A sketch of a refinement-based setup.#40
Open
gmalecha-at-skylabs wants to merge 3 commits intomainfrom
Open
Conversation
CI summary (Details)Active Repos
|
| Repo | Job Branch | Job Commit |
|---|---|---|
| ./ | main | 9259c2e |
| fmdeps/BRiCk/ | main | 6b2f050 |
| fmdeps/auto/ | main | f6f2422 |
| fmdeps/auto-docs/ | main | e83c1ad |
| bluerock/NOVA/ | skylabs-proof | 927947d |
| bluerock/bhv/ | skylabs-main | 37b86fb |
| fmdeps/ci/ | main | 33d6ba2 |
| vendored/elpi/ | skylabs-master | aa4475f |
| fmdeps/fm-ci/ | main | e97f125 |
| fmdeps/fm-tools/ | main | 46ed5a6 |
| psi/protos/ | main | 8fe3e7c |
| psi/backend/ | main | b1f795a |
| psi/ide/ | main | 6b596cf |
| psi/data/ | main | 8248319 |
| vendored/rocq/ | skylabs-master | 2ede3c9 |
| fmdeps/rocq-agent-toolkit/ | main | 35433d5 |
| vendored/rocq-elpi/ | skylabs-master | 103a742 |
| vendored/rocq-equations/ | skylabs-main | a8c4832 |
| vendored/rocq-ext-lib/ | skylabs-master | 94a6630 |
| vendored/rocq-iris/ | skylabs-master | 3ad4ddd |
| vendored/rocq-lsp/ | skylabs-main | a8b7272 |
| vendored/rocq-stdlib/ | skylabs-master | bc07423 |
| vendored/rocq-stdpp/ | skylabs-master | e01d802 |
| fmdeps/skylabs-fm/ | main | 7d620c1 |
| vendored/vsrocq/ | skylabs-main | 5b4527e |
Performance
| Relative | Master | MR | Change | Filename |
|---|---|---|---|---|
| -0.00% | 122785.4 | 122785.4 | -0.0 | total |
| -0.00% | 22463.5 | 22463.5 | -0.0 | ├ translation units |
| +0.00% | 100321.9 | 100321.9 | +0.0 | └ proofs and tests |
Full Results
| Relative | Master | MR | Change | Filename |
|---|---|---|---|---|
| -0.00% | 122785.4 | 122785.4 | -0.0 | total |
| -0.00% | 22463.5 | 22463.5 | -0.0 | ├ translation units |
| +0.00% | 100321.9 | 100321.9 | +0.0 | └ proofs and tests |
pgiarrusso-sl
force-pushed
the
paolo/eval-old-release
branch
from
3594482 to
a6e495d
Compare
pgiarrusso-sl
force-pushed
the
paolo/eval-old-release
branch
from
a6e495d to
ef8cae9
Compare
gmalecha-at-skylabs
force-pushed
the
gmalecha/refinement-iostream
branch
from
944dabf to
7ed54b8
Compare
CI summary (Details)Active Repos
|
| Repo | Job Branch | Job Commit |
|---|---|---|
| ./ | main | e5c342a |
| fmdeps/BRiCk/ | main | b79c734 |
| fmdeps/auto/ | main | ffda14f |
| fmdeps/auto-docs/ | main | 9f57097 |
| bluerock/NOVA/ | skylabs-proof | 996d600 |
| bluerock/bhv/ | skylabs-main | b1ca30d |
| fmdeps/ci/ | main | 7712f8c |
| vendored/elpi/ | skylabs-master | aa4475f |
| fmdeps/fm-ci/ | main | 262fb04 |
| fmdeps/fm-tools/ | main | 430933c |
| psi/protos/ | main | 8fe3e7c |
| psi/backend/ | main | 2a8240c |
| psi/ide/ | main | 6b596cf |
| psi/data/ | main | 62ed81e |
| vendored/rocq/ | skylabs-master | 2ede3c9 |
| fmdeps/rocq-agent-toolkit/ | main | b19cff9 |
| vendored/rocq-elpi/ | skylabs-master | 103a742 |
| vendored/rocq-equations/ | skylabs-main | a8c4832 |
| vendored/rocq-ext-lib/ | skylabs-master | 94a6630 |
