Calculating Correct Compilers Patrick Bahr 1 Graham Hutton 2 1 - - PowerPoint PPT Presentation

calculating correct compilers
SMART_READER_LITE
LIVE PREVIEW

Calculating Correct Compilers Patrick Bahr 1 Graham Hutton 2 1 - - PowerPoint PPT Presentation

Jan 29, 2023 18 likes •792 views

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e Faculty of Science Calculating Correct Compilers Patrick Bahr 1 Graham Hutton 2 1 University of Copenhagen, Department of Computer Science

slide-1
SLIDE 1

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Faculty of Science

Calculating Correct Compilers

Patrick Bahr1 Graham Hutton2

1University of Copenhagen,

Department of Computer Science paba@diku.dk

2University of Nottingham,

Functional Programming Laboratory graham.hutton@nottingham.ac.uk

IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 1

slide-2
SLIDE 2

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Goal Calculate a compiler that is correct by construction

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 2

slide-3
SLIDE 3

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Goal Calculate a compiler that is correct by construction:

  • Derive compiler implementation from

denotational semantics

  • Derivation by formal calculations

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 2

slide-4
SLIDE 4

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Goal Calculate a compiler that is correct by construction:

  • Derive compiler implementation from

denotational semantics

  • Derivation by formal calculations
  • Result: compiler + virtual machine

+ correctness proof

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 2

slide-5
SLIDE 5

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Background

Reasoning about compilers, Hutton & Wright

  • Verifying a compiler for a simple language with exceptions

(MPC ’04)

  • Calculating an abstract machine that is correct by

construction (TFP ’05)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 3

slide-6
SLIDE 6

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Background

Reasoning about compilers, Hutton & Wright

  • Verifying a compiler for a simple language with exceptions

(MPC ’04)

  • Calculating an abstract machine that is correct by

construction (TFP ’05)

Last 2.1 meeting, Hutton & Danielsson

  • Calculating a compiler for a simple language with exceptions
  • Use of dependent types during the calculation

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 3

slide-7
SLIDE 7

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

This Talk: A Simplified Approach

  • simple calculations without the need for dependent types
  • little prior knowledge needed

(e.g. “Target machine has a stack.”)

  • scales to wide variety of language features

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 4

slide-8
SLIDE 8

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

This Talk: A Simplified Approach

  • simple calculations without the need for dependent types
  • little prior knowledge needed

(e.g. “Target machine has a stack.”)

  • scales to wide variety of language features:
  • arithmetic expressions
  • exceptions (synchronous and asynchronous)
  • state (global and local)
  • lambda calculi (call-by-value, call-by-name, call-by-need)
  • loops (bounded and unbounded)
  • non-determinism

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 4

slide-9
SLIDE 9

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

This Talk: A Simplified Approach

  • simple calculations without the need for dependent types
  • little prior knowledge needed

(e.g. “Target machine has a stack.”)

  • scales to wide variety of language features:
  • arithmetic expressions
  • exceptions (synchronous and asynchronous)
  • state (global and local)
  • lambda calculi (call-by-value, call-by-name, call-by-need)
  • loops (bounded and unbounded)
  • non-determinism
  • Underlying techniques: continuation-passing style &

defunctionalisation (Reynolds, 1972)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 4

slide-10
SLIDE 10

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

How Does it Work? Calculate a Compiler in 3 Steps:

1 Define evaluation function in

compositional manner. Semantics CPS + Stack Compiler VM

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 5

slide-11
SLIDE 11

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

How Does it Work? Calculate a Compiler in 3 Steps:

1 Define evaluation function in

compositional manner.

2 Calculate a version that uses a stack

and continuations. Semantics CPS + Stack Compiler VM

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 5

slide-12
SLIDE 12

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

How Does it Work? Calculate a Compiler in 3 Steps:

1 Define evaluation function in

compositional manner.

2 Calculate a version that uses a stack

and continuations.

