We present a program logic, \(\mathcal{L}_{c}\), which modularly reasons about unstructured control flow in machine-language programs. Unlike previous program logics, the basic reasoning units in \(\mathcal{L}_{c}\) are multiple-entry and multiple-exit program fragments. \(\mathcal{L}_{c}\) provides fine-grained composition rules to compose program fragments. It is not only useful for reasoning about unstructured control flow in machine languages, but also useful for deriving rules for common control-flow structures such as while-loops, repeat-until-loops, and many others. We also present a semantics for \(\mathcal{L}_{c}\) and prove that the logic is both sound and complete with respect to the semantics. As an application, \(\mathcal{L}_{c}\) and its semantics have been implemented on top of the \(\mathcal{L}_{c}\) machine language, and are embedded in the Foundational Proof-Carrying Code project to produce memory-safety proofs for machine-language programs.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Hoare, C.A.R.: An axiomatic basis for computer programming. Communications of the Association for Computing Machinery 12, 578–580 (1969)Google Scholar
  2. 2.
    Necula, G.: Proof-carrying code. In: 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 106–119. ACM Press, New York (1997)CrossRefGoogle Scholar
  3. 3.
    Morrisett, G., Walker, D., Crary, K., Glew, N.: From System F to typed assembly language. ACM Trans. on Programming Languages and Systems 21, 527–568 (1999)CrossRefGoogle Scholar
  4. 4.
    Appel, A.W.: Foundational proof-carrying code. In: Symposium on Logic in Computer Science (LICS 2001), pp. 247–258. IEEE, Los Alamitos (2001)CrossRefGoogle Scholar
  5. 5.
    Clint, M., Hoare, C.A.R.: Program proving: Jumps and functions. Acta Informatica, 214–224 (1972)Google Scholar
  6. 6.
    Kowaltowski, T.: Axiomatic approach to side effects and general jumps. Acta Informatica 7, 357–360 (1977)zbMATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Arbib, M., Alagic, S.: Proof rules for gotos. Acta Informatica 11, 139–148 (1979)CrossRefGoogle Scholar
  8. 8.
    de Bruin, A.: Goto statements: Semantics and deduction systems. Acta Informatica 15, 385–424 (1981)zbMATHCrossRefGoogle Scholar
  9. 9.
    O’Donnell, M.J.: A critique of the foundations of hoare style programming logics. Communications of the Association for Computing Machinery 25, 927–935 (1982)zbMATHGoogle Scholar
  10. 10.
    Floyd, R.W.: Assigning meanings to programs. In: Proceedings of Symposia in Applied Mathematics, pp. 19–32. Providence, Rhode Island (1967)Google Scholar
  11. 11.
    Cardelli, L.: Program fragments, linking, and modularization. In: 24th ACM Symposium on Principles of Programming Languages, pp. 266–277 (1997)Google Scholar
  12. 12.
    Glew, N., Morrisett, G.: Type-safe linking and modular assembly language. In: 26th ACM Symposium on Principles of Programming Languages, pp. 250–261 (1999)Google Scholar
  13. 13.
    Benton, N.: A typed, compositional logic for a stack-based abstract machine. In: 3rd Asian Symposium on Programming Languages and Systems (2005)Google Scholar
  14. 14.
    Ni, Z., Shao, Z.: Certified assembly programming with embedded code pointers. In: 33rd ACM Symposium on Principles of Programming Languages (2006) (to appear)Google Scholar
  15. 15.
    Saabas, A., Uustalu, T.: A compositional natural semantics and Hoare logic for low-level languages. In: Proceedings of the Second Workshop on Structured Operational Semantics, SOS 2005 (2005)Google Scholar
  16. 16.
    Tan, G.: A Compositional Logic for Control Flow and its Application in Foundational Proof-Carrying Code. PhD thesis, Princeton University (2005)Google Scholar
  17. 17.
    Appel, A.W., McAllester, D.: An indexed model of recursive types for foundational proof-carrying code. ACM Trans. on Programming Languages and Systems 23, 657–683 (2001)CrossRefGoogle Scholar
  18. 18.
    Tan, G., Appel, A.W., Swadi, K.N., Wu, D.: Construction of a semantic model for a typed assembly language. In: Steffen, B., Levi, G. (eds.) VMCAI 2004. LNCS, vol. 2937, pp. 30–43. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  19. 19.
    Sørensen, M.H., Urzyczyn, P.: Lectures on the Curry-Howard isomorphism. Available as DIKU Rapport 98/14 (1998)Google Scholar
  20. 20.
    Cook, S.A.: Soundness and completeness of an axiom system for program verification. SIAM Journal on Computing 7, 70–90 (1978)zbMATHCrossRefMathSciNetGoogle Scholar
  21. 21.
    Chen, J., Wu, D., Appel, A.W., Fang, H.: A provably sound TAL for back-end optimization. In: ACM Conference on Programming Language Design and Implementation, pp. 208–219 (2003)Google Scholar
  22. 22.
    Swadi, K.N.: Typed Machine Language. PhD thesis, Princeton University (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Gang Tan
    • 1
  • Andrew W. Appel
    • 2
  1. 1.Computer Science DepartmentBoston College 
  2. 2.Computer Science DepartmentPrinceton University 

Personalised recommendations