| vendored/rocq-iris/ | skylabs-master | 3ad4ddd |
| vendored/rocq-lsp/ | skylabs-main | a8b7272 |
| vendored/rocq-stdlib/ | skylabs-master | bc07423 |
| vendored/rocq-stdpp/ | skylabs-master | e01d802 |
| fmdeps/skylabs-fm/ | main | 7d620c1 |
| vendored/vsrocq/ | skylabs-main | 5b4527e |
Performance
| Relative | Master | MR | Change | Filename |
|---|---|---|---|---|
| -0.00% | 122840.0 | 122840.0 | -0.0 | total |
| -0.00% | 22632.7 | 22632.7 | -0.0 | ├ translation units |
| +0.00% | 100207.4 | 100207.4 | +0.0 | └ proofs and tests |
Full Results
| Relative | Master | MR | Change | Filename |
|---|---|---|---|---|
| -0.00% | 122840.0 | 122840.0 | -0.0 | total |
| -0.00% | 22632.7 | 22632.7 | -0.0 | ├ translation units |
| +0.00% | 100207.4 | 100207.4 | +0.0 | └ proofs and tests |
pgiarrusso-sl
force-pushed
the
paolo/eval-old-release
branch
from
92f3990 to
31de00b
Compare
gmalecha-at-skylabs
force-pushed
the
gmalecha/refinement-iostream
branch
from
7ed54b8 to
fbdf351
Compare
CI summary (Details)Active Repos
|
| Repo | Job Branch | Job Commit |
|---|---|---|
| ./ | main | 64a8e0d |
| fmdeps/BRiCk/ | main | 1aed69a |
| fmdeps/auto/ | main | e77b825 |
| fmdeps/auto-docs/ | main | 9f57097 |
| bluerock/NOVA/ | skylabs-proof | e9a69cc |
| bluerock/bhv/ | skylabs-main | 6c1999f |
| fmdeps/ci/ | main | 41c7609 |
| vendored/elpi/ | skylabs-master | aa4475f |
| fmdeps/fm-ci/ | main | 262fb04 |
| fmdeps/fm-tools/ | main | e17f6db |
| psi/protos/ | main | 8fe3e7c |
| psi/backend/ | main | 451fcaa |
| psi/ide/ | main | 6b596cf |
| psi/data/ | main | f283f23 |
| vendored/rocq/ | skylabs-master | 2ede3c9 |
| fmdeps/rocq-agent-toolkit/ | main | 61c9d23 |
| vendored/rocq-elpi/ | skylabs-master | 103a742 |
| vendored/rocq-equations/ | skylabs-main | a8c4832 |
| vendored/rocq-ext-lib/ | skylabs-master | 94a6630 |
| vendored/rocq-iris/ | skylabs-master | 3ad4ddd |
| vendored/rocq-lsp/ | skylabs-main | a8b7272 |
| vendored/rocq-stdlib/ | skylabs-master | bc07423 |
| vendored/rocq-stdpp/ | skylabs-master | e01d802 |
| fmdeps/skylabs-fm/ | main | 7c3aae7 |
| vendored/vsrocq/ | skylabs-main | 5b4527e |
Performance
| Relative | Master | MR | Change | Filename |
|---|---|---|---|---|
| +0.00% | 123482.6 | 123482.6 | +0.0 | total |
| +0.00% | 22636.8 | 22636.8 | +0.0 | ├ translation units |
| +0.00% | 100845.8 | 100845.8 | +0.0 | └ proofs and tests |
Full Results
| Relative | Master | MR | Change | Filename |
|---|---|---|---|---|
| +0.00% | 123482.6 | 123482.6 | +0.0 | total |
| +0.00% | 22636.8 | 22636.8 | +0.0 | ├ translation units |
| +0.00% | 100845.8 | 100845.8 | +0.0 | └ proofs and tests |
Collaborator
Author
|
Currently blocked on https://github.com/SkyLabsAI/auto/pull/147 |
gmalecha-at-skylabs
force-pushed
the
gmalecha/refinement-iostream
branch
from
817c28a to
7eb3908
Compare
Collaborator
Author
|
