skip to main content
research-article

CakeML: a verified implementation of ML

Published:08 January 2014Publication History
Skip Abstract Section

Abstract

We have developed and mechanically verified an ML system called CakeML, which supports a substantial subset of Standard ML. CakeML is implemented as an interactive read-eval-print loop (REPL) in x86-64 machine code. Our correctness theorem ensures that this REPL implementation prints only those results permitted by the semantics of CakeML. Our verification effort touches on a breadth of topics including lexing, parsing, type checking, incremental and dynamic compilation, garbage collection, arbitrary-precision arithmetic, and compiler bootstrapping.

Our contributions are twofold. The first is simply in building a system that is end-to-end verified, demonstrating that each piece of such a verification effort can in practice be composed with the others, and ensuring that none of the pieces rely on any over-simplifying assumptions. The second is developing novel approaches to some of the more challenging aspects of the verification. In particular, our formally verified compiler can bootstrap itself: we apply the verified compiler to itself to produce a verified machine-code implementation of the compiler. Additionally, our compiler proof handles diverging input programs with a lightweight approach based on logical timeout exceptions. The entire development was carried out in the HOL4 theorem prover.

Skip Supplemental Material Section

Supplemental Material

d1_right_t8.mp4

References

  1. A. W. Appel. Verified software toolchain (invited talk). In ESOP, volume 6602 of LNCS, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. B. E. Aydemir, A. Bohannon, M. Fairbairn, J. N. Foster, B. C. Pierce, P. Sewell, D. Vytiniotis, G. Washburn, S. Weirich, and S. Zdancewic. Mechanized metatheory for the masses: The POPLMark challenge. In TPHOLs, volume 3603 of LNCS, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. A. Barthwal and M. Norrish. Verified, executable parsing. In ESOP, volume 5502 of LNCS, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. A. Chlipala. A verified compiler for an impure functional language. In POPL, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. M. Felleisen, R. B. Findler, and M. Flatt. Semantics Engineering with PLT Redex. MIT Press, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. J. Garrigue. A certified implementation of ML with structural polymorphism. In APLAS, volume 6461 of LNCS, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. J. Guttman, J. Ramsdell, and M. Wand. VLISP: A verified implementation of Scheme. Lisp and Symbolic Computation, 8 (1/2): 5--32, 1995. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. HOL4. http://hol.sourceforge.net.Google ScholarGoogle Scholar
  9. J. Hurd. The OpenTheory standard theory library. In NASA Formal Methods, volume 6617 of LNCS, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. J.-H. Jourdan, F. Pottier, and X. Leroy. Validating LR(1) parsers. In ESOP, volume 7211 of LNCS, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. A. Koprowski and H. Binsztok. TRX: A formally verified parser interpreter. Logical Methods in Computer Science, 7 (2), 2011.Google ScholarGoogle Scholar
  12. R. Kumar and M. Norrish. (Nominal) Unification by recursive descent with triangular substitutions. In ITP, volume 6172 of LNCS, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. D. K. Lee, K. Crary, and R. Harper. Towards a mechanized metatheory of Standard ML. In POPL, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. X. Leroy. Formal verification of a realistic compiler. Commun. ACM, 52 (7), 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. X. Leroy and H. Grall. Coinductive big-step operational semantics. Inf. Comput., 207 (2), 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. A. McCreight, T. Chevalier, and A. P. Tolmach. A certified framework for compiling and executing garbage-collected languages. In ICFP, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. R. Milner. A theory of type polymorphism in programming. J. Comput. Syst. Sci., 17 (3), 1978.Google ScholarGoogle ScholarCross RefCross Ref
  18. R. Milner, M. Tofte, R. Harper, and D. MacQueen. The Definition of Standard ML (Revised). MIT Press, 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. M. O. Myreen. Verified just-in-time compiler on x86. In POPL, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. M. O. Myreen and G. Curello. Proof pearl: A verified bignum implementation in x86--64 machine code. In CPP, volume 8307 of LNCS, 2013.Google ScholarGoogle Scholar
  21. M. O. Myreen and J. Davis. A verified runtime for a verified theorem prover. In ITP, volume 6898 of LNCS, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. M. O. Myreen and S. Owens. Proof-producing synthesis of ML from higher-order logic. In ICFP, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. M. O. Myreen, K. Slind, and M. J. C. Gordon. Extensible proof-producing compilation. In CC, volume 5501 of LNCS, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. M. O. Myreen, S. Owens, and R. Kumar. Steps towards verified implementations of HOL Light. In ITP, volume 7998 of LNCS, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. W. Naraschewski and T. Nipkow. Type inference verified: Algorithm W in Isabelle/HOL. J. Autom. Reasoning, 23 (3--4), 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. S. Owens. A sound semantics for OCaml light. In ESOP, volume 4960 of LNCS, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. T. Ridge. Simple, functional, sound and complete parsing for all context-free grammars. In CPP, volume 7086 of LNCS, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. S. Sarkar, P. Sewell, F. Zappa Nardelli, S. Owens, T. Ridge, T. Braibant, M. O. Myreen, and J. Alglave. The semantics of x86-CC multiprocessor machine code. In POPL, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. J.Sevcik, V. Vafeiadis, F. Zappa Nardelli, S. Jagannathan, and P. Sewell. Relaxed-memory concurrency and verified compilation. In POPL, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. D. Vytiniotis, S. L. Peyton Jones, T. Schrijvers, and M. Sulzmann. OutsideIn(X) Modular type inference with local assumptions. J. Funct. Program., 21 (4--5), 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. A. K. Wright and M. Felleisen. A syntactic approach to type soundness. Inf. Comput., 115 (1), 1994. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. CakeML: a verified implementation of ML

                Recommendations

                Comments

                Login options

                Check if you have access through your login credentials or your institution to get full access on this article.

                Sign in

                Full Access

                PDF Format

                View or Download as a PDF file.

                PDF

                eReader

                View online with eReader.

                eReader
                About Cookies On This Site

                We use cookies to ensure that we give you the best experience on our website.

                Learn more

                Got it!