# Modular, Correct Compilation with Automatic Soundness Proofs

- 3 Citations
- 648 Downloads

## Abstract

Formal verification of compiler correctness requires substantial effort. A particular challenge is lack of modularity and automation. Any change or update to the compiler can render existing proofs obsolete and cause considerable manual proof effort. We propose a framework for automatically proving the correctness of compilation rules based on simultaneous symbolic execution for the source and target language. The correctness of the whole system follows from the correctness of each compilation rule. To support a new source or target language it is sufficient to formalize that language in terms of symbolic execution, while the corresponding formalization of its counterpart can be re-used. The correctness of translation rules can be checked automatically. Our approach is based on a reduction of correctness assertions to formulas in a program logic capable of symbolic execution of *abstract* programs. We instantiate the framework for compilation from Java to LLVM IR and provide a symbolic execution system for a subset of LLVM IR.

## Supplementary material

## References

- 1.Ahrendt, W., Beckert, B., Bubel, R., Hähnle, R., Schmitt, P.H., Ulbrich, M.: Deductive Software Verification - The KeY Book. LNCS, vol. 10001. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-49812-6CrossRefGoogle Scholar
- 2.Augustsson, L.: A compiler for lazy ML. In: Proceedings of LFP 1984. ACM (1984)Google Scholar
- 3.Breebaart, L.: Rule-based compilation of data parallel programs. Ph.D. thesis, Delft University of Technology (2003)Google Scholar
- 4.Bubel, R., Hähnle, R., Pelevina, M.: Fully abstract operation contracts. In: Margaria, T., Steffen, B. (eds.) ISoLA 2014. LNCS, vol. 8803, pp. 120–134. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45231-8_9CrossRefGoogle Scholar
- 5.Burstall, R.M.: Program proving as hand simulation with a little induction. In: Information Processing, pp. 308–312. Elsevier (1974)Google Scholar
- 6.Cadar, C., Dunbar, D., et al.: KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs. In: 8th USENIX Conference on OSDI, pp. 209–224. USENIX Association, Berkeley (2008)Google Scholar
- 7.Hähnle, R., Schaefer, I., Bubel, R.: Reuse in software verification by abstract method calls. In: Bonacina, M.P. (ed.) CADE 2013. LNCS (LNAI), vol. 7898, pp. 300–314. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38574-2_21CrossRefGoogle Scholar
- 8.Ji, R.: Sound program transformation based on symbolic execution and deduction. Ph.D. thesis, Technische Universität Darmstadt (2014)Google Scholar
- 9.Ji, R., Bubel, R.: Program transformation and compilation. In: Ahrendt, W., Beckert, B., Bubel, R., Hähnle, R., Schmitt, P.H., Ulbrich, M. (eds.) Deductive Software Verification – The KeY Book. LNCS, vol. 10001, pp. 473–492. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-49812-6_14CrossRefGoogle Scholar
- 10.Klein, G., Nipkow, T.: A machine-checked model for a Java-like language, virtual machine, and compiler. ACM Trans. PLS
**28**(4), 619–695 (2006)Google Scholar - 11.Lattner, C., Adve, V.: LLVM: a compilation framework for lifelong program analysis & transformation. In: Proceedings of CGO 2004, p. 75. IEEE Computer Society (2004)Google Scholar
- 12.Le, V., Afshari, M., et al.: Compiler validation via equivalence modulo inputs. In: Proceedings of 35th ACM SIGPLAN Conference on PLDI, pp. 216–226. ACM (2014)Google Scholar
- 13.Leroy, X.: Formal verification of a realistic compiler. Commun. ACM
**52**(7), 107–115 (2009)CrossRefGoogle Scholar - 14.Menendez, D., Nagarakatte, S., Gupta, A.: Alive-FP: automated verification of floating point based peephole optimizations in LLVM. In: Rival, X. (ed.) SAS 2016. LNCS, vol. 9837, pp. 317–337. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53413-7_16CrossRefGoogle Scholar
- 15.Saabas, A., Uustalu, T.: A compositional natural semantics and Hoare logic for low-level languages. Theor. Comput. Sci.
**373**(3), 273–302 (2007)MathSciNetCrossRefGoogle Scholar - 16.Scheurer, D., Hähnle, R., Bubel, R.: A general lattice model for merging symbolic execution branches. In: Ogata, K., Lawford, M., Liu, S. (eds.) ICFEM 2016. LNCS, vol. 10009, pp. 57–73. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-47846-3_5CrossRefGoogle Scholar
- 17.Steinhöfel, D., Wasser, N.: A new invariant rule for the analysis of loops with non-standard control flows. In: Polikarpova, N., Schneider, S. (eds.) IFM 2017. LNCS, vol. 10510, pp. 279–294. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66845-1_18CrossRefGoogle Scholar
- 18.Tan, Y.K., Myreen, M.O., et al.: A new verified compiler backend for CakeML. In: Proceedings of 21st International Conference on Functional Programming, pp. 60–73. ACM (2016)Google Scholar
- 19.Zhao, J., Nagarakatte, S., et al.: Formalizing the LLVM intermediate representation for verified program transformations. In: Proceedings of 39th ACM SIGPLAN-SIGACT Symposium on POPL, pp. 427–440. ACM (2012)Google Scholar