Abstract
Typed Assembly Languages (TALs) are used to validate the safety of machine-language programs. The Foundational Proof-Carrying Code project seeks to verify the soundness of TALs using the smallest possible set of axioms: the axioms of a suitably expressive logic plus a specification of machine semantics. This article proposes general semantic foundations that permit modular proofs of the soundness of TALs. These semantic foundations include Typed Machine Language (TML), a type theory for specifying properties of low-level data with powerful and orthogonal type constructors, and Lc, a compositional logic for specifying properties of machine instructions with simplified reasoning about unstructured control flow. Both of these components, whose semantics we specify using higher-order logic, are useful for proving the soundness of TALs. We demonstrate this by using TML and Lc to verify the soundness of a low-level, typed assembly language, LTAL, which is the target of our core-ML-to-sparc compiler.
To prove the soundness of the TML type system we have successfully applied a new approach, that of step-indexed logical relations. This approach provides the first semantic model for a type system with updatable references to values of impredicative quantified types. Both impredicative polymorphism and mutable references are essential when representing function closures in compilers with typed closure conversion, or when compiling objects to simpler typed primitives.
- Abadi, M. and Cardelli, L. 1996. A Theory of Objects. Springer, New York. Google Scholar
Digital Library
- Abramsky, S., Honda, K., and McCusker, G. 1998. A fully abstract game semantics for general references. In Proceedings of the 13th IEEE Symposium on Logic in Computer Science (LICS). IEEE Computer Society, 334--344. Google Scholar
Digital Library
- Acar, U., Ahmed, A., and Blume, M. 2008. Imperative self-adjusting computation. In Proceedings of the 35th ACM Symposium on Principles of Programming Languages (POPL). ACM Press, New York, 309--322. Google Scholar
Digital Library
- Ahmed, A. 2006. Step-Indexed syntactic logical relations for recursive and quantified types. In Proceedings of the 15th European Symposium on Programming (ESOP). Springer, 69--83. Google Scholar
Digital Library
- Ahmed, A., Appel, A. W., and Virga, R. 2002. A stratified semantics of general references embeddable in higher-order logic. In Proceedings of the 17th IEEE Symposium on Logic in Computer Science (LICS). IEEE Computer Society, Los Alamitos, CA, 75--86. Google Scholar
Digital Library
- Ahmed, A., Appel, A. W., and Virga, R. 2003. An indexed model of impredicative polymorphism and mutable references. http://www.cs.princeton.edu/~appel/papers/impred.pdf.Google Scholar
- Ahmed, A. and Blume, M. 2008. Typed closure conversion preserves observational equivalence. In Proceedings of the ACM International Conference on Functional programming (ICFP). ACM Press, New York, 157--168. Google Scholar
Digital Library
- Ahmed, A., Fluet, M., and Morrisett, G. 2005. A step-indexed model of substructural state. In Proceedings of the ACM International Conference on Functional programming (ICFP). ACM Press, New York, 78--91. Google Scholar
Digital Library
- Ahmed, A., Fluet, M., and Morrisett, G. 2007. L3: A linear language with locations. Fundam. Inf. 77, 4, 397--449. Google Scholar
Digital Library
- Ahmed, A. J. 2004. Semantics of types for mutable state. Ph.D. thesis, Princeton University, Princeton, New Jersey. Tech. rep. TR-713-04. Google Scholar
Digital Library
- Aiken, A., Foster, J. S., Kodumal, J., and Terauchi, T. 2003. Checking and inferring local non-aliasing. In Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI). ACM Press, New York. Google Scholar
Digital Library
- Appel, A. W. 1985. Semantics-directed code generation. In Proceedings of the 12th ACM Symposium on Principles of Programming Languages (POPL). ACM Press, New York, 315--324. Google Scholar
Digital Library
- Appel, A. W. 2000. Hints on proving theorems in Twelf. www.cs.princeton.edu/~appel/twelf-tutorial.Google Scholar
