Abstract
Many real programs are written in multiple different programming languages, and supporting this pattern creates challenges for formal compiler verification. We describe our Coq verification of a compiler for a high-level language, such that the compiler correctness theorem allows us to derive partial-correctness Hoare-logic theorems for programs built by linking the assembly code output by our compiler and assembly code produced by other means. Our compiler supports such tricky features as storable cross-language function pointers, without giving up the usual benefits of being able to verify different compiler phases (including, in our case, two classic optimizations) independently. The key technical innovation is a mixed operational and axiomatic semantics for the source language, with a built-in notion of abstract data types, such that compiled code interfaces with other languages only through axiomatically specified methods that mutate encapsulated private data, represented in whatever formats are most natural for those languages.
Supplemental Material
Available for Download
Compiler Verification Meets Cross-Language Linking via Data Abstraction
The source code tarball of the Bedrock and the Cito compiler.
- A. Ahmed and M. Blume. Typed closure conversion preserves observational equivalence. In Proc. ICFP, pages 157--168. ACM, 2008. Google Scholar
Digital Library
- A. Ahmed and M. Blume. An equivalence-preserving CPS translation via multi-language semantics. In Proc. ICFP, pages 431--444. ACM, 2011. Google Scholar
Digital Library
- A. W. Appel. Verified software toolchain. In Proc. ESOP, volume 6602 of LNCS, pages 1--17. Springer-Verlag, 2011. Google Scholar
Digital Library
- A. W. Appel and D. McAllester. An indexed model of recursive types for foundational proof-carrying code. TOPLAS, 23 (5): 657--683, Sept. 2001. Google Scholar
Digital Library
- N. Benton and C.-K. Hur. Biorthogonality, step-indexing and compiler correctness. In Proc. ICFP, pages 97--108. ACM, 2009. Google Scholar
Digital Library
- N. Benton and C.-K. Hur. Realizability and compositional compiler correctness for a polymorphic language. Technical Report MSR-TR-2010-62, Microsoft Research, 2010.Google Scholar
- N. Benton and N. Tabareau. Compiling functional types to relational specifications for low level imperative code. In Proc. TLDI. ACM, 2009. Google Scholar
Digital Library
- L. Beringer, G. Stewart, R. Dockins, and A. W. Appel. Verified compilation for shared-memory C. In Proc. ESOP. Springer, 2014.Google Scholar
Digital Library
- A. Chlipala. A certified type-preserving compiler from lambda calculus to assembly language. In Proc. PLDI, pages 54--65, 2007. Google Scholar
Digital Library
- A. Chlipala. Parametric higher-order abstract syntax for mechanized semantics. In Proc. ICFP, pages 143--156, 2008. Google Scholar
Digital Library
- A. Chlipala. A verified compiler for an impure functional language. In Proc. POPL, pages 93--106, 2010. Google Scholar
Digital Library
- A. Chlipala. Mostly-automated verification of low-level programs in computational separation logic. In Proc. PLDI, pages 234--245. ACM, 2011. Google Scholar
Digital Library
- A. Chlipala. The Bedrock structured programming system: Combining generative metaprogramming and Hoare logic in an extensible program verifier. In Proc. ICFP, pages 391--402. ACM, 2013. Google Scholar
Digital Library
- Z. Dargaye and X. Leroy. Mechanized verification of CPS transformations. In Proc. LPAR, pages 211--225, 2007. Google Scholar
Digital Library
- A. D. Flatau. A Verified Implementation of an Applicative Language with Dynamic Storage Allocation. PhD thesis, University of Texas at Austin, Nov. 1992. Google Scholar
Digital Library
- C.-K. Hur and D. Dreyer. A Kripke logical relation between ML and assembly. In Proc. POPL, pages 133--146. ACM, 2011. Google Scholar
Digital Library
- X. Leroy. Formal certification of a compiler back-end or: programming a compiler with a proof assistant. In Proc. POPL, pages 42--54. ACM, 2006. Google Scholar
Digital Library
- X. Leroy and H. Grall. Coinductive big-step operational semantics. Inf. Comput., 207 (2): 284--304, Feb. 2009. Google Scholar
Digital Library
- G. Malecha, A. Chlipala, and T. Braibant. Compositional computational reflection. In Proc. ITP, pages 374--389, 2014.Google Scholar
Cross Ref
- Y. Minamide and K. Okuma. Verifying CPS transformations in Isabelle/HOL. In Proc. MERLIN, pages 1--8, 2003. Google Scholar
Digital Library
- M. O. Myreen and M. J. Gordon. Verified LISP implementations on ARM, x86 and PowerPC. In Proc. TPHOLs, pages 359--374. Springer-Verlag, 2009. Google Scholar
Digital Library
- Z. Ni and Z. Shao. Certified assembly programming with embedded code pointers. In Proc. POPL, pages 320--333. ACM, 2006. Google Scholar
Digital Library
- J. T. Perconti and A. Ahmed. Verifying an open compiler using multi-language semantics. In Proc. ESOP, pages 128--148. Springer, 2014.Google Scholar
Digital Library
- T. Ramananandro, Z. Shao, S. Weng, and J. Koenig. A compositional semantics for verified separate compilation and linking. Technical Report YALEU/DCS/TR-1494, Dept. of Computer Science, Yale University, New Haven, CT, January 2014.Google Scholar
- J. C. Reynolds. Separation logic: A logic for shared mutable data structures. In Proc. LICS, pages 55--74. IEEE Computer Society, 2002. Google Scholar
Digital Library
- G. Stewart, L. Beringer, S. Cuellar, and A. W. Appel. Compositional CompCert. Technical report, July 2014.Google Scholar
- Y. H. Tian. Mechanically verifying correctness of CPS compilation. In Proc. CATS, pages 41--51, 2006. Google Scholar
Digital Library
- D. Von Oheimb. Hoare logic for mutual recursion and local variables. In Foundations of Software Technology and Theoretical Computer Science, pages 168--180. Springer, 1999. Google Scholar
Digital Library
Index Terms
Compiler verification meets cross-language linking via data abstraction
Recommendations
Compiler verification meets cross-language linking via data abstraction
OOPSLA '14: Proceedings of the 2014 ACM International Conference on Object Oriented Programming Systems Languages & ApplicationsMany real programs are written in multiple different programming languages, and supporting this pattern creates challenges for formal compiler verification. We describe our Coq verification of a compiler for a high-level language, such that the compiler ...
A verified compiler for an impure functional language
POPL '10: Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languagesWe present a verified compiler to an idealized assembly language from a small, untyped functional language with mutable references and exceptions. The compiler is programmed in the Coq proof assistant and has a proof of total correctness with respect to ...
A verified compiler for an impure functional language
POPL '10We present a verified compiler to an idealized assembly language from a small, untyped functional language with mutable references and exceptions. The compiler is programmed in the Coq proof assistant and has a proof of total correctness with respect to ...







Comments