Abstract
The higher-order logic found in proof assistants such as Coq and various HOL systems provides a convenient setting for the development and verification of pure functional programs. However, to efficiently run these programs, they must be converted (or "extracted") to functional programs in a programming language such as ML or Haskell. With current techniques, this step, which must be trusted, relates similar looking objects that have very different semantic definitions, such as the set-theoretic model of a logic and the operational semantics of a programming language.
In this paper, we show how to increase the trustworthiness of this step with an automated technique. Given a functional program expressed in higher-order logic, our technique provides the corresponding program for a functional language defined with an operational semantics, and it provides a mechanically checked theorem relating the two. This theorem can then be used to transfer verified properties of the logical function to the program.
We have implemented our technique in the HOL4 theorem prover, translating functions to a core subset of Standard ML, and have applied it to examples including functional data structures, a parser generator, cryptographic algorithms, and a garbage collector.
- G. Barthe, D. Demange, and D. Pichardie. A formally verified SSA-based middle-end - Single Static Assignment meets CompCert. In H. Seidl, editor, 21st European Symposium on Programming, ESOP 2012, volume 7211 of LNCS, pages 47--66. Springer, 2012. Google Scholar
Digital Library
- A. Barthwal and M. Norrish. Verified, executable parsing. In G. Castagna, editor, 18th European Symposium on Programming, ESOP 2009, volume 5502 of LNCS, pages 160--174. Springer, 2009. Google Scholar
Digital Library
- R. S. Boyer and J. S. Moore. Proving theorems about LISP Functions. Journal of the Association for Computing Machinery, 22 (1): 129--144, 1975. Google Scholar
Digital Library
- A. Charguéraud. Program verification through characteristic formulae. In Proceeding of the 15th ACM SIGPLAN International Conference on Functional Programming, ICFP 2010, pages 321--332. ACM, 2010. Google Scholar
Digital Library
- A. Charguéraud. Characteristic formulae for the verification of imperative programs. In Proceeding of the 16th ACM SIGPLAN International Conference on Functional Programming, ICFP 2011, pages 418--430. ACM, 2011. Google Scholar
Digital Library
- A. Chlipala. A verified compiler for an impure functional language. In Proceedings of the 37th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2010, pages 93--106. ACM, 2010. Google Scholar
Digital Library
- Coq. The Coq home page, 2012. http://coq.inria.fr/.Google Scholar
- T. Coquand and G. Huet. The calculus of constructions. Inf. Comput., 76 (2-3): 95--120, Feb. 1988. Google Scholar
Digital Library
- Z. Dargaye. Vèrification formelle d'un compilateur pour langages fonctionnels. D thesis, Universitè Paris 7 Diderot, July 2009.Google Scholar
- J. Davis and M. O. Myreen. The self-verifying Milawa theorem prover is sound (down to the machine code that runs it), 2012. http://www.cl.cam.ac.uk/~mom22/jitawa/.Google Scholar
- J. Duan, J. Hurd, G. Li, S. Owens, K. Slind, and J. Zhang. Functional correctness proofs of encryption algorithms. In G. Sutcliffe and A. Voronkov, editors, Logic for Programming, Artificial Intelligence, and Reasoning: 12th International Conference, LPAR 2005, volume 3835 of LNAI, pages 519--533. Springer-Verlag, 2005. Google Scholar
Digital Library
- M. Felleisen and D. P. Friedman. Control operators, the SECD-machine, and the lambda-calculus. In 3rd Working Conference on the Formal Description of Programming Concepts, Aug. 1986.Google Scholar
- M. Felleisen, R. B. Findler, and M. Flatt. Semantics Engineering with PLT Redex. MIT Press, 2009. Google Scholar
Digital Library
- J. Harrison. Metatheory and reflection in theorem proving: A survey and critique. Technical Report CRC-053, SRI Cambridge, Cambridge, UK, 1995.Google Scholar
- Hol. The HOL4 home page, 2012. http://hol.sourceforge.net/.Google Scholar
- J. Hurd. Verification of the Miller-Rabin probabilistic primality test. J. Log. Algebr. Program., 56 (1-2): 3--21, 2003.Google Scholar
Cross Ref
- Isabelle. The Isabelle home page, 2012. http://www.cl.cam.ac.uk/research/hvg/isabelle/.Google Scholar
- M. Kaufmann and J. S. Moore. The ACL2 home page, 2011. http://www.cs.utexas.edu/users/moore/acl2/.Google Scholar
- A. Krauss. Automating Recursive Definitions and Termination Proofs in Higher-Order Logic. PhD thesis, Technische Universitiät München, 2009.Google Scholar
- X. Leroy. A formally verified compiler back-end. J. Autom. Reasoning, 43 (4): 363--446, 2009. Google Scholar
Digital Library
- X. Leroy and H. Grall. Coinductive big-step operational semantics. Inf. Comput., 207 (2): 284--304, 2009. Google Scholar
Digital Library
- P. Letouzey. A new extraction for Coq. In Proceedings of the 2002 International Conference on Types for Proofs and Programs, TYPES'02, pages 200--219. Springer-Verlag, 2003. Google Scholar
