skip to main content
research-article

Proof-producing synthesis of ML from higher-order logic

Published:09 September 2012Publication History
Skip Abstract Section

Abstract

The higher-order logic found in proof assistants such as Coq and various HOL systems provides a convenient setting for the development and verification of pure functional programs. However, to efficiently run these programs, they must be converted (or "extracted") to functional programs in a programming language such as ML or Haskell. With current techniques, this step, which must be trusted, relates similar looking objects that have very different semantic definitions, such as the set-theoretic model of a logic and the operational semantics of a programming language.

In this paper, we show how to increase the trustworthiness of this step with an automated technique. Given a functional program expressed in higher-order logic, our technique provides the corresponding program for a functional language defined with an operational semantics, and it provides a mechanically checked theorem relating the two. This theorem can then be used to transfer verified properties of the logical function to the program.

We have implemented our technique in the HOL4 theorem prover, translating functions to a core subset of Standard ML, and have applied it to examples including functional data structures, a parser generator, cryptographic algorithms, and a garbage collector.

References

  1. G. Barthe, D. Demange, and D. Pichardie. A formally verified SSA-based middle-end - Single Static Assignment meets CompCert. In H. Seidl, editor, 21st European Symposium on Programming, ESOP 2012, volume 7211 of LNCS, pages 47--66. Springer, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. A. Barthwal and M. Norrish. Verified, executable parsing. In G. Castagna, editor, 18th European Symposium on Programming, ESOP 2009, volume 5502 of LNCS, pages 160--174. Springer, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. R. S. Boyer and J. S. Moore. Proving theorems about LISP Functions. Journal of the Association for Computing Machinery, 22 (1): 129--144, 1975. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. A. Charguéraud. Program verification through characteristic formulae. In Proceeding of the 15th ACM SIGPLAN International Conference on Functional Programming, ICFP 2010, pages 321--332. ACM, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. A. Charguéraud. Characteristic formulae for the verification of imperative programs. In Proceeding of the 16th ACM SIGPLAN International Conference on Functional Programming, ICFP 2011, pages 418--430. ACM, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. A. Chlipala. A verified compiler for an impure functional language. In Proceedings of the 37th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2010, pages 93--106. ACM, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Coq. The Coq home page, 2012. http://coq.inria.fr/.Google ScholarGoogle Scholar
  8. T. Coquand and G. Huet. The calculus of constructions. Inf. Comput., 76 (2-3): 95--120, Feb. 1988. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Z. Dargaye. Vèrification formelle d'un compilateur pour langages fonctionnels. D thesis, Universitè Paris 7 Diderot, July 2009.Google ScholarGoogle Scholar
  10. J. Davis and M. O. Myreen. The self-verifying Milawa theorem prover is sound (down to the machine code that runs it), 2012. http://www.cl.cam.ac.uk/~mom22/jitawa/.Google ScholarGoogle Scholar
  11. J. Duan, J. Hurd, G. Li, S. Owens, K. Slind, and J. Zhang. Functional correctness proofs of encryption algorithms. In G. Sutcliffe and A. Voronkov, editors, Logic for Programming, Artificial Intelligence, and Reasoning: 12th International Conference, LPAR 2005, volume 3835 of LNAI, pages 519--533. Springer-Verlag, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. M. Felleisen and D. P. Friedman. Control operators, the SECD-machine, and the lambda-calculus. In 3rd Working Conference on the Formal Description of Programming Concepts, Aug. 1986.Google ScholarGoogle Scholar
  13. M. Felleisen, R. B. Findler, and M. Flatt. Semantics Engineering with PLT Redex. MIT Press, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. J. Harrison. Metatheory and reflection in theorem proving: A survey and critique. Technical Report CRC-053, SRI Cambridge, Cambridge, UK, 1995.Google ScholarGoogle Scholar
  15. Hol. The HOL4 home page, 2012. http://hol.sourceforge.net/.Google ScholarGoogle Scholar
  16. J. Hurd. Verification of the Miller-Rabin probabilistic primality test. J. Log. Algebr. Program., 56 (1-2): 3--21, 2003.Google ScholarGoogle ScholarCross RefCross Ref
  17. Isabelle. The Isabelle home page, 2012. http://www.cl.cam.ac.uk/research/hvg/isabelle/.Google ScholarGoogle Scholar
  18. M. Kaufmann and J. S. Moore. The ACL2 home page, 2011. http://www.cs.utexas.edu/users/moore/acl2/.Google ScholarGoogle Scholar
  19. A. Krauss. Automating Recursive Definitions and Termination Proofs in Higher-Order Logic. PhD thesis, Technische Universitiät München, 2009.Google ScholarGoogle Scholar
