Advertisement

Fast Machine Words in Isabelle/HOL

  • Andreas Lochbihler
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10895)

Abstract

Code generated from a verified formalisation typically runs faster when it uses machine words instead of a syntactic representation of integers. This paper presents a library for Isabelle/HOL that links the existing formalisation of words to the machine words that the four target languages of Isabelle/HOL’s code generator provide. Our design ensures that (i) Isabelle/HOL machine words can be mapped soundly and efficiently to all target languages despite the differences in the APIs; (ii) they can be used uniformly with the three evaluation engines in Isabelle/HOL, namely code generation, normalisation by evaluation, and term rewriting; and (iii) they blend in with the existing formalisations of machine words. Several large-scale formalisation projects use our library to speed up their generated code. To validate the unverified link between machine words in the logic and those in the target languages, we extended Isabelle/HOL with a general-purpose testing facility that compiles test cases expressed within Isabelle/HOL to the four target languages and runs them with the most common implementations of each language. When we applied this to our library of machine words, we discovered miscomputations in the 64-bit word library of one of the target-language implementations.

Notes

Acknowledgements

Peter Lammich contributed an initial formalisation of machine words of unspecified length. Rafael Häuselmann helped to implement the code_test command. René Thiemann and Mathias Fleury encouraged us to develop the library further. The author was supported by the Swiss National Science Fund under grant 153217.

