Abstract
Correct software requires compilers to work correctly. Especially code generation can be an error prone task, since it potentially uses sophisticated algorithms to produce efficient code.
In this paper we present an approach to guarantee the correctness of compiler transformations with respect to a formal notion of correctness. We certify the results of each compilation run. With the help of a compiler generated certificate and a certificate checker, we verify the results of each compilation run automatically. Thereby we ensure the correctness of the compilation run without having to look at concrete compilation algorithms.
We use higher-order theorem provers to check the certificates and to formally define syntax, and semantics of the involved languages as well as a criterion under which we regard a compilation as correct. The use of higher-order theorem provers ensures a small and well understood trusted computing base. The task of efficient certificate checking is especially crucial for the acceptance of certifying compilation. We present methods to facilitate this task, most notably by using computational reflection: We present small—in an executable way specified—evaluators that solve certain properties appearing in our certificates and are used to speed up certain subtasks in the checking process.
We discuss an implemented prototype performing code generation. Using Coq and Isabelle/HOL as certificate checkers we highlight typical challenges and their solutions
Similar content being viewed by others
References
Allen SF, Constable RL, Howe DJ, Aitken W (1990) The semantics of reflected proofs. In: Logic in computer science (LICS ’90). IEEE Computer Society Press, Los Alamitos
Appel AW (2001) Foundational proof-carrying code. In: Logic in computer science (LICS ’01). IEEE Computer Society Press, Los Alamitos
Buth B, Buth K-H, Fränzle M, von Karger B, Lakhnech Y, Langmaack H, Müller-Olm M (1992) Provably correct compiler development and implementation. In: Compiler construction (CC ’92). LNCS. Springer, Berlin
Barrett C, Fang Y, Goldberg B, Hu Y, Pnueli A, Zuck L (2005) TVOC: a translation validator for optimizing compilers. In: Computer aided verification (CAV ’05). LNCS. vol 3576. Springer, Berlin
Blech JO, Grégoire B (2008) Certifying code generation with coq. In: Compiler optimization meets compiler verification (COCV ’08), April 2008. ENTCS. Elsevier, Amsterdam
Blech JO, Grégoire B (2009) Using checker predicates in certifying code generation. In: Compiler optimization meets compiler verification (COCV ’09), March 2009. Elsevier, Amsterdam
Blech JO, Glesner S, Leitner J, Mülling S (2005) Optimizing code generation from SSA form: a comparison between two formal correctness proofs in Isabelle/HOL. In: Compiler optimization meets compiler verification (COCV ’05), April 2005. Elsevier, Amsterdam
Blech JO (2007) On certifying code generation. Technical Report 366/07, University of Kaiserslautern, November 2007
Blech JO (2009) Certifying system translations using higher order theorem provers. PhD-Thesis. Logos, Berlin, ISBN 3832522115
Berghofer S, Nipkow T (2000) Proof terms for simply typed higher order logic. In: Theorem proving in higher order logics. LNCS. Springer, Berlin
Blech JO, Périn M (2009) Using checker predicates in certifying code generation. In: Software and compilers for embedded systems (SCOPES ’09), April 2009
Blech JO, Périn M (2011) Generating invariant-based certificates for embedded systems. In ACM Trans Embed Comput Syst (TECS) (to appear)
Blech JO, Poetzsch-Heffter A (2007) A certifying code generation phase. In: Compiler optimization meets compiler verification (COCV ’07), March 2007. ENTCS. Elsevier, Amsterdam
Blech JO, Schaefer I, Poetzsch-Heffter A (2007) Translation validation of system abstractions. In: Runtime verification (RV ’07), March 2007. LNCS. vol 4839. Springer, Berlin
Boutin S (1997) Using reflection to build efficient and certified decision procedures. In: Theoretical aspects of computer software (TACS ’97). LNCS. Springer, Berlin
Chetali B, Nguyen QH (2008) Industrial use of formal methods for a high-level security evaluation. In: Formal methods in the development of computing systems. LNCS, vol 5014. Springer, Berlin
Dave M (2003) Compiler verification: a bibliography. ACM SIGSOFT Softw Eng Notes
Gawkowski MJ, Blech JO, Poetzsch-Heffter A (2006) Certifying compilers based on formal translation contracts. Technical Report 355-06, University of Kaiserslautern, November 2006