- Appel, A. W. 2001. Foundational proof-carrying code. In Proceedings of the 16th IEEE Symposium on Logic in Computer Science (LICS). IEEE Computer Society, Los Alamitos, CA, 247--258. Google Scholar
Digital Library
- Appel, A. W. and Felty, A. P. 2000. A semantic model of types and machine instructions for proof-carrying code. In Proceedings of the 27th ACM Symposium on Principles of Programming Languages (POPL). ACM Press, New York, 243--253. Google Scholar
Digital Library
- Appel, A. W. and MacQueen, D. B. 1991. Standard ML of New Jersey. In Proceedings of the 3rd International Symposium on Programming Language Implementation and Logic Programming, M. Wirsing, Ed. Springer, New York, 1--13.Google Scholar
Cross Ref
- Appel, A. W. and McAllester, D. 2001. An indexed model of recursive types for foundational proof-carrying code. ACM Trans. Program. Lang. Syst. 23, 5 657--683. Google Scholar
Digital Library
- Appel, A. W., Mellies, P.-A., Richards, C. D., and Vouillon, J. 2007. A very modal model of a modern, major, general type system. In Proceedings of the 34th ACM Symposium on Principles of Programming Languages (POPL). ACM Press, New York, 109--122. Google Scholar
Digital Library
- Appel, A. W., Michael, N. G., Stump, A., and Virga, R. 2003. A trustworthy proof checker. J. Autom. Reas. 31, 231--260. Google Scholar
Digital Library
- Arbib, M. and Alagic, S. 1979. Proof rules for gotos. Acta Inf. 11, 139--148.Google Scholar
Digital Library
- Benton, N. 2005. A typed, compositional logic for a stack-based abstract machine. In Proceedings of the 3rd Asian Symposium on Programming Languages and Systems (APLAS). Lecture Notes in Computer Science, vol. 3780. Springer, Berlin. Google Scholar
Digital Library
- Benton, N. 2006. Abstracting allocation: The new new thing. In Proceedings of the Computer Science Logic, 20th International Workshop (CSL'06). Lecture Notes in Computer Science, vol. 4207. Springer, Berlin. Google Scholar
Digital Library
- Benton, N. and Leperchey, B. 2005. Relational reasoning in a nominal semantics for storage. In Proceedings of the International Conference on Typed Lambda Calculi and Applications. Springer, Berlin, 86--101. Google Scholar
Digital Library
- Benton, N. and Zarfaty, U. 2007. Formalizing and verifying semantic type soundness for a simple compiler. In Proceedings of the 9th International ACM SIGPLAN Symposium on Principles and Practice of Declarative Programming (PPDP). ACM Press, New York. Google Scholar
Digital Library
- Birkedal, L. and Harper, R. 1997. Relational interpretations of recursive types in an operational setting. In Theoretical Aspects of Computer Software. Springer, Berlin. Google Scholar
Digital Library
- Bohr, N. and Birkedal, L. 2006. Relational reasoning for recursive types and references. In Proceedings of the 4th Asian Symposium on Programming Languages and Systems (APLAS). Springer, Berlin. Google Scholar
Digital Library
- Cardelli, L. 1997. Program fragments, linking, and modularization. In Proceedings of the 24th ACM Symposium on Principles of Programming Languages (POPL). ACM Press, New York, 266--277. Google Scholar
Digital Library
- Chen, J. 2004. A low-level typed assembly language with a machine-checkable soundness proof. Ph.D. thesis, Princeton University, Princeton, New Jersey. Tech. rep. CS-TR-704-04. Google Scholar
Digital Library
- Chen, J., Wu, D., Appel, A. W., and Fang, H. 2003. A provably sound TAL for back-end optimization. In Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI). ACM Press, New York, 208--219. Google Scholar
Digital Library
- Church, A. 1940. A formulation of the simple theory of types. J. Symb. Logic 5, 2, 56--68.Google Scholar
Cross Ref
- Clint, M. and Hoare, C. A. R. 1972. Program proving: Jumps and functions. Acta Informatica 1, 214--224.Google Scholar
Digital Library
- Colby, C., Lee, P., Necula, G. C., Blau, F., Cline, K., and Plesko, M. 2000. A certifying compiler for Java. In Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI). ACM Press, New York. Google Scholar