3 Defunctionalise to produce a compiler

& virtual machine. Semantics CPS + Stack Compiler VM

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 5

slide-13
SLIDE 13

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Toy Example: Simple Arithmetic Language

Step 1: Semantics of the language

Syntax

data Expr = Val Int | Add Expr Expr

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 6

slide-14
SLIDE 14

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Toy Example: Simple Arithmetic Language

Step 1: Semantics of the language

Syntax

data Expr = Val Int | Add Expr Expr

Semantics

eval :: Expr → Int eval (Val n) = n eval (Add x y) = eval x + eval y

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 6

slide-15
SLIDE 15

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 2: Transformation into CPS

Type Definitions

type Stack = [Int ] type Cont = Stack → Stack

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 7

slide-16
SLIDE 16

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 2: Transformation into CPS

Type Definitions

type Stack = [Int ] type Cont = Stack → Stack evalC :: Expr → Cont → Cont

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 7

slide-17
SLIDE 17

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 2: Transformation into CPS

Type Definitions

type Stack = [Int ] type Cont = Stack → Stack evalC :: Expr → Cont → Cont

Specification

evalC e c s = c (eval e : s)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 7

slide-18
SLIDE 18

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 2: Transformation into CPS

Type Definitions

type Stack = [Int ] type Cont = Stack → Stack evalC :: Expr → Cont → Cont

Specification

evalC e c s = c (eval e : s) Constructive induction: “prove” specification by induction on e

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 7

slide-19
SLIDE 19

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 2: Transformation into CPS

Type Definitions

type Stack = [Int ] type Cont = Stack → Stack evalC :: Expr → Cont → Cont

Specification

evalC e c s = c (eval e : s) Constructive induction: “prove” specification by induction on e definition of evalC

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 7

slide-20
SLIDE 20

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

The easy case: Val

evalC (Val n) c s

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 8

slide-21
SLIDE 21

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

The easy case: Val

evalC (Val n) c s = { specification of evalC } c (eval (Val n) : s)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 8

slide-22
SLIDE 22

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

The easy case: Val

evalC (Val n) c s = { specification of evalC } c (eval (Val n) : s) evalC e c s = c (eval e : s)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 8

slide-23
SLIDE 23

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

The easy case: Val

evalC (Val n) c s = { specification of evalC } c (eval (Val n) : s) = { definition of eval } c (n : s)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 8

slide-24
SLIDE 24

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

The easy case: Val

evalC (Val n) c s = { specification of evalC } c (eval (Val n) : s) = { definition of eval } c (n : s) eval (Val n) = n

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 8

slide-25
SLIDE 25

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

The easy case: Val

evalC (Val n) c s = { specification of evalC } c (eval (Val n) : s) = { definition of eval } c (n : s) = { define: push n c s = c (n : s) } push n c s

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 8

slide-26
SLIDE 26

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

The interesting case: Add

evalC (Add x y) c s

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 9

slide-27
SLIDE 27

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

The interesting case: Add

evalC (Add x y) c s = { specification of evalC } c (eval (Add x y) : s)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 9

slide-28
SLIDE 28

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

The interesting case: Add

evalC (Add x y) c s = { specification of evalC } c (eval (Add x y) : s) evalC e c s = c (eval e : s)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 9

slide-29
SLIDE 29

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

The interesting case: Add

evalC (Add x y) c s = { specification of evalC } c (eval (Add x y) : s) = { definition of eval } c ((eval x + eval y) : s)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 9

slide-30
SLIDE 30

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

The interesting case: Add

evalC (Add x y) c s = { specification of evalC } c (eval (Add x y) : s) = { definition of eval } c ((eval x + eval y) : s) eval (Add x y) = eval x + eval y