Digital Library
- G. Li. Validated compilation through logic. In M. Butler and W. Schulte, editors, FM 2011: Formal Methods - 17th International Symposium on Formal Methods, volume 6664 of LNCS, pages 169--183. Springer, 2011. Google Scholar
Digital Library
- G. Li and K. Slind. Compilation as rewriting in higher order logic. In F. Pfenning, editor, Automated Deduction - CADE-21, 21st International Conference on Automated Deduction, volume 4603 of LNCS, pages 19--34. Springer, 2007. Google Scholar
Digital Library
- G. Li and K. Slind. Trusted source translation of a total function language. In C. R. Ramakrishnan and J. Rehof, editors, Tools and Algorithms for the Construction and Analysis of Systems, 14th International Conference, TACAS 2008, volume 4963 of LNCS, pages 471--485. Springer, 2008. Google Scholar
Digital Library
- G. Li, S. Owens, and K. Slind. Structure of a proof-producing compiler for a subset of higher order logic. In R. D. Nicola, editor, Programming Languages and Systems: 16th European Symposium on Programming, ESOP 2007, volume 4421 of LNCS, pages 205--219. Springer, 2007. Google Scholar
Digital Library
- J. G. Malecha, G. Morrisett, A. Shinnar, and R. Wisnesky. Toward a verified relational database management system. In Proceedings of the 37th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2010, pages 237--248. ACM, 2010. Google Scholar
Digital Library
- D. Matthews. Poly/ML home page, 2012. http://www.polyml.org.Google Scholar
- A. McCreight, T. Chevalier, and A. P. Tolmach. A certified framework for compiling and executing garbage-collected languages. In Proceeding of the 15th ACM SIGPLAN International Conference on Functional Programming, ICFP 2010, pages 273--284, 2010. Google Scholar
Digital Library
- R. Milner. Logic for computable functions; description of a machine implementation. Technical Report STAN-CS-72-288, A.I. Memo 169, Stanford University, 1972. Google Scholar
- M. O. Myreen. Reusable verification of a copying collector. In G. T. Leavens, P. W. O'Hearn, and S. K. Rajamani, editors, Verified Software: Theories, Tools, Experiments, Third International Conference, VSTTE 2010, volume 6217 of LNCS, pages 142--156. Springer, 2010. Google Scholar
Digital Library
- M. O. Myreen. Functional programs: conversions between deep and shallow embeddings. In L. Beringer and A. Felty, editors, Interactive Theorem Proving (ITP), volume 7406 of LNCS, pages 412--418. Springer, 2012.Google Scholar
Cross Ref
- M. O. Myreen and J. Davis. A verified runtime for a verified theorem prover. In M. C. J. D. van Eekelen, H. Geuvers, J. Schmaltz, and F. Wiedijk, editors, Interactive Theorem Proving (ITP), volume 6898 of LNCS, pages 265--280. Springer, 2011. Google Scholar
Digital Library
- M. O. Myreen, K. Slind, and M. J. C. Gordon. Extensible proof-producing compilation. In O. de Moor and M. I. Schwartzbach, editors, Compiler Construction, 18th International Conference, CC 2009, volume 5501 of LNCS, pages 2--16. Springer, 2009. Google Scholar
Digital Library
- M. Norrish and K. Slind. A thread of HOL development. Comput. J., 45 (1): 37--45, 2002.Google Scholar
Cross Ref
- C. Okasaki. Purely Functional Data Structures. Cambridge University Press, 1998. Google Scholar
Cross Ref
- S. Owens and K. Slind. Adapting functional programs to higher-order logic. Higher-Order and Symbolic Computation, 21 (4): 377--409, Dec. 2008. Google Scholar
Digital Library
- J. Ševčik, V. Vafeiadis, F. Z. Nardelli, S. Jagannathan, and P. Sewell. Relaxed-memory concurrency and verified compilation. In Proceedings of the 38th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2011, pages 43--54. ACM, 2011. Google Scholar
Digital Library
- K. Slind. Reasoning about Terminating Functional Programs. PhD thesis, TU Munich, 1999.Google Scholar
- K. Slind, S. Owens, J. Iyoda, and M. Gordon. Proof producing synthesis of arithmetic and cryptographic hardware. Formal Aspects of Computing, 19 (3): 343--362, Aug. 2007. Google Scholar
Digital Library
- A. K. Wright and M. Felleisen. A syntactic approach to type soundness. Inf. Comput., 115 (1): 38--94, 1994. Google Scholar
Digital Library
Index Terms
Proof-producing synthesis of ML from higher-order logic
Recommendations
Proof-producing synthesis of ML from higher-order logic
ICFP '12: Proceedings of the 17th ACM SIGPLAN international conference on Functional programmingThe higher-order logic found in proof assistants such as Coq and various HOL systems provides a convenient setting for the development and verification of pure functional programs. However, to efficiently run these programs, they must be converted (or "...
Self-Formalisation of Higher-Order Logic
We present a mechanised semantics for higher-order logic (HOL), and a proof of soundness for the inference system, including the rules for making definitions, implemented by the kernel of the HOL Light theorem prover. Our work extends Harrison's ...







Comments