lean in lean
play

Lean in Lean Leonardo de Moura - MSR - USA Workshop Lean - PowerPoint PPT Presentation

Jul 03, 2023 •564 likes •1.13k views

Programming Language http://leanprover.github.io Lean in Lean Leonardo de Moura - MSR - USA Workshop Lean Programming Language Goals Extensibility, Expressivity, Scalability, Proof stability Functional Programming (e ffi ciency)

  1. Programming Language http://leanprover.github.io Lean in Lean Leonardo de Moura - MSR - USA Workshop

  2. Lean Programming Language • Goals • Extensibility, Expressivity, Scalability, Proof stability • Functional Programming (e ffi ciency) • Platform for • Developing custom automation and domain specific languages (DSLs) • Software verification • Formalized Mathematics • Dependent Type Theory • de Bruijn’s principle: small trusted kernel, external proof/type checkers

  3. Lean Timeline • Lean 1 (2013) Leo and Soonho Kong • Almost useless • Brave (crazy?) users in 2014: Jeremy Avigad, Cody Roux and Floris van Doorn • Lean 2 (2015) Leo and Soonho Kong • First o ffi cial release • Emacs interface • Floris van Doorn develops the HoTT library for Lean • First Math library (Jeremy Avigad, Rob Lewis, and many others) • Lean 3 (2016) Leo, Daniel Selsam, Gabriel Ebner, Jared Roesch, Sebastian Ullrich • Lean is now a programming language (interpreter) • Metaprogramming and White box automation • VS Code interface • Lean 4 (202x) Leo and Sebastian Ullrich • Lean In Lean • Compiler

  4. Metaprogramming • Extend Lean using Lean • Proof/Program synthesis • Access Lean internals using Lean • Type inference • Unifier • Simplifier • Decision procedures • Type class resolution • …

  5. White box automation APIs (in Lean) for accessing data-structures and procedures found in SMT solvers and ATPs.

  6. Dependent Type Theory • Before we started Lean, we have studied di ff erent theorem provers: ACL2, Agda, Automath, Coq, HOL, HOL Light, Isabelle, Mizar, PVS. • Dependent Type Theory is really beautiful. • Some advantages: • Builtin computational interpretation. • Same data structure for representing proofs and terms. • Reduce code duplication: • Compiler for Haskell-like recursive equations, we can use it to write proofs. • Mathematical structures (e.g., Groups and Rings) are first-class citizens. • Some references: • In praise of dependent types (Mike Shulman) • Type inference in mathematics (Jeremy Avigad)

  7. Applications

  8. Certigrad Bug-free machine learning on stochastic computation graphs Daniel Selsam (Stanford, now MSR) Source code: https://github.com/dselsam/certigrad ICML paper: https://arxiv.org/abs/1706.08605 Video: https://www.youtube.com/watch?v=-A1tVNTHUFw Certigrad at Hacker news: https://news.ycombinator.com/item?id=14739491

  9. Protocol Verification Joe Hendrix, Joey Dodds, Ben Sherman, Ledah Casburn, Simon Hudon Galois Inc “We defined a hash-chained based distributed time stamping service down to the byte-level message wire format, and specified the system correctness as an LTL liveness property over an e ff ectively infinite number of states, and then verified the property using Lean. We used some custom tactics for proving the correctness of the byte-level serialization/ deserialization routines, defined an abstraction approach for reducing reasoning about the behavior of the overall network transition system to the behavior of individual components, and then verified those components primarily using existing Lean tactics.” https://github.com/GaloisInc/lean-protocol-support

  10. SQL Query Equivalence Checker Axiomatic Foundations and Algorithms for Deciding Semantic Equivalences of SQL Queries Shumo Chu, Brendan Murphy, Jared Roesch, Alvin Cheung, Dan Suciu University of Washington https://arxiv.org/pdf/1802.02229.pdf

  11. Mathlib The Lean mathematical library, mathlib, is a community-driven e ff ort to build a unified library of mathematics formalized in the Lean prover. Jeremy Avigad, Reid Barton, Mario Carneiro, … https://leanprover-community.github.io/meet.html Paper: https://arxiv.org/abs/1910.09336

  12. https://leanprover-community.github.io/lean-perfectoid-spaces/ The Future of Mathematics?