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 9

slide-31
SLIDE 31

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

The interesting case: Add

evalC (Add x y) c s = { specification of evalC } c (eval (Add x y) : s) = { definition of eval } c ((eval x + eval y) : s) Induction Hypothesis For all c′ and s′: evalC x c′ s′ = c′ (eval x : s′) evalC y c′ s′ = c′ (eval y : s′)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 9

slide-32
SLIDE 32

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

The interesting case: Add

evalC (Add x y) c s = { specification of evalC } c (eval (Add x y) : s) = { definition of eval } c ((eval x + eval y) : s) = { define: add c (n : m : s) = c ((m + n) : s) } add c (eval y : eval x : s)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 9

slide-33
SLIDE 33

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

The interesting case: Add

evalC (Add x y) c s = { specification of evalC } c (eval (Add x y) : s) = { definition of eval } c ((eval x + eval y) : s) = { define: add c (n : m : s) = c ((m + n) : s) } add c (eval y : eval x : s) = { induction hypothesis for y } evalC y (add c) (eval x : s) evalC y c′ s′ = c′ (eval y : s′)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 9

slide-34
SLIDE 34

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

The interesting case: Add

evalC (Add x y) c s = { specification of evalC } c (eval (Add x y) : s) = { definition of eval } c ((eval x + eval y) : s) = { define: add c (n : m : s) = c ((m + n) : s) } add c (eval y : eval x : s) = { induction hypothesis for y } evalC y (add c) (eval x : s) = { induction hypothesis for x } evalC x (evalC y (add c)) s evalC x c′ s′ = c′ (eval x : s′)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 9

slide-35
SLIDE 35

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 2: Transformation into CPS (cont.)

Derived definition

evalC :: Expr → Cont → Cont evalC (Val n) c s = push n c s evalC (Add x y) c s = evalC x (evalC y (add c)) s

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 10

slide-36
SLIDE 36

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 2: Transformation into CPS (cont.)

Derived definition

evalC :: Expr → Cont → Cont evalC (Val n) c = push n c evalC (Add x y) c = evalC x (evalC y (add c))

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 10

slide-37
SLIDE 37

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 2: Transformation into CPS (cont.)

Derived definition

evalC :: Expr → Cont → Cont evalC (Val n) c = push n c evalC (Add x y) c = evalC x (evalC y (add c)) push :: Int → Cont → Cont push n c s = c (n : s) add :: Cont → Cont add c (n : m : s) = c ((m + n) : s)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 10

slide-38
SLIDE 38

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 2: Transformation into CPS (cont.)

Derived definition

evalC :: Expr → Cont → Cont evalC (Val n) c = push n c evalC (Add x y) c = evalC x (evalC y (add c)) push :: Int → Cont → Cont push n c s = c (n : s) add :: Cont → Cont add c (n : m : s) = c ((m + n) : s)

Identity continuation

evalS :: Expr → Cont evalS e = evalC e halt halt :: Cont halt s = s

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 10

slide-39
SLIDE 39

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 3: Defunctionalisation

evalS :: Expr → Cont evalS e = evalC e halt evalC :: Expr → Cont → Cont evalC (Val n) c = push n c evalC (Add x y) c = evalC x (evalC y (add c)) halt :: Cont push :: Int → Cont → Cont add :: Cont → Cont

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 11

slide-40
SLIDE 40

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 3: Defunctionalisation

evalS :: Expr → Cont evalS e = evalC e halt evalC :: Expr → Cont → Cont evalC (Val n) c = push n c evalC (Add x y) c = evalC x (evalC y (add c)) data Code where HALT :: Code PUSH :: Int → Code → Code ADD :: Code → Code

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 11

slide-41
SLIDE 41

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 3: Defunctionalisation

evalS :: Expr → Cont evalS e = evalC e halt evalC :: Expr → Cont → Cont evalC (Val n) c = push n c evalC (Add x y) c = evalC x (evalC y (add c)) data Code where HALT :: Code PUSH :: Int → Code → Code ADD :: Code → Code Or equivalently: data Code = HALT | PUSH Int Code | ADD Code Code

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 11

slide-42
SLIDE 42

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 3: Defunctionalisation

evalS :: Expr → Code evalS e = evalC e HALT evalC :: Expr → Code → Code evalC (Val n) c = PUSH n c evalC (Add x y) c = evalC x (evalC y (ADD c)) data Code where HALT :: Code PUSH :: Int → Code → Code ADD :: Code → Code Or equivalently: data Code = HALT | PUSH Int Code | ADD Code Code