Digital Library
- Crary, K. 2000. Typed compilation of inclusive subtyping. In Proceedings of the ACM International Conference on Functional programming (ICFP). ACM Press, New York, 68--81. Google Scholar
Digital Library
- Crary, K. 2003. Toward a foundational typed assembly language. In Proceedings of the 30th ACM Symposium on Principles of Programming Languages (POPL). ACM Press, New York, 198--212. Google Scholar
Digital Library
- Crary, K. and Harper, R. 2007. Syntactic logical relations for polymorphic and recursive types. Computation, Meaning and Logic: Articles dedicated to Gordon Plotkin., Electtonic Notes in Theoretical Computer Science vol. 172, 259--299. Google Scholar
Digital Library
- Crary, K. and Sarkar, S. 2003. Foundational certified code in a metalogical framework. In Proceedings of the 19th International Conference on Automated Deduction (CADE'03). Springer, Berlin, 106--120.Google Scholar
- de Bruin, A. 1981. Goto statements: Semantics and deduction systems. Acta Informatica 15, 385--424.Google Scholar
Digital Library
- Feng, X., Ni, Z., Shao, Z., and Guo, Y. 2007. An open framework for foundational proof-carrying code. In Proceedings of the ACM SIGPLAN International Workshop on Types in Language Design and Implementation (TLDI). ACM Press, New York, 67--78. Google Scholar
Digital Library
- Girard, J.-Y. 1972. Interprétation fonctionnelle et elimination des coupures dans l'arithmétique d'ordre supérieur. Ph.D. thesis, University of Paris VII.Google Scholar
- Glew, N. and Morrisett, G. 1999. Type-Safe linking and modular assembly language. In Proceedings of the 26th ACM Symposium on Principles of Programming Languages (POPL). ACM Press, New York, 250--261. Google Scholar
Digital Library
- Hamid, N., Shao, Z., Trifonov, V., Monnier, S., and Ni, Z. 2002. A syntactic approach to foundational proof-carrying code. In Proceedings of the 17th IEEE Symposium on Logic in Computer Science (LICS). IEEE Computer Society, Los Alamitos, CA, 89--100. Google Scholar
Digital Library
- Harper, R. 1994. A simplified account of polymorphic references. Inf. Process. Lett. 51, 201--206. Google Scholar
Digital Library
- Harper, R. and Morrisett, G. 1995. Compiling polymorphism using intensional type analysis. In Proceedings of the 22nd ACM Symposium on Principles of Programming Languages (POPL). ACM Press, New York, 130--141. Google Scholar
Digital Library
- Harper, R. and Pfenning, F. 2005. On equivalence and canonical forms in the LF type theory. ACM Trans. Comput. Logic 6, 1, 61--101. Google Scholar
Digital Library
- Hoare, C. A. R. 1969. An axiomatic basis for computer programming. Comm. ACM 12, 10, 578--580. Google Scholar
Digital Library
- Hriţcu, C. and Schwinghammer, J. 2008. A step-indexed semantics of imperative objects. In Informal Proceedings of the Workshop on Foundations of Object-Oriented Languages (FOOL).Google Scholar
- Kowaltowski, T. 1977. Axiomatic approach to side effects and general jumps. Acta Inf. 7, 4, 357--360.Google Scholar
Digital Library
- Levy, P. B. 2002. Possible world semantics for general storage in call-by-value. In Proceedings of the 16th International Workshop and 11th Annual Conference of the EACSL on Computer Science Logic (CSL'02). Lecture Notes in Computer Science, vol. 2471. Springer, 232--246. Google Scholar
Digital Library
- MacQueen, D., Plotkin, G., and Sethi, R. 1986. An ideal model for recursive polymophic types. Inf. Comput. 71, 1/2, 95--130. Google Scholar
Digital Library
- Matthews, J. and Ahmed, A. 2008. Parametric polymorphiscm through run-time sealing, or, theorems for low, low prices. In Proceedings of the 17th European Symposium on Programming (ESOP). Springer, Berlin, 16--31. Google Scholar
Digital Library
- Melliès, P.-A. and Vouillon, J. 2004. Semantic types: A fresh look at the ideal model for types. In Proceedings of the 31st ACM Symposium on Principles of Programming Languages (POPL). ACM Press, New York, 52--63. Google Scholar
Digital Library