Comments from discussion with @pgiarrusso-sl:
|
gmalecha-at-skylabs
force-pushed
the
gmalecha/refinement-iostream
branch
from
dbcaa55 to
0308df5
Compare
CI summary (Details)Active Repos
|
| Repo | Job Branch | Job Commit |
|---|---|---|
| ./ | main | e8e81bb |
| fmdeps/BRiCk/ | main | 9ab35f8 |
| fmdeps/auto/ | main | 6deed31 |
| fmdeps/auto-docs/ | main | bfa8f2d |
| bluerock/NOVA/ | skylabs-proof | 6cbef03 |
| bluerock/bhv/ | skylabs-main | 448828c |
| fmdeps/ci/ | main | 3707442 |
| vendored/elpi/ | skylabs-master | aa4475f |
| vendored/flocq/ | skylabs-master | cf9cc84 |
| fmdeps/fm-ci/ | main | 262fb04 |
| fmdeps/fm-tools/ | main | e17f6db |
| psi/protos/ | main | 8fe3e7c |
| psi/backend/ | main | a5fa400 |
| psi/ide/ | main | 6b596cf |
| psi/data/ | main | 76acc2f |
| vendored/rocq/ | skylabs-master | 2ede3c9 |
| fmdeps/rocq-agent-toolkit/ | main | ac7e4ec |
| vendored/rocq-elpi/ | skylabs-master | 103a742 |
| vendored/rocq-equations/ | skylabs-main | a8c4832 |
| vendored/rocq-ext-lib/ | skylabs-master | 94a6630 |
| vendored/rocq-iris/ | skylabs-master | 3ad4ddd |
| vendored/rocq-lsp/ | skylabs-main | a8b7272 |
| vendored/rocq-stdlib/ | skylabs-master | bc07423 |
| vendored/rocq-stdpp/ | skylabs-master | e01d802 |
| fmdeps/skylabs-fm/ | main | 62d34c3 |
| vendored/vsrocq/ | skylabs-main | 5b4527e |
Performance
| Relative | Master | MR | Change | Filename |
|---|---|---|---|---|
| -0.00% | 124414.1 | 124414.1 | -0.0 | total |
| -0.00% | 22637.5 | 22637.5 | -0.0 | ├ translation units |
| +0.00% | 101776.7 | 101776.7 | +0.0 | └ proofs and tests |
Full Results
| Relative | Master | MR | Change | Filename |
|---|---|---|---|---|
| -0.00% | 124414.1 | 124414.1 | -0.0 | total |
| -0.00% | 22637.5 | 22637.5 | -0.0 | ├ translation units |
| +0.00% | 101776.7 | 101776.7 | +0.0 | └ proofs and tests |
Collaborator
Author
|
I would like to take some of the input examples and refine them in a subsequent PR. |
CI summary (Details)Active Repos
|
| Repo | Job Branch | Job Commit |
|---|---|---|
| ./ | main | e8e81bb |
| fmdeps/BRiCk/ | main | 9ab35f8 |
| fmdeps/auto/ | main | 6deed31 |
| fmdeps/auto-docs/ | main | bfa8f2d |
| bluerock/NOVA/ | skylabs-proof | 6cbef03 |
| bluerock/bhv/ | skylabs-main | 448828c |
| fmdeps/ci/ | main | 3707442 |
| vendored/elpi/ | skylabs-master | aa4475f |
| vendored/flocq/ | skylabs-master | cf9cc84 |
| fmdeps/fm-ci/ | main | 262fb04 |
| fmdeps/fm-tools/ | main | e17f6db |
| psi/protos/ | main | 8fe3e7c |
| psi/backend/ | main | a5fa400 |
| psi/ide/ | main | 6b596cf |
| psi/data/ | main | 76acc2f |
| vendored/rocq/ | skylabs-master | 2ede3c9 |
| fmdeps/rocq-agent-toolkit/ | main | ac7e4ec |
| vendored/rocq-elpi/ | skylabs-master | 103a742 |
| vendored/rocq-equations/ | skylabs-main | a8c4832 |
| vendored/rocq-ext-lib/ | skylabs-master | 94a6630 |
| vendored/rocq-iris/ | skylabs-master | 3ad4ddd |