  13. Tom Hales (University of Pittsburgh) “To develop software and services for transforming mathematical results as they appear in journal article abstracts into formally structured data that machines can read, process, search, check, compute with, and learn from as logical statements.” https://sloan.org/grant-detail/8439 https://hanoifabs.wordpress.com/2018/05/31/tentative-schedule/ https://github.com/formalabstracts/formalabstracts

  14. Usable Computer-Checked Proofs and Computations for Number Theorists. https://lean-forward.github.io/ "The ultimate aim is to develop a proof assistant that actually helps mathematicians, by making them more productive and more confident in their results." VU Amsterdam

  15. IMO Grand Challenge The challenge: build an AI that can win a gold medal in the competition. https://imo-grand-challenge.github.io/ Daniel Selsam (MSR)

  16. Other applications • IVy metatheory, Ken McMillan, MSR Redmond • AliveInLean, Nuno Lopes, MSR Cambridge • Education • Introduction to Logic (CMU) • Type theory (CMU) • Software verification and Logic (VU Amsterdam) • Programming Languages (UW) • Introduction to Proof (Imperial College) • 6 papers at ITP 2019

  17. Extensibility Lean 3 users extend Lean using Lean Examples: • Ring Solver • Coinductive predicates • Transfer tactic • Superposition prover • Linters • Fourier-Motzkin & Omega • Many more

  18. Lean 3.x limitations • Lean programs are compiled into byte code and then interpreted (slow). • Lean expressions are foreign objects reflected in Lean. • Very limited ways to extend the parser. • Users cannot implement their own elaboration strategies. • Trace messages are just strings.

  19. Lean 4 • Implement Lean in Lean • Parser, elaborator, compiler, tactics and formatter. • Hygienic macro system. • Structured trace messages. • Only the runtime and basic primitives are implemented in C/C++. • Foreign function interface. • Runtime has support for boxed and unboxed data. • Runtime uses reference counting for GC and performs destructive updates when RC = 1 • (Safe) support for low-level tricks such as pointer equality. • A better value proposition: use proofs for obtaining more e ffi cient code.

  20. Lean 4 is being implemented in Lean

  21. Lean 4 is being implemented in Lean

  22. Beyond CIC • In CIC, all functions are total, but to implement Lean in Lean, we want • General recursion. • Foreign functions. • Unsafe features (e.g., pointer equality).

  23. The unsafe keyword • Unsafe functions may not terminate. • Unsafe functions may use (unsafe) type casting. • Regular (non unsafe) functions cannot call unsafe functions. • Theorems are regular (non unsafe) functions.

  24. A Compromise • Make sure we cannot prove False in Lean. • Theorems proved in Lean 4 may still be checked by reference checkers. • Unsafe functions are ignored by reference checkers. • Allow developers to provide an unsafe version for any (opaque) function whose type is inhabited. • Examples: • Primitives implemented in C • Sealing unsafe features

  25. The partial keyword • General recursion is a major convenience. • Some functions in our implementation may not terminate or cannot be shown to terminate in Lean, and we want to avoid an artificial “fuel" argument. • In many cases, the function terminates, but we don’t want to “waste" time proving it. • A partial definition is just syntax sugar for the unsafe + implementedBy idiom. • Future work: allow users to provide termination later, and use meta programming to generate a safe and non-opaque version of a partial function.

  26. 
 Proofs for performance and profit • A better value proposition: use proofs for obtaining more e ffi cient code. • Example: skip runtime array bounds checks • Example: pointer equality 


  27. Proofs for performance and profit • Example: theorems as compiler rewriting rules. • map f (map g xs) = map (f . g) xs • (h : assoc f) -> foldl f a xs = foldr f a xs 
 xs = #[x1, x2, x3] 
 f (f (f a x1) x2) x3 = f a (f x1 (f x2 x3))) 


  28. The return of reference counting • Most compilers for functional languages (OCaml, GHC, …) use tracing GC • RC is simple to implement. • Easy to support multi-threading programs. • Destructive updates when reference count = 1. • It is a known optimization for big objects (e.g., arrays). Array.set : Array a -> Index -> a -> Array a • We demonstrate it is also relevant for small objects. • In languages like Coq and Lean , we do not have cycles. • Easy to interface with C, C++ and Rust.

