research-article

Open access

Cakes That Bake Cakes: Dynamic Computation in CakeML

Authors:

Magnus O. Myreen,

Alexander Mihajlovic,

Oskar Abrahamsson,

Scott OwensAuthors Info & Claims

Proceedings of the ACM on Programming Languages, Volume 7, Issue PLDI

Article No.: 152, Pages 1121 - 1144

https://doi.org/10.1145/3591266

Published: 06 June 2023 Publication History

Abstract

We have extended the verified CakeML compiler with a new language primitive, Eval, which permits evaluation of new CakeML syntax at runtime. This new implementation supports an ambitious form of compilation at runtime and dynamic execution, where the original and dynamically added code can share (higher-order) values and recursively call each other. This is, to our knowledge, the first verified run-time environment capable of supporting a standard LCF-style theorem prover design.

Modifying the modern CakeML compiler pipeline and proofs to support a dynamic computation semantics was an extensive project. We review the design decisions, proof techniques, and proof engineering lessons from the project, and highlight some unexpected complications.

References

[1]

Oskar Abrahamsson, Magnus O. Myreen, Ramana Kumar, and Thomas Sewell. 2022. Candle: A Verified Implementation of HOL Light. In ITP, June Andronick and Leonardo de Moura (Eds.) (LIPIcs, Vol. 237). Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 3:1–3:17. https://doi.org/10.4230/LIPIcs.ITP.2022.3

[2]

Aurèle Barrière, Sandrine Blazy, Olivier Flückiger, David Pichardie, and Jan Vitek. 2021. Formally verified speculation and deoptimization in a JIT compiler. Proc. ACM Program. Lang., 5, POPL (2021), 1–26. https://doi.org/10.1145/3434327

Digital Library

[3]

Aurèle Barrière, Sandrine Blazy, and David Pichardie. 2023. Formally Verified Native Code Generation in an Effectful JIT: Turning the CompCert Backend into a Formally Verified JIT Compiler. Proc. ACM Program. Lang., 7, POPL (2023), 249–277.

Digital Library

[4]

Michael J. C. Gordon, Robin Milner, F. Lockwood Morris, Malcolm C. Newey, and Christopher P. Wadsworth. 1978. A Metalanguage for Interactive Proof in LCF. In POPL, Alfred V. Aho, Stephen N. Zilles, and Thomas G. Szymanski (Eds.). ACM Press, 119–130. https://doi.org/10.1145/512760.512773

Digital Library

[5]

Michael J. C. Gordon, Robin Milner, and Christopher P. Wadsworth. 1979. Edinburgh LCF (LNCS, Vol. 78). Springer. isbn:3-540-09724-4 https://doi.org/10.1007/3-540-09724-4

[6]

John Harrison. 2009. HOL Light: An Overview. In TPHOLs, Stefan Berghofer, Tobias Nipkow, Christian Urban, and Makarius Wenzel (Eds.) (LNCS, Vol. 5674). Springer, 60–66. https://doi.org/10.1007/978-3-642-03359-9_4

Digital Library

[7]

Aquinas Hobor, Andrew W. Appel, and Francesco Zappa Nardelli. 2008. Oracle Semantics for Concurrent Separation Logic. In ESOP, Sophia Drossopoulou (Ed.) (LNCS, Vol. 4960). Springer, 353–367. https://doi.org/10.1007/978-3-540-78739-6_27

[8]

Jeehoon Kang, Yoonseung Kim, Chung-Kil Hur, Derek Dreyer, and Viktor Vafeiadis. 2016. Lightweight verification of separate compilation. In POPL, Rastislav Bodík and Rupak Majumdar (Eds.). ACM, 178–190. https://doi.org/10.1145/2837614.2837642

Digital Library

[9]

Ramana Kumar, Magnus O. Myreen, Michael Norrish, and Scott Owens. 2014. CakeML: a verified implementation of ML. In POPL, Suresh Jagannathan and Peter Sewell (Eds.). ACM, 179–192. https://doi.org/10.1145/2535838.2535841

Digital Library

[10]

Xavier Leroy. 2009. Formal verification of a realistic compiler. Commun. ACM, 52, 7 (2009), 107–115. https://doi.org/10.1145/1538788.1538814

Digital Library

[11]

Xavier Leroy. 2009. A Formally Verified Compiler Back-end. J. Autom. Reason., 43, 4 (2009), 363–446. https://doi.org/10.1007/s10817-009-9155-4

Digital Library

[12]

