Abstract
Reasoning about programming languages with non-deterministic semantics entails many difficulties. For instance, to prove correctness of a compiler for such a language, one typically has to split the correctness property into a soundness and a completeness part, and then prove these two parts separately. In this paper, we present a set of proof rules to prove compiler correctness by a single proof in calculational style. The key observation that led to our proof rules is the fact that the soundness and completeness proof follow a similar pattern with only small differences. We condensed these differences into a single side condition for one of our proof rules. This side condition, however, is easily discharged automatically by a very simple form of proof search. We implemented this calculation framework in the Coq proof assistant. Apart from verifying a given compiler, our proof technique can also be used to formally derive – from the semantics of the source language – a compiler that is correct by construction. For such a derivation to succeed it is crucial that the underlying correctness argument proceeds as a single calculation, as opposed to separate calculations of the two directions of the correctness property. We demonstrate our technique by deriving a compiler for a simple language with interrupts.
This work was supported by the Danish Council for Independent Research, Grant 12-132365, “Efficient Programming Language Development and Evolution through Modularity”.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Or directly from https://github.com/pa-ba/calc-comp-rel.
- 2.
The side condition \({\exists \;\mathsf{D, }\;\mathsf{C }\;\Longrightarrow \;\mathsf{D }}\) is absent in the definition of \({\triangleleft }\) by Hutton and Wright [7]. However, their proofs need little change to account for this stronger version of \({\triangleleft }\), which then yields proper soundness and completeness for their compiler.
- 3.
Bahr and Hutton [4] acknowledge that this problem already occurs if the semantics is not total, e.g. for the untyped lambda calculus. However, if the semantics is at least deterministic, soundness for the defined fragment of the language can be achieved easily by ensuring that the derived virtual machine is deterministic.
- 4.
Bahr and Hutton [4] use tail-recursive functions to represent virtual machines. In their approach, one has to introduce an additional tail-recursive function \({\mathsf{fail }}\). In our approach, this corresponds to a new constructor for the type of configurations.
- 5.
Similarly, we could have chosen to use a single instruction \({\mathsf{SET }}\) instead of \({\mathsf{BLOCK }}\) and \(\mathsf{UNBLOCK }\).
- 6.
Thus \({\mathsf{BaseSet }}\) may in fact represent the empty set if the predicate is false.
References
Ager, M.S., Biernacki, D., Danvy, O., Midtgaard., J.: From interpreter to compiler and virtual machine: a functional derivation. Technical report RS-03-14, Department of Computer Science, University of Aarhus (2003)
Ager, M.S., Biernacki, D., Danvy, O., Midtgaard, J.: A functional correspondence between evaluators and abstract machines. In: Proceedings of the 5th ACM SIGPLAN International Conference on Principles and Practice of Declaritive Programming, pp. 8–19 (2003)
Backhouse, R.: Program Construction: Calculating Implementations from Specifications. Wiley, UK (2003)
Bahr, P., Hutton, G.: Calculating correct compilers, July 2014. submitted to J. Funct. Program
Danvy, O., Millikin, K.: On the equivalence between small-step and big-step abstract machines: a simple application of lightweight fusion. Inf. Process. Lett. 106(3), 100–109 (2008)
Hutton, G.: Programming in Haskell, vol. 2. Cambridge University Press, Cambridge (2007)
Hutton, G., Wright, J.: What is the meaning of these constant interruptions? J. Funct. Program. 17(06), 777–792 (2007)
Kahn, G.: Natural semantics. In: Proceedings of the 4th Annual Symposium on Theoretical Aspects of Computer Science, pp. 22–39 (1987)
Leroy, X.: Formal certification of a compiler back-end or: programming a compiler with a proof assistant. In: Proceedings of the 33rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 42–54 (2006)
Meijer, E.: Calculating compilers. Ph.D. thesis, Katholieke Universiteit Nijmegen (1992)
Mu, S.C., Ko, H.S., Jansson, P.: Algebra of programming in Agda: dependent types for relational program derivation. J. Funct. Program. 19, 545–579 (2009)
Tesson, J., Hashimoto, H., Hu, Z., Loulergue, F., Takeichi, M.: Program calculation in Coq. In: Johnson, M., Pavlovic, D. (eds.) AMAST 2010. LNCS, vol. 6486, pp. 163–179. Springer, Heidelberg (2011)
Troelstra, A.S., van Dalen, D.: Constructivism in Mathematics: An Introduction, vol. 1. Elsevier, USA (1988)
Wand, M.: Deriving target code as a representation of continuation semantics. ACM Trans. Program. Lang. Syst. 4(3), 496–517 (1982)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Bahr, P. (2015). Calculating Certified Compilers for Non-deterministic Languages. In: Hinze, R., Voigtländer, J. (eds) Mathematics of Program Construction. MPC 2015. Lecture Notes in Computer Science(), vol 9129. Springer, Cham. https://doi.org/10.1007/978-3-319-19797-5_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-19797-5_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19796-8
Online ISBN: 978-3-319-19797-5
eBook Packages: Computer ScienceComputer Science (R0)