  29. Resurrection hypothesis Many objects die just before the creation of an object of the same kind. Examples: • List.map : List a -> (a -> b) -> List b • Compiler applies transformations to expressions. • Proof assistant rewrites/simplifies formulas. • Updates to functional data structures such as red black trees. • List zipper

  30. Reference counts • Each heap-allocated object has a reference count. • We can view the counter as a collection of tokens. • The inc instruction creates a new token. • The dec instruction consumes a token. • When a function takes an argument as an owned reference, it must consume one of its tokens. • A function may consume an owned reference by using dec, passing it to another function, or storing it in a newly allocated value.

  31. Owned references: examples

  32. Borrowed references • If xs is an owned reference • If xs is a borrowed reference

  33. Borrowed references

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

UK Lean Summit 2016 UK Lean Summit 2016 Learning Lean, Lean Learning Learning Lean, Lean

UK Lean Summit 2016 UK Lean Summit 2016 Learning Lean, Lean Learning Learning Lean, Lean

UK Lean Summit 2016 UK Lean Summit 2016 Learning Lean, Lean Learning Learning Lean, Lean Learning Wel elcom e e t o t t he e Pre re-Sum m it t Mas ast erclas ass Sessi ssions www.leanuk.org Monday 14 th November UK Lean Summit 2016

1.13k views • 65 slides
Lean Processing For Practice Transformation Ellen Batchelor Objectives How & Why Lean,

Lean Processing For Practice Transformation Ellen Batchelor Objectives How & Why Lean,

5/13/13 Lean Processing For Practice Transformation Ellen Batchelor Objectives How & Why Lean, a.k.a., the Toyota Production System Introduce concepts Whet your appetite Next steps 1 5/13/13 What is Lean? Lean

866 views • 24 slides
Coast Lean Log Handling Project 11/10/2017 TOPFN Division 1 WHAT IS LEAN? LEAN is a

Coast Lean Log Handling Project 11/10/2017 TOPFN Division 1 WHAT IS LEAN? LEAN is a

Coast Lean Log Handling Project 11/10/2017 TOPFN Division 1 WHAT IS LEAN? LEAN is a philosophy that focuses on fostering and enabling a continual improvement culture by encouraging efficiency 11/10/2017 through the elimination of

853 views • 37 slides
How to Run a Lean Coffee Session Lean Coffee(tm) is a trademark of Modus Cooperandi WHAT IS LEAN

How to Run a Lean Coffee Session Lean Coffee(tm) is a trademark of Modus Cooperandi WHAT IS LEAN

How to Run a Lean Coffee Session Lean Coffee(tm) is a trademark of Modus Cooperandi WHAT IS LEAN COFFEE(tm)? Lean Coffee is a structured, but agenda-less meeting. Participants gather, build an agenda, and begin talking. Conversations are

472 views • 5 slides
YELLOW BELT TRAINING (LEAN DAILY) SIMPLER. FASTER. BETTER. LESS COSTLY. lean.ohio.gov

YELLOW BELT TRAINING (LEAN DAILY) SIMPLER. FASTER. BETTER. LESS COSTLY. lean.ohio.gov

YELLOW BELT TRAINING (LEAN DAILY) SIMPLER. FASTER. BETTER. LESS COSTLY. lean.ohio.gov Objectives Start thinking Lean Introduce Lean concepts that can be used for daily improvements Basic knowledge on Lean tools for

1.01k views • 48 slides
LEAN FROM THE START LEAN FROM THE START Lean is about solving problems through continuous

LEAN FROM THE START LEAN FROM THE START Lean is about solving problems through continuous

LEAN FROM THE START LEAN FROM THE START Lean is about solving problems through continuous experimentation. We ask: what is our purpose as an organization? What value to create or what problem are we trying to solve? Then, how do we

796 views • 50 slides
Balfour Beatty Competing in a Lean Environment AGENDA ABOUT BALFOUR BEATTY DEFINING LEAN IN

Balfour Beatty Competing in a Lean Environment AGENDA ABOUT BALFOUR BEATTY DEFINING LEAN IN

Balfour Beatty Competing in a Lean Environment AGENDA ABOUT BALFOUR BEATTY DEFINING LEAN IN CONSTRUCTION A LEAN COMPETITIVE ADVANTAGE LEAN IMPLEMENTATION LEAN BEHAVIOR Meet Balfour Beatty Our Locations A recognized leader in the U.S.