| vendored/rocq-lsp/ | skylabs-main | a8b7272 |
| vendored/rocq-stdlib/ | skylabs-master | bc07423 |
| vendored/rocq-stdpp/ | skylabs-master | e01d802 |
| fmdeps/skylabs-fm/ | main | 62d34c3 |
| vendored/vsrocq/ | skylabs-main | 5b4527e |
Performance
| Relative | Master | MR | Change | Filename |
|---|---|---|---|---|
| +0.00% | 124414.1 | 124414.1 | +0.0 | total |
| +0.00% | 22637.5 | 22637.5 | +0.0 | ├ translation units |
| +0.00% | 101776.7 | 101776.7 | +0.0 | └ proofs and tests |
Full Results
| Relative | Master | MR | Change | Filename |
|---|---|---|---|---|
| +0.00% | 124414.1 | 124414.1 | +0.0 | total |
| +0.00% | 22637.5 | 22637.5 | +0.0 | ├ translation units |
| +0.00% | 101776.7 | 101776.7 | +0.0 | └ proofs and tests |
Contributor
|
GitHub comments are down (https://www.githubstatus.com/incidents/f5pb5d5mr9yh) but:
|
| the event signature. *) | ||
| #[program] | ||
| Definition OS (E : coPset) γ : Ostream := | ||
| {| do evt K := Step.requester Area E γ evt K |}%I. |
Contributor
There was a problem hiding this comment.
Prefer evt for single events and evts for multiple ones.
Suggested change
| {| do evt K := Step.requester Area E γ evt K |}%I. | |
| {| do evts K := Step.requester Area E γ evts K |}%I. |
| the event signature. *) | ||
| #[program] | ||
| Definition OS (E : coPset) γ : Ostream := | ||
| {| do evt K := Step.requester HelloWorld E γ evt K |}%I. |
Contributor
There was a problem hiding this comment.
Here (and throughout):
Suggested change
| {| do evt K := Step.requester HelloWorld E γ evt K |}%I. | |
| {| do evts K := Step.requester HelloWorld E γ evts K |}%I. |
pgiarrusso-sl
requested changes
May 7, 2026
Contributor
pgiarrusso-sl
left a comment
pgiarrusso-sl
left a comment
There was a problem hiding this comment.
We agreed to keep both specs side by side.
I'll review accordingly.
| iIntros "_" (??? ->). iIntros "$". | ||
| Qed. | ||
| End to_auto. | ||
| #[global] Hint Resolve pick_ex_C | 200 : sl_opacity. |
Contributor
pgiarrusso-sl
left a comment
pgiarrusso-sl
left a comment
There was a problem hiding this comment.
Some more comments.
| (_ : AnySteps Mid evts Post) | ||
| : AnySteps Pre (evt :: evts) Post | ||
| | Refine {Pre'} {_ : ∅ ⊂ Pre} (_ : Pre' ⊆ Pre) {es Post} : | ||
| AnySteps Pre' es Post -> AnySteps Pre es Post. |
Contributor
There was a problem hiding this comment.
It seems this does not allow tau steps?
Contributor
There was a problem hiding this comment.
Also, it seems AnySteps might satisfy some rules — I wasn't sure, so wrote proofs and noticed a mismatch with my assumptions:
|
|
||
| Class AnyStep (Pre : propset T) (evt : E) (Post : propset T) : Prop := | ||
| { _safe : forall s, s ∈ Pre -> exists s', step s (Some evt) s' | ||
| ; _steps_to : forall s', s' ∈ Post -> ∃ s, s ∈ Pre /\ step s (Some evt) s' }. |
Contributor
There was a problem hiding this comment.