Guido Martínez, Danel Ahman, Victor Dumitrescu, Nick Giannarakis, Chris Hawblitzel, Catalin Hritcu, Monal Narasimhamurthy, Zoe Paraskevopoulou, Clément Pit-Claudel, Jonathan Protzenko, Tahina Ramananandro, Aseem Rastogi, and Nikhil Swamy. 2019. Meta-F*: Proof Automation with SMT, Tactics, and Metaprograms. In ESOP, Luís Caires (Ed.) (LNCS, Vol. 11423). Springer, 30–59. https://doi.org/10.1007/978-3-030-17184-1_2

[13]

Robin Milner. 1975. Processes: A Mathematical Model of Computing Agents. In Logic Colloquium ’73, H.E. Rose and J.C. Shepherdson (Eds.) (Studies in Logic and the Foundations of Mathematics, Vol. 80). Elsevier, 157–173. issn:0049-237X https://doi.org/10.1016/S0049-237X(08)71948-7

[14]

Magnus O. Myreen. 2010. Verified just-in-time compiler on x86. In Principles of Programming Languages (POPL), Manuel V. Hermenegildo and Jens Palsberg (Eds.). ACM, 107–118.

[15]

Magnus O. Myreen. 2021. The CakeML Project’s Quest for Ever Stronger Correctness Theorems (Invited Paper). In ITP, Liron Cohen and Cezary Kaliszyk (Eds.) (LIPIcs, Vol. 193). Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 1:1–1:10. https://doi.org/10.4230/LIPIcs.ITP.2021.1

[16]

Magnus O. Myreen and Jared Davis. 2011. A Verified Runtime for a Verified Theorem Prover. In ITP, Marko C. J. D. van Eekelen, Herman Geuvers, Julien Schmaltz, and Freek Wiedijk (Eds.) (LNCS, Vol. 6898). Springer, 265–280. https://doi.org/10.1007/978-3-642-22863-6_20

[17]

Magnus O. Myreen and Scott Owens. 2014. Proof-producing Translation of Higher-order logic into Pure and Stateful ML. Journal of Functional Programming (JFP), 24, 2-3 (2014), May, 284–315. https://doi.org/10.1017/S0956796813000282

[18]

Georg Neis, Chung-Kil Hur, Jan-Oliver Kaiser, Craig McLaughlin, Derek Dreyer, and Viktor Vafeiadis. 2015. Pilsner: a compositionally verified compiler for a higher-order imperative language. In ICFP, Kathleen Fisher and John H. Reppy (Eds.). ACM, 166–178. https://doi.org/10.1145/2784731.2784764

Digital Library

[19]

Tobias Nipkow, Lawrence C. Paulson, and Markus Wenzel. 2002. Isabelle/HOL - A Proof Assistant for Higher-Order Logic (LNCS, Vol. 2283). Springer. https://doi.org/10.1007/3-540-45949-9

[20]

Scott Owens, Magnus O. Myreen, Ramana Kumar, and Yong Kiam Tan. 2016. Functional Big-Step Semantics. In ESOP, Peter Thiemann (Ed.) (LNCS, Vol. 9632). Springer, 589–615. https://doi.org/10.1007/978-3-662-49498-1_23

Digital Library

[21]

Scott Owens, Michael Norrish, Ramana Kumar, Magnus O. Myreen, and Yong Kiam Tan. 2017. Verifying efficient function calls in CakeML. Proc. ACM Program. Lang., 1, ICFP (2017), 18:1–18:27. https://doi.org/10.1145/3110262

Digital Library

[22]

Lawrence C. Paulson. 1983. A Higher-Order Implementation of Rewriting. Sci. Comput. Program., 3, 2 (1983), 119–149. https://doi.org/10.1016/0167-6423(83)90008-4

[23]

James T. Perconti and Amal Ahmed. 2014. Verifying an Open Compiler Using Multi-language Semantics. In ESOP, Zhong Shao (Ed.) (LNCS, Vol. 8410). Springer, 128–148. https://doi.org/10.1007/978-3-642-54833-8_8

Digital Library

[24]

Johannes Åman Pohjola, Alejandro Gómez-Londoño, James Shaker, and Michael Norrish. 2022. Kalas: A Verified, End-To-End Compiler for a Choreographic Language. In ITP, June Andronick and Leonardo de Moura (Eds.) (LIPIcs, Vol. 237). Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 27:1–27:18. https://doi.org/10.4230/LIPIcs.ITP.2022.27

[25]

Thomas Sewell, Magnus O. Myreen, Yong Kiam Tan, Ramana Kumar, Alexander Mihajlovic, Oskar Abrahamsson, and Scott Owens. 2023. Cakeml+Eval Artifact. https://doi.org/10.5281/zenodo.7813942

Digital Library

[26]

Konrad Slind and Michael Norrish. 2008. A Brief Overview of HOL4. In TPHOLs, Otmane Aït Mohamed, César A. Muñoz, and Sofiène Tahar (Eds.) (LNCS, Vol. 5170). Springer, 28–32. https://doi.org/10.1007/978-3-540-71067-7_6