1.14k views • 21 slides
Lean Intrapreneurship - Lean Startup in Established Companies Carl Danneels Feb 5th 2014 Key

Lean Intrapreneurship - Lean Startup in Established Companies Carl Danneels Feb 5th 2014 Key

Lean Intrapreneurship - Lean Startup in Established Companies Carl Danneels Feb 5th 2014 Key Challenges 1. Integrate Lean Startup with Agile 2. Adapt the Product Management approach 3. Organize & Staff Lean Startup initiatives 4. Dealing

628 views • 39 slides
Using Lean with undergraduate mathematicians. K. Buzzard Jan 2019, Lean Together, Amsterdam 1 /

Using Lean with undergraduate mathematicians. K. Buzzard Jan 2019, Lean Together, Amsterdam 1 /

Using Lean with undergraduate mathematicians. K. Buzzard Jan 2019, Lean Together, Amsterdam 1 / 23 Using Lean in education. This is the story of what has been going on in the maths department at Imperial College London over the last 18

271 views • 23 slides
Lean and green; how environmental performance can be enhanced by lean production systems and vice

Lean and green; how environmental performance can be enhanced by lean production systems and vice

Lean and green; how environmental performance can be enhanced by lean production systems and vice versa Target group Content Learning objectives Lean production training Introduction Lean production Description

675 views • 39 slides
Exploring Lean Principles UNDERSTANDING WHAT LEAN IS Chris B. Behrens SOFTWARE ARCHITECT

Exploring Lean Principles UNDERSTANDING WHAT LEAN IS Chris B. Behrens SOFTWARE ARCHITECT

Exploring Lean Principles UNDERSTANDING WHAT LEAN IS Chris B. Behrens SOFTWARE ARCHITECT @chrisbbehrens Lean and Agile Agile Manifesto, 2001 Sakichi Toyoda Taichi Ohno Strategy and Tactics Lean is strategy, Agile is tactics Agile does

971 views • 30 slides
Lean Manufacturing What is it? An NTMA Technology Team Member Training Program Intro to Lean

Lean Manufacturing What is it? An NTMA Technology Team Member Training Program Intro to Lean

Lean Manufacturing What is it? An NTMA Technology Team Member Training Program Intro to Lean Lean manufacturing is systematic process of continuous improvement that is more accurately characterized as a sweeping redirection of a

634 views • 25 slides
Lean in new research Neil Strickland January 7, 2020 Using Lean as a tool for new research I

Lean in new research Neil Strickland January 7, 2020 Using Lean as a tool for new research I

Lean in new research Neil Strickland January 7, 2020 Using Lean as a tool for new research I formalised part of the new paper Iterated chromatic localisation (Bellumat and Strickland) in Lean. We should think about

737 views • 59 slides
Lean Software Development Lean Software Development is an Agile practice that is based on the

Lean Software Development Lean Software Development is an Agile practice that is based on the

Lean Software Development Lean Software Development is an Agile practice that is based on the principles of Lean Manufacturing Lean Software Development comes from the book "Lean Software Development: An Agile Toolkit" by Mary

789 views • 65 slides
The Blind Spot: Part I of II by Dave Munch, M.D. | Dec 1, 2011 | Lean Leadership, Lean Training,

The Blind Spot: Part I of II by Dave Munch, M.D. | Dec 1, 2011 | Lean Leadership, Lean Training,

The Blind Spot: Part I of II by Dave Munch, M.D. | Dec 1, 2011 | Lean Leadership, Lean Training, Lean Transformation | 2 comments Lets explore coaching for a moment. What are we talking about when we say coaching? According to Sir John