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 11

slide-43
SLIDE 43

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 3: Defunctionalisation

comp :: Expr → Code comp e = comp’ e HALT comp’ :: Expr → Code → Code comp’ (Val n) c = PUSH n c comp’ (Add x y) c = comp’ x (comp’ y (ADD c)) data Code where HALT :: Code PUSH :: Int → Code → Code ADD :: Code → Code Or equivalently: data Code = HALT | PUSH Int Code | ADD Code Code

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 11

slide-44
SLIDE 44

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 3: Defunctionalisation

comp :: Expr → Code comp e = comp’ e HALT comp’ :: Expr → Code → Code comp’ (Val n) c = PUSH n c comp’ (Add x y) c = comp’ x (comp’ y (ADD c)) data Code where HALT :: Code PUSH :: Int → Code → Code ADD :: Code → Code

Example

comp (Val 1 ‘Add‘ Val 2) PUSH 1 $ PUSH 2 $ ADD $ HALT

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 11

slide-45
SLIDE 45

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 3: Defunctionalisation (cont.)

data Code where HALT :: Code PUSH :: Int → Code → Code ADD :: Code → Code Type Code represents the function type Cont (= Stack → Stack).

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 12

slide-46
SLIDE 46

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 3: Defunctionalisation (cont.)

data Code where HALT :: Code PUSH :: Int → Code → Code ADD :: Code → Code Type Code represents the function type Cont (= Stack → Stack).

Interpretation function

exec :: Code → Cont exec HALT = halt exec (PUSH n c) = push n (exec c) exec (ADD c) = add (exec c)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 12

slide-47
SLIDE 47

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 3: Defunctionalisation (cont.)

data Code where HALT :: Code PUSH :: Int → Code → Code ADD :: Code → Code Type Code represents the function type Cont (= Stack → Stack).

Interpretation function

exec :: Code → Cont exec HALT s = s exec (PUSH n c) s = exec c (n : s) exec (ADD c) (n : m : s) = exec c ((m + n) : s)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 12

slide-48
SLIDE 48

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Step 3: Defunctionalisation (cont.)

data Code where HALT :: Code PUSH :: Int → Code → Code ADD :: Code → Code Type Code represents the function type Cont (= Stack → Stack).

Virtual Machine

exec :: Code → Cont exec HALT s = s exec (PUSH n c) s = exec c (n : s) exec (ADD c) (n : m : s) = exec c ((m + n) : s)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 12

slide-49
SLIDE 49

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Compiler Correctness

evalC e c s = c (eval e : s) (Specification)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 13

slide-50
SLIDE 50

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Compiler Correctness

evalC e c s = c (eval e : s) (Specification) proved by constructive induction

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 13

slide-51
SLIDE 51

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Compiler Correctness

evalC e c s = c (eval e : s) (Specification) exec (comp e) s = evalS e s (Defunctionalisation)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 13

slide-52
SLIDE 52

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Compiler Correctness

evalC e c s = c (eval e : s) (Specification) exec (comp e) s = evalS e s (Defunctionalisation) evalS e = evalC e halt (Definition of evalS)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 13

slide-53
SLIDE 53

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Compiler Correctness

evalC e c s = c (eval e : s) (Specification) exec (comp e) s = evalS e s (Defunctionalisation) evalS e = evalC e halt (Definition of evalS) exec (comp e) s = eval e : s (Compiler correctness)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 13

slide-54
SLIDE 54

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

A Language with Exceptions

Skip this

data Expr = Val Int | Add Expr Expr | Throw | Catch Expr Expr

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 14

slide-55
SLIDE 55

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

A Language with Exceptions

Skip this

data Expr = Val Int | Add Expr Expr | Throw | Catch Expr Expr eval :: Expr → Maybe Int eval (Val n) = Just n eval (Add x y) = case eval x of Nothing → Nothing Just n → case eval y of Nothing → Nothing Just m → Just (n + m) eval Throw = Nothing eval (Catch x h) = case eval x of Nothing → eval h Just n → Just n

