Abstract
We present a PLT Redex model of a substantial portion of the Racket virtual machine and bytecode verifier (formerly known as MzScheme), along with lessons learned in developing the model. Inspired by the “warts-and-all” approach of the VLISP project, in which Wand et al. produced a verified implementation of Scheme, our model reflects many of the realities of a production system. Our methodology departs from the VLISP project’s in its approach to validation; instead of producing a proof of correctness, we explore the use of QuickCheck-style randomized testing, finding it a cheap and effective technique for discovering a variety of errors in the model—from simple typos to more fundamental design mistakes.
Similar content being viewed by others
Notes
Such right-hand sides can be used to construct cyclic data structures. For example, the following defines an infinite stream of ones, abstracted over the implementation of cons.
This expression compiles to the following bytecode:
References
Amadio, R.M., Coupet-Grimal, S., Zilio, S.D., Jakubiec, L.: A functional scenario for bytecode verification of resource bounds. In: International Workshop on Computer Science Logic, pp. 265–279 (2004)
Appel, A.W.: Compiling with Continuations. Cambridge University Press, Cambridge (1992)
Berghofer, S., Nipkow, T.: Random testing in Isabelle/HOL. In: Proceedings of the International Conference on Software Engineering and Formal Methods, pp. 230–239 (2004)
Cheney, J., Momigliano, A.: Mechanized metatheory model-checking. In: Proceedings of the ACM SIGPLAN International Conference on Principles and Practice of Declarative Programming, pp. 75–86 (2007)
Claessen, K., Hughes, J.: QuickCheck: A lightweight tool for random testing of Haskell programs. In: Proceedings of the ACM SIGPLAN International Conference on Functional Programming, pp. 268–279 (2000)
Clarke, D.G., Potter, J.M., Noble, J.: Ownership types for flexible alias protection. In: Proceedings of the ACM SIGPLAN Conference on Object-Oriented Programming Systems, Languages, and Applications, pp. 48–64 (1998)
Clinger, W., Rees, J.: Revised report on the algorithmic language Scheme. ACM SIGPLAN Lisp Pointers IV, 3, 1–55 (1991)
Clinger, W.D.: Proper tail recursion and space efficiency. In: Proceedings of ACM SIGPLAN Conference on Programming Language Design and Implementation, June, pp. 174–185 (1998)
Coglio, A., Goldberg, A., Qian, Z.: Toward a provably-correct implementation of the JVM bytecode verifier. In: Proceedings of the Workshop on Formal Underpinnings of Java, pp. 403–410 (1998)
Cohen, R.: The defensive Java virtual machine specification. Technical report, Computational Logic Inc. (1997)
Dockins, R., Guyer, S.: Bytecode verification for Haskell. Technical report, Tufts University Department of Computer Science (2007)
ECMA. Common Language Infrastructure (CLI), Standard ECMA-335, 4th edn. European Association for Standardizing Information and Communication Systems (2006)
Felleisen, M., Findler, R.B., Flatt, M.: Semantics Engineering with PLT Redex. MIT Press, Cambridge (2009)
Flatt, M., PLT: Reference: Racket. Technical report PLT-TR-2010-1, PLT Inc. (2010). http://racket-lang.org/tr1/
Freund, S.N., Mitchell, J.C.: A type system for the Java bytecode language and verifier. J. Autom. Reason. 30(3–4), 271–321 (2003)
Fruja, N.G.: Type Safety of C# and .NET CLR. PhD thesis, ETH Zürich (2007)
Goldberg, A.: A specification of Java loading and bytecode verification. In: Proceedings of the ACM Conference on Computer and Communications Security, pp. 49–58 (1998)
Gordon, A.D., Syme, D.: Typing a multi-language intermediate code. In: Proceedings of ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 248–260 (2001)
Gosling, J.: Java intermediate bytecodes. In: Proceedings of ACM SIGPLAN Workshop on Intermediate Representations, pp. 111–118 (1995)
Guttman, J.D., Wand, M. (eds.): VLISP: A Verified Implementation of Scheme. Kluwer, Boston (1995). Originally published as a special double issue 8(1/2) of the journal LISP Symb. Comput.