Digital Library

[27]

Youngju Song, Minki Cho, Dongjoo Kim, Yonghyun Kim, Jeehoon Kang, and Chung-Kil Hur. 2020. CompCertM: CompCert with C-assembly linking and lightweight modular verification. Proc. ACM Program. Lang., 4, POPL (2020), 23:1–23:31. https://doi.org/10.1145/3371091

Digital Library

[28]

Gordon Stewart, Lennart Beringer, Santiago Cuellar, and Andrew W. Appel. 2015. Compositional CompCert. In POPL, Sriram K. Rajamani and David Walker (Eds.). ACM, 275–287. https://doi.org/10.1145/2676726.2676985

Digital Library

[29]

Yong Kiam Tan, Magnus O. Myreen, Ramana Kumar, Anthony C. J. Fox, Scott Owens, and Michael Norrish. 2019. The verified CakeML compiler backend. J. Funct. Program., 29 (2019), e2. https://doi.org/10.1017/S0956796818000229

[30]

Xi Wang, David Lazar, Nickolai Zeldovich, Adam Chlipala, and Zachary Tatlock. 2014. Jitk: A Trustworthy In-Kernel Interpreter Infrastructure. In OSDI, Jason Flinn and Hank Levy (Eds.). USENIX Association, 33–47.

[31]

Yuting Wang, Xiangzhe Xu, Pierre Wilke, and Zhong Shao. 2020. CompCertELF: verified separate compilation of C programs into ELF object files. Proc. ACM Program. Lang., 4, OOPSLA (2020), 197:1–197:28. https://doi.org/10.1145/3428265

Digital Library

[32]

Li-yao Xia, Yannick Zakowski, Paul He, Chung-Kil Hur, Gregory Malecha, Benjamin C. Pierce, and Steve Zdancewic. 2020. Interaction trees: representing recursive and impure programs in Coq. Proc. ACM Program. Lang., 4, POPL (2020), 51:1–51:32. https://doi.org/10.1145/3371119

Digital Library

Cited By

Kanabar HVivien SAbrahamsson OMyreen MNorrish MPohjola JZanetti R(2023)PureCake: A Verified Compiler for a Lazy Functional LanguageProceedings of the ACM on Programming Languages10.1145/35912597:PLDI(952-976)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3591259

Index Terms

Cakes That Bake Cakes: Dynamic Computation in CakeML
1. Software and its engineering
  1. Software notations and tools
    1. Compilers
  2. Software organization and properties
    1. Software functional properties
      1. Formal methods
        Software verification
2. Theory of computation
  1. Logic
    1. Higher order logic

Recommendations

PureCake: A Verified Compiler for a Lazy Functional Language

We present PureCake, a mechanically-verified compiler for PureLang, a lazy, purely functional programming language with monadic effects. PureLang syntax is Haskell-like and indentation-sensitive, and its constraint-based Hindley-Milner type system ...
CakeML: a verified implementation of ML
POPL '14: Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages

We have developed and mechanically verified an ML system called CakeML, which supports a substantial subset of Standard ML. CakeML is implemented as an interactive read-eval-print loop (REPL) in x86-64 machine code. Our correctness theorem ensures that ...
CakeML: a verified implementation of ML
POPL '14

We have developed and mechanically verified an ML system called CakeML, which supports a substantial subset of Standard ML. CakeML is implemented as an interactive read-eval-print loop (REPL) in x86-64 machine code. Our correctness theorem ensures that ...

Comments

Information & Contributors

Information

Published In

cover image Proceedings of the ACM on Programming Languages

Proceedings of the ACM on Programming Languages Volume 7, Issue PLDI

June 2023

2020 pages

EISSN:2475-1421

DOI:10.1145/3554310

Editor:
Michael Hicks
Amazon, USA

Issue’s Table of Contents

Copyright © 2023 Owner/Author.

This work is licensed under a Creative Commons Attribution 4.0 International License.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 June 2023

Published in PACMPL Volume 7, Issue PLDI

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Author Tags

Qualifiers

Research-article

Funding Sources

Swedish Research Council
European Research Council

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
284
Total Downloads

Downloads (Last 12 months)200
Downloads (Last 6 weeks)15

Reflects downloads up to 10 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Kanabar HVivien SAbrahamsson OMyreen MNorrish MPohjola JZanetti R(2023)PureCake: A Verified Compiler for a Lazy Functional LanguageProceedings of the ACM on Programming Languages10.1145/35912597:PLDI(952-976)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3591259

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Media

Figures

Other

Tables

View Issue’s Table of Contents