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 14

slide-56
SLIDE 56

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

A Language with Exceptions

Skip this

data Expr = Val Int | Add Expr Expr | Throw | Catch Expr Expr eval :: Expr → Maybe Int eval (Val n) = Just n eval (Add x y) = case eval x of Nothing → Nothing Just n → case eval y of Nothing → Nothing Just m → Just (n + m) eval Throw = Nothing eval (Catch x h) = case eval x of Nothing → eval h Just n → Just n

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 14

slide-57
SLIDE 57

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Partial Specifications

Partial Type Definition

type Stack = [Elem] data Elem = VAL Int | . . .

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 15

slide-58
SLIDE 58

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Partial Specifications

Partial Type Definition

type Stack = [Elem] data Elem = VAL Int | . . .

Partial Specification of evalC

evalC e c s = c (eval e : s)

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 15

slide-59
SLIDE 59

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Partial Specifications

Partial Type Definition

type Stack = [Elem] data Elem = VAL Int | . . .

Partial Specification of evalC

evalC e c s = c (VAL n : s) if eval e = Just n evalC e c s = ?? if eval e = Nothing

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 15

slide-60
SLIDE 60

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Partial Specifications

Partial Type Definition

type Stack = [Elem] data Elem = VAL Int | . . .

Partial Specification of evalC

evalC e c s = c (VAL n : s) if eval e = Just n evalC e c s = fail s if eval e = Nothing where fail :: Stack → Stack is left unspecified

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 15

slide-61
SLIDE 61

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Constructive Induction: Add

Skip this

evalC (Add x y) c s = { specification } case eval x of Just n → case eval y of Just m → c (VAL (n + m) : s) Nothing → fail s Nothing → fail s = { define: add c (VAL m : VAL n : s) = c (VAL (n + m) : s) } case eval x of Just n → case eval y of Just m → add c (VAL m : VAL n : s) Nothing → fail s Nothing → fail s

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 16

slide-62
SLIDE 62

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Constructive Induction: Add (2)

case eval x of Just n → case eval y of Just m → add c (VAL m : VAL n : s) Nothing → fail s Nothing → fail s = { define: fail (VAL n : s) = fail s } case eval x of Just n → case eval y of Just m → add c (VAL m : VAL n : s) Nothing → fail (VAL n : s) Nothing → fail s = { induction hypothesis for y } case eval x of Just n → evalC y (add c) (VAL n : s) Nothing → fail s = { induction hypothesis for x } evalC x (evalC y (add c)) s

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 17

slide-63
SLIDE 63

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Constructive Induction: Catch

Skip this

evalC (Catch x h) c s = { specification } case eval x of Just n → c (VAL n : s) Nothing → case eval h of Just m → c (VAL m : s) Nothing → fail s = { induction hypothesis for h } case eval x of Just n → c (VAL n : s) Nothing → evalC h c s

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 18

slide-64
SLIDE 64

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Constructive Induction: Catch (2)

case eval x of Just n → c (VAL n : s) Nothing → evalC h c s = { define: fail (HAN c′ : s) = c′ s } case eval x of Just n → c (VAL n : s) Nothing → fail (HAN (evalC h c) : s) = { define: unmark c (VAL n : HAN : s) = c (VAL n : s) } case eval x of Just n → unmark c (VAL n : HAN (evalC h c) : s) Nothing → fail (HAN (evalC h c) : s) = { induction hypothesis for x } evalC x (unmark c) (HAN (evalC h c) : s) = { define: mark c′ c s = c (HAN c′ : s) } mark (evalC h c) (evalC x (unmark c)) s