Igarashi, A., Pierce, B.C., Wadler, P.: Featherweight Java: A minimal core calculus for Java and GJ. ACM Trans. Program. Lang. Syst. 23(3), 396–450 (2001)
Klein, C., Findler, R.B.: Randomized testing in PLT Redex. In: Proceedings of the Workshop on Scheme and Functional Programming (2009)
Landin, P.J.: The mechanical evaluation of expressions. Comput. J. 6(4), 308–320 (1963)
Lee, D.K., Crary, K., Harper, R.: Toward a mechanized metatheory of Standard ML. In: Proceedings of ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 173–184 (2007)
Leroy, X.: Java bytecode verification: algorithms and formalizations. J. Autom. Reason. 30(3–4), 319–340 (2003)
Linholm, T., Yellin, F.: The Java Virtual Machine Specification, 2nd edn. The Java Series. Prentice Hall, New York (1999)
McKeeman, W.M.: Differential testing for software. Digit. Tech. J. 10(1), 100–107 (1998)
Milner, R., Tofte, M., Harper, R., MacQueen, D.: The Definition of Standard ML (Revised). MIT Press, Cambridge (1997)
Nipkow, T., von Oheimb, D.: Java light is type-safe—definitely. In: Proceedings of ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 161–170 (1998)
Norrish, M.: C formalized in HOL. Technical report, University of Cambridge (1998)
Qian, Z.: A formal specification of Java virtual machine instructions for objects, methods and subroutines. In: Formal Syntax and Semantics of Java, pp. 271–312. Springer, Berlin (1999)
Roberson, M., Harries, M., Darga, P.T., Boyapati, C.: Efficient software model checking of soundness of type systems. In: Proceedings of the ACM SIGPLAN Conference on Object-Oriented Programming Systems, Languages, and Applications, pp. 493–504 (2008)
Sperber, M., Dybvig, R.K., Flatt, M., van Straaten, A., Findler, R.B., Matthews, J.: Revised [6] Report on the Algorithmic Language Scheme. Cambridge University Press, Cambridge (2010)
Stärk, R., Schmid, J., Börger, E.: Java and the Java Virtual Machine. Springer, Berlin (2001)
Stata, R., Abadi, M.: A type system for Java bytecode subroutines. ACM Trans. Program. Lang. Syst. 21(1), 90–137 (1999)
Steele, G.L. Jr.: Debunking the “expensive procedure call” myth; or, Procedure call implementations considered harmful; or, LAMBDA: The ultimate goto. Technical report 443, MIT Artificial Intelligence Laboratory (1977). First appeared in the Proceedings of the ACM National Conference (Seattle, October 1977), pp. 153–162
Syme, D.: Declarative Theorem Proving for Operational Semantics. PhD thesis, University of Cambridge (1998)
Syme, D.: Proving Java type soundness. Technical report, University of Cambridge (2001)
Walker, D., Mackey, L., Ligatti, J., Reis, G.A., August, D.I.: Static typing for a faulty lambda calculus. In: Proceedings of the ACM SIGPLAN International Conference on Functional Programming, pp. 38–49 (2006)
Yellin, F.: Low level security in Java. In: Proceedings of the International World Wide Web Conference, pp. 369–379 (1995)
Yu, D., Kennedy, A., Syme, D.: Formalization of generics for the .NET Common Language Runtime. In: Proceedings of ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (2004)
Acknowledgements
We thank John Reppy and the anonymous HOSC reviewers for their helpful comments.
Author information
Authors and Affiliations
Corresponding author
Additional information
Work by C. Klein partly conducted at the University of Chicago, Chicago, IL.
Rights and permissions
About this article
Cite this article
Klein, C., Flatt, M. & Findler, R.B. The Racket virtual machine and randomized testing. Higher-Order Symb Comput 25, 209–253 (2012). https://doi.org/10.1007/s10990-013-9091-1
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10990-013-9091-1