coq-club AT inria.fr
Subject: The Coq mailing list
List archive
- From: Maxime Dénès <mail AT maximedenes.fr>
- To: coq-club AT inria.fr
- Subject: Re: [Coq-Club] safe interface for writing Coq plugins
- Date: Wed, 16 Nov 2016 07:53:00 +0100
- Authentication-results: mail3-smtp-sop.national.inria.fr; spf=None smtp.pra=mail AT maximedenes.fr; spf=Pass smtp.mailfrom=mail AT maximedenes.fr; spf=None smtp.helo=postmaster AT 6.mo69.mail-out.ovh.net
- Ironport-phdr: 9a23:kssBrh2Prht/x2uwsmDT+DRfVm0co7zxezQtwd8ZseIUK/ad9pjvdHbS+e9qxAeQG96KsLQd0KGP6/qocFdDyK7JiGoFfp1IWk1NouQttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBXdrXKo8DEdBAj0OxZrKeTpAI7SiNm82/yv95HJbQhFgDSwbalvIBi4ogndq9UajZV/Iast1xXFpWdFdf5Lzm1yP1KTmBj85sa0/JF99ilbpuws+c1dX6jkZqo0VbNXAigoPGAz/83rqALMTRCT6XsGU2UZiQRHDg7Y5xznRJjxsy/6tu1g2CmGOMD9UL45VSi+46ptVRTnjzsKOjA7/WzZk8B8kK1Wqw+lqxF/34LYZYeYP+d8cKzAZ9MXXXdPUNhfVyJBAY2yYYUAAOUDMulEoIfwvEcOoBmkCAWwGO/ixD1Fi3nr1qM6yeQhFgTG0RQnEd0Uv3XUrdD1O7kPWu671q7IyyzEb+hL0jr67YjHaBEhofWXULJ1a8XQxkgvFwbbgVqNt4PlOS2a1v8Xv2iV9eptTOSigHMppQF2pzig3MYsio/Ri40JzVDE7yN5z5gxJd28UkJ0f8OrEIZIuyGVNot2XsMiQ3xztyog1rIGvpu7cS4Xw5ok3x7Sc/OKfomS7h7+SOqcIS10iXJ5dL6lmhq+7UqtxvX/W8S6ylpGsypIn9fWun0CyxDf8NWLRuV880qnxD2BzRrc6vteLkAxjafbK4Auwro3lpcLsEnPBCr2mEL3gaKSbEkk//Kn6+XjYrn/oZ+cKpN0hhv5MqQwmsyzG+I4PRYSX2SD+OS80qPs/VHhTbhFj/A6iLTVvIzaKMgBpqO1HxVZ3ps/5xu9Fzum1c4XnXgDLFJLYhKHiI3pNknLIP/iDPe/h0+hkDJxyPHJP73hB4vCIWXdn7fnY7l98FRQyAQpzdxH/ZJbFqkBIO7vWk/2rNHXEhg5MxWtz+n7DNV9y5gRVHmUAq6ZNaPSqUWH6vguI+mKfo8VuSzyJ+Ir5/703jcFngoWerDs1p8KYli5GO5nKgOXeynCmNAEREIDrgs7QaTGCVsCSnYHYn+zW4o57yE6DY+qAIHOXcajmurSj2+AApRKazUeWRi3GnDyetDZA/o=
Hi Abhishek,
In principle, you can access layers as low as kernel/safe_typing.mli
without danger. It means that you trust only the kernel, but don't mess
with its internals.
So a plug-in using only higher layers like toplevel/command.mli should
not be able to break Coq's consistency.
I wouldn't be too surprised if it was still possible to find a part of
the kernel whose correctness relies on external invariants of the
system, but no such problem is known at the moment and we would consider
it a bug.
We are currently working on a plug-in API that should be not only safe,
but also make it easier to write plug-ins.
Hope it helps.
Maxime.
On 11/16/16 05:16, Abhishek Anand wrote:
> As someone wanting to extend a Coq plugin (template-coq), how can I be
> sure that I don't jeopardize Coq's consistency?
> Is it true that any plugin that uses only the functions in
> coq/toplevel/command.mli
> <https://github.com/coq/coq/blob/trunk/toplevel/command.mli> to make
> changes to Coq's state (e.g. to add new definitions) does not jeopardize
> Coq's consistency?
> If not, is there such a safe interface?
> By consistency, I mean that there should be no closed proof of False, no
> matter what the plugin does.
>
> Thanks,
> -- Abhishek
> http://www.cs.cornell.edu/~aa755/ <http://www.cs.cornell.edu/~aa755/>
- [Coq-Club] safe interface for writing Coq plugins, Abhishek Anand, 11/16/2016
- Re: [Coq-Club] safe interface for writing Coq plugins, Maxime Dénès, 11/16/2016
- Re: [Coq-Club] safe interface for writing Coq plugins, Hugo Herbelin, 11/16/2016
- Re: [Coq-Club] safe interface for writing Coq plugins, Maxime Dénès, 11/16/2016
Archive powered by MHonArc 2.6.18.