  20. X. Leroy. A formally verified compiler back-end. J. Autom. Reasoning, 43 (4): 363--446, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. X. Leroy and H. Grall. Coinductive big-step operational semantics. Inf. Comput., 207 (2): 284--304, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. P. Letouzey. A new extraction for Coq. In Proceedings of the 2002 International Conference on Types for Proofs and Programs, TYPES'02, pages 200--219. Springer-Verlag, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. G. Li. Validated compilation through logic. In M. Butler and W. Schulte, editors, FM 2011: Formal Methods - 17th International Symposium on Formal Methods, volume 6664 of LNCS, pages 169--183. Springer, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. G. Li and K. Slind. Compilation as rewriting in higher order logic. In F. Pfenning, editor, Automated Deduction - CADE-21, 21st International Conference on Automated Deduction, volume 4603 of LNCS, pages 19--34. Springer, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. G. Li and K. Slind. Trusted source translation of a total function language. In C. R. Ramakrishnan and J. Rehof, editors, Tools and Algorithms for the Construction and Analysis of Systems, 14th International Conference, TACAS 2008, volume 4963 of LNCS, pages 471--485. Springer, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. G. Li, S. Owens, and K. Slind. Structure of a proof-producing compiler for a subset of higher order logic. In R. D. Nicola, editor, Programming Languages and Systems: 16th European Symposium on Programming, ESOP 2007, volume 4421 of LNCS, pages 205--219. Springer, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. J. G. Malecha, G. Morrisett, A. Shinnar, and R. Wisnesky. Toward a verified relational database management system. In Proceedings of the 37th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2010, pages 237--248. ACM, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. D. Matthews. Poly/ML home page, 2012. http://www.polyml.org.Google ScholarGoogle Scholar
  29. A. McCreight, T. Chevalier, and A. P. Tolmach. A certified framework for compiling and executing garbage-collected languages. In Proceeding of the 15th ACM SIGPLAN International Conference on Functional Programming, ICFP 2010, pages 273--284, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. R. Milner. Logic for computable functions; description of a machine implementation. Technical Report STAN-CS-72-288, A.I. Memo 169, Stanford University, 1972. Google ScholarGoogle Scholar
  31. M. O. Myreen. Reusable verification of a copying collector. In G. T. Leavens, P. W. O'Hearn, and S. K. Rajamani, editors, Verified Software: Theories, Tools, Experiments, Third International Conference, VSTTE 2010, volume 6217 of LNCS, pages 142--156. Springer, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. M. O. Myreen. Functional programs: conversions between deep and shallow embeddings. In L. Beringer and A. Felty, editors, Interactive Theorem Proving (ITP), volume 7406 of LNCS, pages 412--418. Springer, 2012.Google ScholarGoogle ScholarCross RefCross Ref
  33. M. O. Myreen and J. Davis. A verified runtime for a verified theorem prover. In M. C. J. D. van Eekelen, H. Geuvers, J. Schmaltz, and F. Wiedijk, editors, Interactive Theorem Proving (ITP), volume 6898 of LNCS, pages 265--280. Springer, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. M. O. Myreen, K. Slind, and M. J. C. Gordon. Extensible proof-producing compilation. In O. de Moor and M. I. Schwartzbach, editors, Compiler Construction, 18th International Conference, CC 2009, volume 5501 of LNCS, pages 2--16. Springer, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. M. Norrish and K. Slind. A thread of HOL development. Comput. J., 45 (1): 37--45, 2002.Google ScholarGoogle ScholarCross RefCross Ref
  36. C. Okasaki. Purely Functional Data Structures. Cambridge University Press, 1998. Google ScholarGoogle ScholarCross RefCross Ref
  37. S. Owens and K. Slind. Adapting functional programs to higher-order logic. Higher-Order and Symbolic Computation, 21 (4): 377--409, Dec. 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. J. Ševčik, V. Vafeiadis, F. Z. Nardelli, S. Jagannathan, and P. Sewell. Relaxed-memory concurrency and verified compilation. In Proceedings of the 38th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2011, pages 43--54. ACM, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. K. Slind. Reasoning about Terminating Functional Programs. PhD thesis, TU Munich, 1999.Google ScholarGoogle Scholar
  40. K. Slind, S. Owens, J. Iyoda, and M. Gordon. Proof producing synthesis of arithmetic and cryptographic hardware. Formal Aspects of Computing, 19 (3): 343--362, Aug. 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. A. K. Wright and M. Felleisen. A syntactic approach to type soundness. Inf. Comput., 115 (1): 38--94, 1994. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Proof-producing synthesis of ML from higher-order logic

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Published in

        cover image ACM SIGPLAN Notices
        ACM SIGPLAN Notices  Volume 47, Issue 9
        ICFP '12
        September 2012
        368 pages
        ISSN:0362-1340
        EISSN:1558-1160
        DOI:10.1145/2398856
        Issue’s Table of Contents
        • cover image ACM Conferences
          ICFP '12: Proceedings of the 17th ACM SIGPLAN international conference on Functional programming
          September 2012
          392 pages
          ISBN:9781450310543
          DOI:10.1145/2364527

        Copyright © 2012 ACM

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 9 September 2012

        Check for updates

        Author Tags

        Qualifiers

        • research-article

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!