- Michael, N. G. and Appel, A. W. 2000. Machine instruction syntax and semantics in higher-order logic. In Proceedings of the 17th International Conference on Automated Deduction (CADE). Springer-Verlag, Berlin, 7--24. Lecture Notes in Artificial Intelligence, vol. 1831. Google Scholar
Digital Library
- Morrisett, G., Ahmed, A., and Fluet, M. 2005. L3: A linear language with locations. In Proceedings of the International Conference on Typed Lambda Calculi and Applications. Springer, Berlin, 293--307. Google Scholar
Digital Library
- Morrisett, G., Crary, K., Glew, N., Grossman, D., Samuels, R., Smith, F., Walker, D., Weirich, S., and Zdancewic, S. 1999a. TALx86: A realistic typed assembly language. In Proceedings of the 2nd ACM SIGPLAN Workshop on Compiler Support for System Software. ACM Press, New York, 25--35.Google Scholar
- Morrisett, G., Crary, K., Glew, N., and Walker, D. 2002. Stack-Based typed assembly language. J. Funct. Programm. 12, 1, 43--88. Google Scholar
Digital Library
- Morrisett, G., Walker, D., Crary, K., and Glew, N. 1998. From System F to typed assembly language. In Proceedings of the 25th ACM Symposium on Principles of Programming Languages (POPL). ACM Press, New York, 85--97. Google Scholar
Digital Library
- Morrisett, G., Walker, D., Crary, K., and Glew, N. 1999b. From System F to typed assembly language. ACM Trans. Programm. Lang. Syst. 21, 3, 527--568. Google Scholar
Digital Library
- Necula, G. C. 1997. Proof-Carrying code. In Proceedings of the 24th ACM Symposium on Principles of Programming Languages (POPL). ACM Press, New York, 106--119. Google Scholar
Digital Library
- Ni, Z. and Shao, Z. 2006. Certified assembly programming with embedded code pointers. In Proceedings of the 33rd ACM Symposium on Principles of Programming Languages (POPL). ACM Press, New York, 320--333. Google Scholar
Digital Library
- O'Donnell, M. J. 1982. A critique of the foundations of Hoare style programming logics. Comm. ACM 25, 12, 927--935. Google Scholar
Digital Library
- Pfenning, F. and Schürmann, C. 1999. System description: Twelf—A meta-logical framework for deductive systems. In Proceedings of the 16th International Conference on Automated Deduction (CADE). Springer, Berlin. Google Scholar
Digital Library
- Pitts, A. M. 1996. Relational properties of domains. Inf. Comput. 127, 2, 66--90.Google Scholar
Cross Ref
- Pitts, A. M. 1998. Existential types: Logical relations and operational equivalence. In Proceedings of the 25th International Colloquium on Automata, Languages and Programming (ICALP'98). Lecture Notes Computer Science, vol. 1443. Springer, Berlin, 309--326. Google Scholar
Digital Library
- Pitts, A. M. 2000. Parametric polymorphism and operational equivalence. Math. Struc. Comput. Sci. 10, 321--359. Google Scholar
Digital Library
- Pitts, A. M. 2002. Operational semantics and program equivalence. In Applied Semantics, Advanced Lectures, G. Barthe, P. Dybjer, and J. Saraiva, Eds. Lecture Notes in Computer Science, vol. 2395. Springer, 378--412. Google Scholar
Digital Library
- Pitts, A. M. and Stark, I. D. B. 1993. Observable properties of higher order functions that dynamically create local names, or: What's new? In Mathematical Foundations of Computer Science, A. M. Borzyszkowski and S. Sokolowski, Eds. Lecture Notes in Computer Science, vol. 711. Springer, Berlin, 122--141. Google Scholar
Digital Library
- Plotkin, G. D. 1973. Lambda-Definability and logical relations. Memo. SAI--RM--4, University of Edinburgh, Edinburgh, Scotland.Google Scholar
- Reynolds, J. C. 1981. The essence of Algol. In Algorithmic Languages, J. W. de Bakker and J. C. van Vliet, Eds. North-Holland, Amsterdam, 345--372.Google Scholar
- Richards, C. D. 2009. The approximation modality in models of higher-order types. Ph.D. thesis, Princeton University, Princeton, New Jersey.Google Scholar
- Saabas, A. and Uustalu, T. 2005. A compositional natural semantics and Hoare logic for low-level languages. In Proceedings of the 2nd Workshop on Structured Operational Semantics (SOS'05).Google Scholar