References

  1. 1.
    Aehlig, K., Haftmann, F., Nipkow, T.: A compiled implementation of normalisation by evaluation. J. Funct. Program. 22(1), 9–30 (2012)MathSciNetCrossRefGoogle Scholar
  2. 2.
    A. Anand, A. Appel, G. Morrisett, Z. Paraskevopoulou, R. Pollack, O. Savary Belanger, M. Sozeau, and M. Weaver. CertiCoq: A verified compiler for Coq. In: CoqPL 2017 (2017)Google Scholar
  3. 3.
    Armand, M., Grégoire, B., Spiwack, A., Théry, L.: Extending Coq with imperative features and its application to SAT verification. In: Kaufmann, M., Paulson, L.C. (eds.) ITP 2010. LNCS, vol. 6172, pp. 83–98. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-14052-5_8CrossRefGoogle Scholar
  4. 4.
    Arthan, R.: On definitions of constants and types in HOL. J. Autom. Reason. 56(3), 205–219 (2016)MathSciNetCrossRefGoogle Scholar
  5. 5.
    Blanchette, J.C., Bulwahn, L., Nipkow, T.: Automatic proof and disproof in Isabelle/HOL. In: Tinelli, C., Sofronie-Stokkermans, V. (eds.) FroCoS 2011. LNCS (LNAI), vol. 6989, pp. 12–27. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-24364-6_2CrossRefGoogle Scholar
  6. 6.
    Blot, A., Dagand, P.É., Lawall, J.: From sets to bits in Coq. In: Kiselyov, O., King, A. (eds.) FLOPS 2016. LNCS, vol. 9613, pp. 12–28. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-29604-3_2CrossRefGoogle Scholar
  7. 7.
    Brucker, A.D., Wolff, B.: hol-TestGen: an interactive test-case generation framework. In: Chechik, M., Wirsing, M. (eds.) FASE 2009. LNCS, vol. 5503, pp. 417–420. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-00593-0_28CrossRefGoogle Scholar
  8. 8.
    Bulwahn, L.: Counterexample Generation for Higher-Order Logic Using Functional and Logic Programming. Ph.D. thesis, Fakultät für Informatik, Technische Universität München (2013)Google Scholar
  9. 9.
    Clavel, M., et al.: All About Maude - A High-Performance Logical Framework. LNCS, vol. 4350. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-71999-1CrossRefzbMATHGoogle Scholar
  10. 10.
    Crow, J., Owre, S., Rushby, J., Shankar, N., Stringer-Calvert, D.: Evaluating, testing, and animating PVS specifications. Technical report, Computer Science Laboratory. SRI International, Menlo Park, CA (2001)Google Scholar
  11. 11.
    Dawson, J.: Isabelle theories for machine words. In: Goldsmith, M., Roscoe, B. (eds.) AVOCS 2007, vol. 250(1). ENTCS, pp. 55–70. Elsevier (2009)Google Scholar
  12. 12.
    Dawson, J., Graunke, P., Huffman, B., Klein, G., Matthews, J.: Machine words in Isabelle/HOL (2017). http://isabelle.in.tum.de/dist/library/HOL/HOL-Word/document.pdf
  13. 13.
    Delaware, B., Pit-Claudel, C., Gross, J., Chlipala, A.: Fiat: Deductive synthesis of abstract data types in a proof assistant. In: POPL 2015, pp. 689–700. ACM, New York (2015)Google Scholar
  14. 14.
    Divasón, J., Joosten, S., Thiemann, R., Yamada, A.: A formalization of the Berlekamp-Zassenhaus factorization algorithm. In: CPP 2017, pp. 17–29. ACM, New York (2017)Google Scholar
  15. 15.
    Esparza, J., et al.: A fully verified executable LTL model checker. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 463–478. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-39799-8_31CrossRefGoogle Scholar
  16. 16.
    Farzan, A., Meseguer, J., Roşu, G.: Formal JVM code analysis in JavaFAN. In: Rattray, C., Maharaj, S., Shankland, C. (eds.) AMAST 2004. LNCS, vol. 3116, pp. 132–147. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-27815-3_14CrossRefGoogle Scholar
  17. 17.
    Fleury, M., Blanchette, J.C., Lammich, P.: A verified SAT solver with watched literals using imperative HOL. In: CPP 2018, pp. 158–171. ACM (2018)Google Scholar
  18. 18.
    Greve, D., Wilding, M., Hardin, D.: High-speed, analyzable simulators. In: Kaufmann, M., Manolios, P., Strother Moore, J. (eds.) Computer-Aided Reasoning: ACL2 Case Studies. Advances in Formal Methods, vol. 4, pp. 113–135. Springer, Boston (2000).  https://doi.org/10.1007/978-1-4757-3188-0_8
  19. 19.
    Haftmann, F.: Code generation from Isabelle/HOL theories (2017). http://isabelle.in.tum.de/dist/Isabelle2017/doc/codegen.pdf
  20. 20.
    Haftmann, F., Krauss, A., Kunčar, O., Nipkow, T.: Data refinement in Isabelle/HOL. In: Blazy, S., Paulin-Mohring, C., Pichardie, D. (eds.) ITP 2013. LNCS, vol. 7998, pp. 100–115. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-39634-2_10CrossRefGoogle Scholar
  21. 21.
    Haftmann, F., Nipkow, T.: Code generation via higher-order rewrite systems. In: Blume, M., Kobayashi, N., Vidal, G. (eds.) FLOPS 2010. LNCS, vol. 6009, pp. 103–117. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-12251-4_9CrossRefGoogle Scholar
  22. 22.
    Haftmann, F., Wenzel, M.: Constructive type classes in Isabelle. In: Altenkirch, T., McBride, C. (eds.) TYPES 2006. LNCS, vol. 4502, pp. 160–174. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-74464-1_11CrossRefGoogle Scholar
  23. 23.
    Hales, T.C., Harrison, J., McLaughlin, S., Nipkow, T., Obua, S., Zumkeller, R.: A revision of the proof of the Kepler conjecture. Disc. Comput. Geom. 44(1), 1–34 (2010)MathSciNetCrossRefGoogle Scholar
  24. 24.
    Harrison, J.: Theorem Proving with the Real Numbers. Springer, London (1998).  https://doi.org/10.1007/978-1-4471-1591-5CrossRefzbMATHGoogle Scholar
  25. 25.
    Heule, M., Hunt, W., Kaufmann, M., Wetzler, N.: Efficient, verified checking of propositional proofs. In: Ayala-Rincón, M., Muñoz, C.A. (eds.) ITP 2017. LNCS, vol. 10499, pp. 269–284. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-66107-0_18CrossRefGoogle Scholar
  26. 26.
