDIASTINUM The

THE HEART THE HEART MEDIASTINUM PERICARDIUM HEART THE HEART THE MEDIASTINUM The medias5num occupied by the mass of 2ssue between the two pulmonary cavi2es, is the central compartment of the thoracic cavity. The medias2num is an

1.11k views • 44 slides
Mergers: a 20 year Retrospective Retrospective Competition Law Conference Sydney 4 May 2013

Mergers: a 20 year Retrospective Retrospective Competition Law Conference Sydney 4 May 2013

Mergers: a 20 year Retrospective Retrospective Competition Law Conference Sydney 4 May 2013 Tim Grimwade and Jill Walker 20 years Outline Background and history of SLC in mergers Evolution of merger analysis and the Guidelines

454 views • 42 slides
Retrospective Price Indices and Substitution Bias Retrospective Price Indices and Substitution

Retrospective Price Indices and Substitution Bias Retrospective Price Indices and Substitution

1 www.snb.ch Retrospective Price Indices and Substitution Bias Retrospective Price Indices and Substitution Bias W. Erwin Diewert U i University of British Columbia, Vancouver i f B i i h C l bi V Marco Huwiler Clariden Leu, Zurich

469 views • 17 slides
Immaculate Heart of Mary Parish Auburn, Maine 24 Sacred Heart Place (207)782-8096 Office Hours:

Immaculate Heart of Mary Parish Auburn, Maine 24 Sacred Heart Place (207)782-8096 Office Hours:

WEEKEND MASS TIMES SATURDAY-4:00 PM Sacred Heart SUNDAY-7:30 AM Sacred Heart SUNDAY-9:15 AM St. Philip SUNDAY-11:00 AM Sacred Heart WEEKDAY MASSES 7:45 AM Sacred Heart CONFESSION SATURDAY 3:00 PM-3:30 PM Sacred Heart Immaculate Heart

335 views • 5 slides
Buy a Heart & Buy a Heart & Give a Heart Give a Heart February 15,2019 By: Madison

Buy a Heart & Buy a Heart & Give a Heart Give a Heart February 15,2019 By: Madison

Buy a Heart & Buy a Heart & Give a Heart Give a Heart February 15,2019 By: Madison Bryant , Gaelle Barthole, and Berenice Lemus Our Purpose: Our Purpose: The purpose of our projects was to bring back the true meaning of love to

468 views • 13 slides
HAPPY HEART! Give Your Heart a Head Start BLESS YOUR This American Heart Month, use any one of

HAPPY HEART! Give Your Heart a Head Start BLESS YOUR This American Heart Month, use any one of

FOLLOW YOUR HEART HAPPY HEART! Give Your Heart a Head Start BLESS YOUR This American Heart Month, use any one of these 10 quotes on happy h ea r t .m e d HEART . heart health to encourage healthy habits, raise awareness and help your

270 views • 25 slides
The Heart Chapt. 9 Heart Muscle; The Heart as a Pump and Function of the Heart Valve By: Dr.

The Heart Chapt. 9 Heart Muscle; The Heart as a Pump and Function of the Heart Valve By: Dr.

The Heart Chapt. 9 Heart Muscle; The Heart as a Pump and Function of the Heart Valve By: Dr. Foadoddini Department of Physiology & Pharmacology Birjand University of Medical Sciences Dr. Foadoddini Dr. Foadoddini Electrical Activity

521 views • 33 slides
BME 301 How do heart attacks happen? How do we treat atherosclerosis? Open heart

BME 301 How do heart attacks happen? How do we treat atherosclerosis? Open heart

Outline The burden of heart disease The cardiovascular system BME 301 How do heart attacks happen? How do we treat atherosclerosis? Open heart surgery Angioplasty Lecture Eighteen Stents What is heart failure?

670 views • 7 slides
BME 301 Outline The burden of heart disease The cardiovascular system How do heart

BME 301 Outline The burden of heart disease The cardiovascular system How do heart

Lecture Seventeen BME 301 Outline The burden of heart disease The cardiovascular system How do heart attacks happen? How do we treat atherosclerosis? Open heart surgery Angioplasty Stents What is heart failure?