Grégoire B, Théry L, Werner B (2006) A computational approach to Pocklington certificates in type theory. In: Functional and logic programming, 8th international symposium. LNCS. Springer, Berlin
Grégoire B, Mahboubi A (2005) Proving equalities in a commutative ring done right in Coq. In: Theorem proving in higher order logics (TPHOLs ’05). LNCS. Springer, Berlin
Goos G, Zimmermann W (1999) Verification of compilers. In: Steffen B, Olderog ER (eds) Correct system design, November 1999. LNCS, vol 1710. Springer, Berlin
Kaufmann M, Moore J (2010) ACL2 homepage. See URL http://www.cs.-utexas.edu/users/moore/acl2
Klein G, Nipkow T (2006) A machine-checked model for a Java-like language, virtual machine and compiler. ACM Trans Program Lang Syst 28(4):619–695
Leroy X (2006) Formal certification of a compiler back-end or: programming a compiler with a proof assistant. In: Principles of programming languages (POPL ’06). ACM Press, New York, pp 42–54
Lerner S, Millstein T, Rice E, Chambers C (2005) Automated soundness proofs for dataflow analyses and transformations via local rules. In: Principles of programming languages (POPL ’05). ACM Press, New York
Leinenbach D, Paul W, Petrova E (2005) Towards the formal verification of a C0 compiler: code generation and implementation correctness. In: Software engineering and formal methods (SEFM ’05). IEEE Computer Society Press, Los Alamitos
McCarthy J, Painter J (1967) Correctness of a compiler for arithmetic expressions. In: Applied mathematics. Mathematical aspects of computer science, vol 19. American Mathematical Society, Providence, pp 33–41
Moore J (1989) A mechanically verified language implementation. J Autom Reason 5(4):461–492
Moore J (1996) Piton: a mechanically verified assembly-level language. Kluwer Academic, Norwell
Necula GC (1997) Proof-carrying code. In: ACM symposium on principles of programming languages and systems, Paris, France, January 1997
Necula GC (1998) Compiling with proofs. PhD thesis
Necula GC (2000) Translation validation for an optimizing compiler. In: Programming language design and implementation (PLDI ’00). ACM Press, New York, pp 83–95
Necula GC, Lee P (1998) The design and implementation of a certifying compiler. In: Conference on programming language design and implementation (PLDI ’00). ACM Press, New York, pp 333–344
Nipkow T, Paulson LC, Wenzel M (2002) Isabelle/HOL—a proof assistant for higher-order logic. In: LNCS, vol 2283. Springer, Berlin
Patterson DA, Hennessy JL (1998) Computer organization and design, the hardware/software interface, 2nd edn. Morgan Kaufmann, San Francisco
Poetzsch-Heffter A, Gawkowski MJ (2005) Towards proof generating compilers. Electron Notes Theor Comput Sci 132(1):37–51
Pnueli A, Siegel M, Singerman E (1998) Translation validation. In: LNCS, vol 1384. Springer, Berlin, p 151
Rinard M, Marinov D (1999) Credible compilation with pointers. In: Run-time result verification, Trento, Italy, July 1999. Springer, Berlin
Samet H (1975) Automatically proving the correctness of translations involving optimized code. PhD thesis, Computer Science Department, Stanford University
Samet H (1976) Compiler testing via symbolic interpretation. In: ACM 76: proceedings of the annual conference. ACM Press, New York, pp 492–497. http://doi.acm.org/10.1145/800191.805648
The Coq Development Team (2007) The Coq proof assistant reference manual—version 8.1. http://coq.inria.fr
Tristan J-B, Leroy X (2008) Formal verification of translation validators: a case study on instruction scheduling optimizations. In: Principles of programming languages (POPL ’08). ACM Press, New York
Rival X (2004) Symbolic transfer functions-based approaches to certified compilation. In: Principles of programming languages (POPL ’04). ACM Press, New York
Zimmermann W (2006) On the correctness of transformations in compiler back-ends. In: Leveraging applications of formal methods. LNCS, vol 4313. Springer, Berlin
Zuck L, Pnueli A, Fang Y, Goldberg B (2003) VOC: A methodology for the translation validation of optimizing compilers. J Univers Comput Sci 9(3):223–247
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Blech, J.O., Grégoire, B. Certifying compilers using higher-order theorem provers as certificate checkers. Form Methods Syst Des 38, 33–61 (2011). https://doi.org/10.1007/s10703-010-0108-7
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10703-010-0108-7