401 views • 3 slides
Safety: A Lean Transformation Lean n Const struc uctio tion n Inst stitut itute e Congres

Safety: A Lean Transformation Lean n Const struc uctio tion n Inst stitut itute e Congres

Safety: A Lean Transformation Lean n Const struc uctio tion n Inst stitut itute e Congres ess Octob ober er 11, 2012 Commitment to Safety Building Lean at Gilbane IMPROVING VALUE TO CLIENTS Collaborative project delivery

563 views • 39 slides
CompSci514/ECE558: Computer Networks Lecture 17: Programmable Switches Xiaowei Yang

CompSci514/ECE558: Computer Networks Lecture 17: Programmable Switches Xiaowei Yang

CompSci514/ECE558: Computer Networks Lecture 17: Programmable Switches Xiaowei Yang xwy@cs.duke.edu http://www.cs.duke.edu/~xwy Some slides are adapted from Prof Nick McKeowns lecture slides Overview The Trio of modern networking

803 views • 54 slides
Lillian Lee, Cornell University http://www.cs.cornell.edu/home/llee The one equation in this talk

Lillian Lee, Cornell University http://www.cs.cornell.edu/home/llee The one equation in this talk

Big data pragmatics! or Putting the ACL in computational social science or If you think these title alternatives could turn people on, turn people off, or otherwise have an effect, this talk might be for you. Lillian

604 views • 36 slides
Advertisement for ACL Workshops Workshop on Narrative Understanding, Workshop on Neural

Advertisement for ACL Workshops Workshop on Narrative Understanding, Workshop on Neural

Advertisement for ACL Workshops Workshop on Narrative Understanding, Workshop on Neural Generation and Storylines, and Events (NUSE) Translation We solicit papers related to narrative Topics of interest include neural models for understanding

688 views • 29 slides
Making Linux Protection Mechanisms Egalitarian with UserFS Taesoo Kim and Nickolai Zeldovich

Making Linux Protection Mechanisms Egalitarian with UserFS Taesoo Kim and Nickolai Zeldovich

Making Linux Protection Mechanisms Egalitarian with UserFS Taesoo Kim and Nickolai Zeldovich MIT CSAIL Overview: How to build secure applications? Simple in principle : - reduce privileges of application components - enforce policy at

600 views • 58 slides
Scaling Backend Authentication at Facebook Kevin Lewi , Callen Rain , Stephen Weis, Yueting Lee,

Scaling Backend Authentication at Facebook Kevin Lewi , Callen Rain , Stephen Weis, Yueting Lee,

Scaling Backend Authentication at Facebook Kevin Lewi , Callen Rain , Stephen Weis, Yueting Lee, Haozhi Xiong, Benjamin Yang Facebook Infrastructure Security Network Perimeter Trusted Services Building from a Root of Trust ] "

288 views • 24 slides
Le Lecture 15 15 Access Control 1 Recall: Secu curity Service ces Confidentiality: to

Le Lecture 15 15 Access Control 1 Recall: Secu curity Service ces Confidentiality: to

Le Lecture 15 15 Access Control 1 Recall: Secu curity Service ces Confidentiality: to assure information privacy and secrecy Authentication: to assert who created or sent data Integrity: to show that data has not been altered

656 views • 32 slides
NFSv4.1, ACL and Co. Tigran Mkrtchyan For dCache Team ACL basics (for file system) ACLs is a

NFSv4.1, ACL and Co. Tigran Mkrtchyan For dCache Team ACL basics (for file system) ACLs is a

NFSv4.1, ACL and Co. Tigran Mkrtchyan For dCache Team ACL basics (for file system) ACLs is a list of Access Control Entries attached to a file or a directory ACEs grant or deny a principal an action on a file or a directory ACL basics

379 views • 34 slides
Annotation Graphs, Annotation Servers and Multi-Modal Resources Infrastructure for

Annotation Graphs, Annotation Servers and Multi-Modal Resources Infrastructure for

Annotation Graphs, Annotation Servers and Multi-Modal Resources Infrastructure for Interdisciplinary Education, Research and Development Christopher Cieri and Steven Bird University of Pennsylvania Linguistic Data Consortium

439 views • 13 slides

More recommend