Suggested change
| ; _steps_to : forall s', s' ∈ Post -> ∃ s, s ∈ Pre /\ step s (Some evt) s' }. | |
| (** [AnyStep Pre evt Post] means [Post] is _the_ set of all [evt]-successors to [Pre], | |
| where [post] is an [evt]-successor to [pre] if and only if [step pre (Some evt) post]. | |
| Here we exclude tau steps. | |
| *) | |
| Class AnyStep (Pre : propset T) (evt : E) (Post : propset T) : Prop := | |
| { _sound : forall s, s ∈ Pre -> exists s', step s (Some evt) s' | |
| ; _complete : forall s', s' ∈ Post -> ∃ s, s ∈ Pre /\ step s (Some evt) s' }. |
Contributor
There was a problem hiding this comment.
This comment is currently wrong without my suggested fix to _safe.
| Context {T E} (step : T -> option E -> T -> Prop). | ||
|
|
||
| Class AnyStep (Pre : propset T) (evt : E) (Post : propset T) : Prop := | ||
| { _safe : forall s, s ∈ Pre -> exists s', step s (Some evt) s' |
Contributor
There was a problem hiding this comment.
Can I assume
Suggested change
| { _safe : forall s, s ∈ Pre -> exists s', step s (Some evt) s' | |
| { _safe : forall s, s ∈ Pre -> exists s', step s (Some evt) s' /\ s ∈ Post |
| intros. | ||
| iIntros "F" (?) "K". | ||
| rewrite /Step.requester. | ||
| Admitted. |
Contributor
There was a problem hiding this comment.
Should we fix this and other admits before merging?
gmalecha-at-skylabs
force-pushed
the
gmalecha/refinement-iostream
branch
from
7607482 to
5200a21
Compare
CI summary (Details)Active Repos
|
| Repo | Job Branch | Job Commit |
|---|---|---|
| ./ | main | b9f28b5 |
| fmdeps/BRiCk/ | main | d94485e |
| fmdeps/auto/ | main | 63d5e05 |
| fmdeps/auto-docs/ | main | 93d06b3 |
| bluerock/NOVA/ | skylabs-proof | 6cbef03 |
| bluerock/bhv/ | skylabs-main | 448828c |
| fmdeps/ci/ | main | 680889d |
| vendored/elpi/ | skylabs-master | aa4475f |
| vendored/flocq/ | skylabs-master | cf9cc84 |
| fmdeps/fm-tools/ | main | fb160a9 |
| psi/protos/ | main | 8fe3e7c |
| psi/backend/ | main | 0b5fea6 |
| psi/ide/ | main | 6b596cf |
| psi/data/ | main | 76acc2f |
| vendored/rocq/ | skylabs-master | 2ede3c9 |
| fmdeps/rocq-agent-toolkit/ | main | ac7e4ec |
| vendored/rocq-elpi/ | skylabs-master | 103a742 |
| vendored/rocq-equations/ | skylabs-main | a8c4832 |
| vendored/rocq-ext-lib/ | skylabs-master | 94a6630 |
| vendored/rocq-iris/ | skylabs-master | 3ad4ddd |
| vendored/rocq-lsp/ | skylabs-main | a8b7272 |
| vendored/rocq-stdlib/ | skylabs-master | bc07423 |
| vendored/rocq-stdpp/ | skylabs-master | e01d802 |
| fmdeps/skylabs-fm/ | main | e8b88a7 |
| vendored/vsrocq/ | skylabs-main | 5b4527e |
Performance
| Relative | Master | MR | Change | Filename |
|---|---|---|---|---|
| +0.00% | 125661.1 | 125661.1 | +0.0 | total |
| +0.00% | 22788.6 | 22788.6 | +0.0 | ├ translation units |
| +0.00% | 102872.5 | 102872.5 | +0.0 | └ proofs and tests |
Full Results
| Relative | Master | MR | Change | Filename |
|---|---|---|---|---|
| +0.00% | 125661.1 | 125661.1 | +0.0 | total |
| +0.00% | 22788.6 | 22788.6 | +0.0 | ├ translation units |
| +0.00% | 102872.5 | 102872.5 | +0.0 | └ proofs and tests |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This defines the semantics of
ostream(and ultimatelyistream) in terms of events in a refinement style.The idea is that a program would get an LTS that would include input and output events and that the
IstreamandOstreamclasses would be tied to this overall specification. E.g. a program specification might be something like an itree like:Which would block on certain input events and then repeat those going out. There are definitely some choices to be made around input.