703 views • 44 slides
Lead Clinician for Heart Disease, Scotland Chairman of the National Advisory Committee for Heart

Lead Clinician for Heart Disease, Scotland Chairman of the National Advisory Committee for Heart

Where does palliative care for patients with heart failure fit into the Scottish agenda for heart disease Advanced Heart Failure Symposium RCPSG 22 nd November 2012 Dr Barry D Vallance Lead Clinician for Heart Disease, Scotland Chairman of the

232 views • 22 slides
Process Improvement In Retrospective ( Lessons Learned from Software Projects) SEPG Conference

Process Improvement In Retrospective ( Lessons Learned from Software Projects) SEPG Conference

Process Improvement In Retrospective ( Lessons Learned from Software Projects) SEPG Conference March 2005, Seattle, Washington Developed By John D. Vu Technical Fellow & Chief Engineer The Boeing Company Page 1 John D. Vu Retrospective

1.03k views • 100 slides
HEART TO HEART Newsletter of the Sacred Heart of Jesus Parish Part of the Diocese of Northampton,

HEART TO HEART Newsletter of the Sacred Heart of Jesus Parish Part of the Diocese of Northampton,

HEART TO HEART Newsletter of the Sacred Heart of Jesus Parish Part of the Diocese of Northampton, Province of Westminster & Deanery of St Alban Presentation of the Lord - Year (A) - Psalter Week 4 - 2nd February 2020 Fr Mirek Misiura

160 views • 3 slides
Retrospective Antipatterns Aino Corry @apaipi Putting speakers on stage Messing with the heads of

Retrospective Antipatterns Aino Corry @apaipi Putting speakers on stage Messing with the heads of

Retrospective Antipatterns Aino Corry @apaipi Putting speakers on stage Messing with the heads of students Making developers communicate Goals with this talk Better retrospectives Awareness of anti-patterns A surprise Retrospective

754 views • 44 slides
Patriarchs and Kings The Genesis 5 Patriarchs and the Sumerian King List Is There a Commonality?

Patriarchs and Kings The Genesis 5 Patriarchs and the Sumerian King List Is There a Commonality?

Patriarchs and Kings The Genesis 5 Patriarchs and the Sumerian King List Is There a Commonality? Pertinent Points The Sumerian King List contains pre-flood and post-flood kings who (presumably) ruled in southern Mesopotamia from no earlier

1.01k views • 83 slides
The GENESIS of QUANTUM MECHANICS The quantum theory had its historical roots in the antithesis

The GENESIS of QUANTUM MECHANICS The quantum theory had its historical roots in the antithesis

PCES 4.11 The GENESIS of QUANTUM MECHANICS The quantum theory had its historical roots in the antithesis between Huyghenss and Newtons theories of light. However it was not yet even suspected that matter might be wavelike- or that light

215 views • 10 slides
Chapter 14: Organizational and Institutional Genesis: The Emergence of High-Tech Clusters in the

Chapter 14: Organizational and Institutional Genesis: The Emergence of High-Tech Clusters in the

Chapter 14: Organizational and Institutional Genesis: The Emergence of High-Tech Clusters in the Life Sciences Walter W. Powell Kelley A. Packalen Kjersten Whittington Central concern: Organizational and Institutional Emergence What

320 views • 28 slides
The Bible and the Chinese Language Chinese Language -Is the oldest, continuous written language

The Bible and the Chinese Language Chinese Language -Is the oldest, continuous written language

The Bible and the Chinese Language Chinese Language -Is the oldest, continuous written language in the World. -First written over 4,500 years ago. -The inventors of the written language drew pictures to express words or ideas. -Simple

239 views • 23 slides
Genesis Cagri Zaman, Manushaqe Muco Winston, P. H. (2014) The Genesis Story Understanding and

Genesis Cagri Zaman, Manushaqe Muco Winston, P. H. (2014) The Genesis Story Understanding and

Genesis Cagri Zaman, Manushaqe Muco Winston, P. H. (2014) The Genesis Story Understanding and Story Telling System: A 21st Century Step toward Artificial Intelligence, CBMM Memo No. 019. OUTLINE Vision: What makes humans different? Steps:

1.23k views • 36 slides
Here are the songs we sang this Sunday. This shows the song name, the artist who performed the

Here are the songs we sang this Sunday. This shows the song name, the artist who performed the

Here are the songs we sang this Sunday. This shows the song name, the artist who performed the song, and the cd that contains the song. We Will Hold On Paul Baloche Glorious By Faith Keith & Kristyn Getty Awaken the Dawn

526 views • 31 slides
Sustainable Innovation - 3 Types of Work pioneers settlers town planners @markusandrezak

Sustainable Innovation - 3 Types of Work pioneers settlers town planners @markusandrezak

Sustainable Innovation - 3 Types of Work pioneers settlers town planners @markusandrezak @ueberproduct http://www.ueberproduct.de The purpose of business is to create and keep a customer. Peter Drucker The purpose of business is

929 views • 67 slides
The ways & means of industrialisation Simon Wardley Dave Reid, Programme Director N MAPS

The ways & means of industrialisation Simon Wardley Dave Reid, Programme Director N MAPS

The ways & means of industrialisation Simon Wardley Dave Reid, Programme Director N MAPS INDUSTRIALISATION RESEARCH IMPACT WHATS NEXT? Act Decide Leadership The game Purpose why of purpose Orient Doctrine why of

451 views • 42 slides

More recommend