Document Open Access Logo

Candle: A Verified Implementation of HOL Light

Authors Oskar Abrahamsson, Magnus O. Myreen, Ramana Kumar, Thomas Sewell

PDF
Thumbnail PDF

File

LIPIcs.ITP.2022.3.pdf
  • Filesize: 0.61 MB
  • 17 pages

Document Identifiers

Author Details

Oskar Abrahamsson
  • Chalmers University of Technology, Gothenburg, Sweden
Magnus O. Myreen
  • Chalmers University of Technology, Gothenburg, Sweden
Ramana Kumar
  • London, UK
Thomas Sewell
  • University of Cambridge, UK

Funding

  • Abrahamsson, Oskar: Swedish Foundation for Strategic Research.
  • Myreen, Magnus O.: Swedish Foundation for Strategic Research.

Acknowledgements

We want to thank Freek Wiedijk and Yong Kiam Tan. We are grateful for Freek Wiedijk’s question at ITP'11. Following a presentation about the verification of a runtime for Milawa [Magnus O. Myreen and Jared Davis, 2011] at ITP'11, Wiedijk asked: "Can you do the same for HOL Light, please?" Wiedijk’s question can be seen as the seed that set us thinking about the possibility of a verified HOL Light implementation and eventually lead us to construct the verified Candle ITP, presented in this paper. We want to thank Yong Kiam Tan for helping with some proofs involving the the CakeML type inferencer. These proofs were part of the proof of safety of CakeML’s new read-eval-print loop.

Cite AsGet BibTex

Oskar Abrahamsson, Magnus O. Myreen, Ramana Kumar, and Thomas Sewell. Candle: A Verified Implementation of HOL Light. In 13th International Conference on Interactive Theorem Proving (ITP 2022). Leibniz International Proceedings in Informatics (LIPIcs), Volume 237, pp. 3:1-3:17, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2022)
https://doi.org/10.4230/LIPIcs.ITP.2022.3

Abstract

This paper presents a fully verified interactive theorem prover for higher-order logic, more specifically: a fully verified clone of HOL Light. Our verification proof of this new system results in an end-to-end correctness theorem that guarantees the soundness of the entire system down to the machine code that executes at runtime. Our theorem states that every exported fact produced by this machine-code program is valid in higher-order logic. Our implementation consists of a read-eval-print loop (REPL) that executes the CakeML compiler internally. Throughout this work, we have strived to make the REPL of the new system provide a user experience as close to HOL Light’s as possible. To this end, we have, e.g., made the new system parse the same variant of OCaml syntax as HOL Light. All of the work described in this paper has been carried out in the HOL4 theorem prover.

Subject Classification

ACM Subject Classification
  • Software and its engineering → Software verification
Keywords
  • Prover soundness
  • Higher-order logic
  • Interactive theorem proving

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads
    0
    Metadata Views

Supplementary Materials

References

  1. Abhishek Anand and Vincent Rahli. Towards a formally verified proof assistant. In Gerwin Klein and Ruben Gamboa, editors, Interactive Theorem Proving (ITP), volume 8558 of LNCS. Springer, 2014. URL: https://doi.org/10.1007/978-3-319-08970-6_3.
  2. Bruno Barras. Sets in Coq, Coq in sets. J. Formaliz. Reason., 3(1), 2010. URL: https://doi.org/10.6092/issn.1972-5787/1695.
  3. Mario Carneiro. Specifying verified x86 software from scratch. CoRR, abs/1907.01283, 2019. URL: http://arxiv.org/abs/1907.01283.
  4. Mario Carneiro. Metamath Zero: Designing a theorem prover prover. In Christoph Benzmüller and Bruce R. Miller, editors, Intelligent Computer Mathematics (CICM), volume 12236 of LNCS. Springer, 2020. URL: https://doi.org/10.1007/978-3-030-53518-6_5.
  5. Jared Davis and Magnus O. Myreen. The reflective Milawa theorem prover is sound (down to the machine code that runs it). J. Autom. Reason., 55(2):117-183, 2015. URL: https://doi.org/10.1007/s10817-015-9324-6.
  6. Arve Gengelbach and Johannes Åman Pohjola. A verified cyclicity checker. In Interactive Theorem Proving (ITP). LIPIcs, 2022. Google Scholar
  7. Arve Gengelbach, Johannes Åman Pohjola, and Tjark Weber. Mechanisation of model-theoretic conservative extension for HOL with ad-hoc overloading. In Claudio Sacerdoti Coen and Alwen Tiu, editors, Logical Frameworks and Meta-Languages: Theory and Practice (LFMTP), volume 332 of EPTCS, 2020. URL: https://doi.org/10.4204/EPTCS.332.1.
  8. John Harrison. Towards self-verification of HOL Light. In Ulrich Furbach and Natarajan Shankar, editors, Automated Reasoning (IJCAR), volume 4130 of LNCS. Springer, 2006. URL: https://doi.org/10.1007/11814771_17.
  9. Ramana Kumar, Rob Arthan, Magnus O. Myreen, and Scott Owens. Self-formalisation of higher-order logic - semantics, soundness, and a verified implementation. J. Autom. Reason., 56(3):221-259, 2016. URL: https://doi.org/10.1007/s10817-015-9357-x.
  10. Magnus O. Myreen and Jared Davis. A verified runtime for a verified theorem prover. In Marko C. J. D. van Eekelen, Herman Geuvers, Julien Schmaltz, and Freek Wiedijk, editors, Interactive Theorem Proving (ITP), volume 6898 of LNCS. Springer, 2011. URL: https://doi.org/10.1007/978-3-642-22863-6_20.
  11. Magnus O. Myreen and Scott Owens. Proof-producing translation of higher-order logic into pure and stateful ML. J. Funct. Program., 24(2-3), 2014. URL: https://doi.org/10.1017/S0956796813000282.
  12. Tobias Nipkow and Simon Roßkopf. Isabelle’s metalogic: Formalization and proof checker. In André Platzer and Geoff Sutcliffe, editors, Automated Deduction (CADE), volume 12699 of LNCS. Springer, 2021. URL: https://doi.org/10.1007/978-3-030-79876-5_6.
  13. Johannes Åman Pohjola and Arve Gengelbach. A mechanised semantics for HOL with ad-hoc overloading. In Elvira Albert and Laura Kovács, editors, Logic for Programming, Artificial Intelligence and Reasoning (LPAR), volume 73 of EPiC Series in Computing. EasyChair, 2020. URL: https://doi.org/10.29007/413d.
  14. Konrad Slind and Michael Norrish. A brief overview of HOL4. In Otmane Aït Mohamed, César A. Muñoz, and Sofiène Tahar, editors, Theorem Proving in Higher Order Logics (TPHOLs), volume 5170 of LNCS. Springer, 2008. URL: https://doi.org/10.1007/978-3-540-71067-7_6.
  15. Matthieu Sozeau, Simon Boulier, Yannick Forster, Nicolas Tabareau, and Théo Winterhalter. Coq Coq correct! verification of type checking and erasure for Coq, in Coq. Proc. ACM Program. Lang., 4(POPL), 2020. URL: https://doi.org/10.1145/3371076.
  16. Yong Kiam Tan, Scott Owens, and Ramana Kumar. A verified type system for CakeML. In Ralf Lämmel, editor, Implementation and Application of Functional Programming Languages (IFL). ACM, 2015. URL: https://doi.org/10.1145/2897336.2897344.
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail
© 2023-2024 Schloss Dagstuhl – LZI GmbH Imprint Privacy Contact