- Scott, D. S. 1976. Data types as lattices. SIAM J. Comput. 5, 3, 522--587.Google Scholar
Digital Library
- Shao, Z. 1997. An overview of the FLINT/ML compiler. In Proceedings of the ACM SIGPLAN Workshop on Types in Compilation. ACM Press, New York.Google Scholar
- Stark, I. D. B. 1994. Names and higher-order functions. Ph.D. thesis, University of Cambridge, Cambridge, UK.Google Scholar
- Statman, R. 1985. Logical relations and the typed λ-calculus. Inf. Control 65, 2--3, 85--97.Google Scholar
Cross Ref
- Swadi, K. 2003. Typed machine language. Tech. rep. TR-676-03, Princeton University, Princeton, New Jersey.Google Scholar
- Tait, W. W. 1967. Intensional interpretations of functionals of finite type I. J. Symb. Logic 32, 2, 198--212.Google Scholar
Cross Ref
- Tan, G. 2005. A compositional logic for control flow and its application to foundational proof-carrying code. Tech. rep. CS-TR-731-05, Princeton University, Princeton, New Jersey. Google Scholar
Digital Library
- Tan, G. and Appel, A. W. 2006. A compositional logic for control flow. In Proceedings of the 7th International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI). Lecture Notes in Computer Science, vol. 3855. Springer, Berlin, 80--94. Google Scholar
Digital Library
- Tan, G., Appel, A. W., Swadi, K. N., and Wu, D. 2004. Construction of a semantic model for a typed assembly language. In Proceedings of the 5th International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI). Lecture Notes in Compute Science, vol. 2937. Springer, Berlin, 30--43.Google Scholar
- Tarditi, D., Morrisett, G., Cheng, P., Stone, C., Harper, R., and Lee, P. 1996. TIL: A type-directed optimizing compiler for ML. In Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI). ACM Press, New York, 181--192. Google Scholar
Digital Library
- Wand, M. and Sullivan, G. T. 1997. Denotational semantics using an operationally-based term model. In Proceedings of the 24th ACM Symposium on Principles of Programming Languages (POPL). ACM Press, New York, 386--399. Google Scholar
Digital Library
- Wright, A. K. and Felleisen, M. 1994. A syntactic approach to type soundness. Inf. Comput. 115, 1, 38--94. Google Scholar
Digital Library
- Wu, D. 2005. Interfacing compilers, proof checkers, and proofs for foundational proof-carrying code. Tech. rep. CS-TR-733-05, Princeton University, Princeton, New Jersey. Google Scholar
Digital Library
- Wu, D., Appel, A. W., and Stump, A. 2003. Foundational proof checkers with small witnesses. In Proceedings of the 5th ACM International Conference on Principles and Practice of Declarative Programming (PADL). ACM Press, New York, 264--274. Google Scholar
Digital Library
- Yu, D., Hamid, N. A., and Shao, Z. 2003. Building certified libraries for PCC: Dynamic storage allocation. In Proceedings of the 12th European Symposium on Programming (ESOP). Springer. Google Scholar
Digital Library
Index Terms
Semantic foundations for typed assembly languages
Recommendations
Semantic analysis of normalisation by evaluation for typed lambda calculus
PPDP '02: Proceedings of the 4th ACM SIGPLAN international conference on Principles and practice of declarative programmingThis paper studies normalisation by evaluation for typed lambda calculus from a categorical and algebraic viewpoint. The first part of the paper analyses the lambda definability result of Jung and Tiuryn via Kripke logical relations and shows how it can ...
Decidability of conversion for type theory in type theory
Type theory should be able to handle its own meta-theory, both to justify its foundational claims and to obtain a verified implementation. At the core of a type checker for intensional type theory lies an algorithm to check equality of types, or in ...
Type theory in type theory using quotient inductive types
POPL '16We present an internal formalisation of a type heory with dependent types in Type Theory using a special case of higher inductive types from Homotopy Type Theory which we call quotient inductive types (QITs). Our formalisation of type theory avoids ...








Comments