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 19

slide-65
SLIDE 65

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Resulting Compiler

comp :: Expr → Code comp e = comp′ e HALT comp′ :: Expr → Code → Code comp′ (Val n) c = PUSH n c comp′ (Add x y) c = comp′ x (comp′ y (ADD c)) comp′ Throw c = FAIL comp′ (Catch x h) c = MARK (comp′ h c) (comp′ x (UNMARK c))

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 20

slide-66
SLIDE 66

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Resulting Virtual Machine

exec :: Code → Cont exec (PUSH n c) s = exec c (VAL n : s) exec (MARK h c) s = exec c (HAN h : s) . . . exec FAIL s = fail s

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 21

slide-67
SLIDE 67

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Resulting Virtual Machine

exec :: Code → Cont exec (PUSH n c) s = exec c (VAL n : s) exec (MARK h c) s = exec c (HAN h : s) . . . exec FAIL s = fail s fail :: Cont fail (VAL n : s) = fail s fail (HAN h : s) = exec h s fail [ ] = [ ]

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 21

slide-68
SLIDE 68

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Key Techniques

  • transformation into CPS semantics
  • defunctionalisation of CPS semantics

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 22

slide-69
SLIDE 69

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Key Techniques

  • transformation into CPS semantics
  • defunctionalisation of CPS semantics
  • foundation

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 22

slide-70
SLIDE 70

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Key Techniques

  • transformation into CPS semantics
  • defunctionalisation of CPS semantics
  • foundation
  • partial specifications
  • fixpoint induction
  • defunctionalisation of semantics

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 22

slide-71
SLIDE 71

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Key Techniques

  • transformation into CPS semantics
  • defunctionalisation of CPS semantics
  • foundation
  • partial specifications ⇐ reduce required prior knowledge
  • fixpoint induction
  • defunctionalisation of semantics

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 22

slide-72
SLIDE 72

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Key Techniques

  • transformation into CPS semantics
  • defunctionalisation of CPS semantics
  • foundation
  • partial specifications ⇐ reduce required prior knowledge
  • fixpoint induction ⇐ for recursion and loops
  • defunctionalisation of semantics

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 22

slide-73
SLIDE 73

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Key Techniques

  • transformation into CPS semantics
  • defunctionalisation of CPS semantics
  • foundation
  • partial specifications ⇐ reduce required prior knowledge
  • fixpoint induction ⇐ for recursion and loops
  • defunctionalisation of semantics ⇐ for lambda calculi

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 22

slide-74
SLIDE 74

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Summary

  • simple, goal-oriented calculations; no magic*
  • little prior knowledge needed

(by using partial specifications)

  • full correctness proof
  • scales to wide variety of language features

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 23

slide-75
SLIDE 75

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Summary

  • simple, goal-oriented calculations; no magic*
  • little prior knowledge needed

(by using partial specifications)

  • full correctness proof
  • scales to wide variety of language features
  • arithmetic
  • exceptions (synchronous, asynchronous)
  • state (local, global)
  • lambda calculi (call-by-value, -name, -need)
  • loops (bounded, unbounded)
  • non-determinism

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 23

slide-76
SLIDE 76

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Summary

  • simple, goal-oriented calculations; no magic*
  • little prior knowledge needed

(by using partial specifications)

  • full correctness proof
  • scales to wide variety of language features
  • arithmetic
  • exceptions (synchronous, asynchronous)
  • state (local, global)
  • lambda calculi (call-by-value, -name, -need)
  • loops (bounded, unbounded)
  • non-determinism
  • formalisation in Coq

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 23

slide-77
SLIDE 77

u n i v e r s i t y o f c o p e n h a g e n d e p a r t m e n t o f c o m p u t e r s c i e n c e

Ongoing and Future Work

  • Simplify reasoning for “cyclic” features (recursion, loops)
  • Simplify reasoning for register machines
  • Support for sharing (i.e. graph structures)
  • Abstraction over effects
  • Derivation of compilers for fixed instruction sets

Patrick Bahr, Graham Hutton — Calculating Correct Compilers — IFIP Working Group 2.1 Meeting, 24th-28th March, 2014 Slide 24