Formal Verification of Programs and Their Transformations

Formal verification is an act of using formal methods to check the correctness of intended programs. The verification is done by providing a formal proof on an abstract mathematical model of the program, with respect to a certain formal specification or property. We present three case studies on using formal methods to verify programs and their transformations: (1) we use term rewriting and theorem proving to construct and validate a compiler from logic specifications to ARM assembly code; the equivalence of a source specification and the generated assembly code is proven mechanically with respect to the formal semantics; (2) we model, in an “executable” declarative language TLA+, the Message Passing Interface (MPI) 2.0 library as well as C programs using MPI calls for parallel computations; and use explicit model checking to check the specifications and programs; and (3) we model CUDA kernel programs as symbolic logical formulas, and use constraint solving to automatically reason about these Graphics Processing Unit (GPU) kernels. We have built a couple of unique verification tools to check intrinsic properties (e.g. race freedom for concurrent programs and translation correctness for compilers) and user-defined properties (e.g. functional correctness). Specifically, the presented compiler is the first trusted compiler translating logic specifications embedded in a theorem prover to low-level code; the MPI specification is the first attempt to provide executable semantics for a comprehensive set of message passing Application Programming Interfaces (APIs); and the CUDA verifier is the only existing formal symbolic checker for GPU kernel programs.