    Huffman, B., Kunčar, O.: Lifting and Transfer: a modular design for quotients in Isabelle/HOL. In: Gonthier, G., Norrish, M. (eds.) CPP 2013. LNCS, vol. 8307, pp. 131–146. Springer, Cham (2013).  https://doi.org/10.1007/978-3-319-03545-1_9CrossRefzbMATHGoogle Scholar
  27. 27.
    Hupel, L., Nipkow, T.: A verified compiler from Isabelle/HOL to CakeML. In: Ahmed, A. (ed.) ESOP 2018. LNCS, vol. 10801, pp. 999–1026. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-89884-1_35CrossRefGoogle Scholar
  28. 28.
    Kanav, S., Lammich, P., Popescu, A.: A conference management system with verified document confidentiality. In: Biere, A., Bloem, R. (eds.) CAV 2014. LNCS, vol. 8559, pp. 167–183. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-08867-9_11CrossRefGoogle Scholar
  29. 29.
    Kennedy, A., Benton, N., Jensen, J.B., Dagand, P.-E.: Coq: the world’s best macro assembler? In: PPDP 2013, pp. 13–24. ACM, New York (2013)Google Scholar
  30. 30.
    Kumar, R., Myreen, M.O., Norrish, M., Owens, S.: CakeML: a verified implementation of ML. In: POPL 2014, pp. 179–191. ACM, New York (2014)Google Scholar
  31. 31.
    Kunčar, O.: Correctness of Isabelle’s cyclicity checker: implementability of overloading in proof assistants. In: CPP 2015, pp. 85–94. ACM, New York (2015)Google Scholar
  32. 32.
    Kunčar, O., Popescu, A.: A consistent foundation for Isabelle/HOL. In: Urban, C., Zhang, X. (eds.) ITP 2015. LNCS, vol. 9236, pp. 234–252. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-22102-1_16CrossRefGoogle Scholar
  33. 33.
    Lammich, P.: Collections framework. Archive of Formal Proofs (2009). http://isa-afp.org/entries/Collections.html, Formal proof development
  34. 34.
    Lammich, P.: The GRAT tool chain. In: Gaspers, S., Walsh, T. (eds.) SAT 2017. LNCS, vol. 10491, pp. 457–463. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-66263-3_29CrossRefzbMATHGoogle Scholar
  35. 35.
    Lammich, P., Lochbihler, A.: The Isabelle collections framework. In: Kaufmann, M., Paulson, L.C. (eds.) ITP 2010. LNCS, vol. 6172, pp. 339–354. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-14052-5_24CrossRefGoogle Scholar
  36. 36.
    Lammich, P., Tuerk, T.: Applying data refinement for monadic programs to Hopcroft’s algorithm. In: Beringer, L., Felty, A. (eds.) ITP 2012. LNCS, vol. 7406, pp. 166–182. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32347-8_12CrossRefGoogle Scholar
  37. 37.
    Leroy, X.: A formally verified compiler back-end. J. Autom. Reason. 43(4), 363–446 (2009)MathSciNetCrossRefGoogle Scholar
  38. 38.
    Liu, H., Moore, J.S.: Executable JVM model for analytical reasoning: a study. In: IVME 2003, pp. 15–23. ACM (2003)Google Scholar
  39. 39.
    Lochbihler, A.: A Machine-Checked, Type-Safe Model of Java Concurrency : Language, Virtual Machine, Memory Model, and Verified Compiler. Ph.D. thesis, Karlsruher Institut für Technologie, Fakultät für Informatik, July 2012Google Scholar
  40. 40.
    Lochbihler, A.: Native word. Archive of Formal Proofs (2017). http://devel.isa-afp.org/entries/Native_Word.html, Formal proof development
  41. 41.
    Lochbihler, A., Bulwahn, L.: Animating the formalised semantics of a Java-like language. In: van Eekelen, M., Geuvers, H., Schmaltz, J., Wiedijk, F. (eds.) ITP 2011. LNCS, vol. 6898, pp. 216–232. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-22863-6_17CrossRefGoogle Scholar
  42. 42.
    Lochbihler, A., Züst, M.: Programming TLS in Isabelle/HOL. Isabelle Workshop (2014). http://www.andreas-lochbihler.de/pub/lochbihler14iw.pdf
  43. 43.
    Mullen, E., Pernsteiner, S., Wilcox, J.R., Tatlock, Z., Grossman, D.: Œuf: Minimizing the Coq extraction TCB. In: CPP 2018, pp. 172–185. ACM (2018)Google Scholar
  44. 44.
    Muñoz, C.: Rapid prototyping in PVS. Contractor Report NASA/CR-2003-212418, NASA, Langley Research Center, Hampton VA 23681–2199, USA (2003)Google Scholar
  45. 45.
    Nipkow, T.: Teaching semantics with a proof assistant: no more LSD trip proofs. In: Kuncak, V., Rybalchenko, A. (eds.) VMCAI 2012. LNCS, vol. 7148, pp. 24–38. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-27940-9_3CrossRefGoogle Scholar
  46. 46.
    Nipkow, T., Wenzel, M., Paulson, L.C. (eds.): Isabelle/HOL. LNCS, vol. 2283. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45949-9CrossRefzbMATHGoogle Scholar
  47. 47.
    Owens, S., Norrish, M., Kumar, R., Myreen, M.O., Tan, Y.K.: Verifying efficient function calls in CakeML. In: ICFP 2017, Proc. ACM Program. Lang., vol. 1, pp. 18:1–18:27. ACM (2017)Google Scholar
  48. 48.
    Théry, L.: Proof pearl: revisiting the Mini-Rubik in Coq. In: Mohamed, O.A., Muñoz, C., Tahar, S. (eds.) TPHOLs 2008. LNCS, vol. 5170, pp. 310–319. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-71067-7_25CrossRefzbMATHGoogle Scholar
  49. 49.
    Thiemann, R., Sternagel, C.: Certification of termination proofs using CeTA. In: Berghofer, S., Nipkow, T., Urban, C., Wenzel, M. (eds.) TPHOLs 2009. LNCS, vol. 5674, pp. 452–468. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03359-9_31CrossRefGoogle Scholar
  50. 50.
    Warren, H.S.: Hacker’s Delight, 2 edn. Addison-Wesley (2012)Google Scholar
  51. 51.
    Wenzel, M.: Isabelle as document-oriented proof assistant. In: Davenport, J.H., Farmer, W.M., Urban, J., Rabe, F. (eds.) CICM 2011. LNCS (LNAI), vol. 6824, pp. 244–259. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-22673-1_17CrossRefGoogle Scholar
  52. 52.
    Yu, L.: A formal model of IEEE floating point arithmetic. Archive of Formal Proofs (2013). http://isa-afp.org/entries/IEEE_Floating_Point.html, Formal proof development

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Institute of Information Security, Department of Computer ScienceETH ZurichZurichSwitzerland

Personalised recommendations