[bug#38605] [WIP MLton 0/1] Add MLton

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#38605] [WIP MLton 0/1] Add MLton

From:	Brett Gilio
Subject:	[bug#38605] [WIP MLton 0/1] Add MLton
Date:	Fri, 20 Dec 2019 22:56:24 -0600
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux)

Ludovic Courtès <address@hidden> writes:

> Hi,
>
> zimoun <address@hidden> skribis:
>
>> On Tue, 17 Dec 2019 at 03:21, Brett Gilio <address@hidden> wrote:
>>
>>> I may be misspeaking, but I think CakeML is formally verified in HOL
>>> which bootstraps against PolyML or SMLnj, and also requires MLton. So
>>> the issue of cyclic binary-derived bootstrapping remains an issue. This
>>
>> I have not checked myself and if I understand well your point: CakeML
>> requires one PolyML binary to bootstrap (see Bootstrapping locally in
>> [1] which points to [2]). And this PolyML binary is not small and
>> requires other not-so-small binaries to be produced. And I am not
>> talking about the HOL part. So their claim that CakeML bootstraps
>> really depends on how is defined "bootstrap". :-)
>
> Their claim is summarized on the home page (emphasis mine):
>
>   The CakeML compiler has been bootstrapped inside HOL.  By bootstrapped
>   we mean that the compiler has compiled itself. […] The result is a
>   verified binary that _provably_ implements the compiler itself
>
> IOW, their approach is to provide a formal proof that a given byte
> stream corresponds to the given source code.
>
> This approach is very different from everything we’ve been doing so
> far.  In essence, we’ve been focusing on building everything from
> source, with the assumption that source code is auditable.
>
> Instead of doing that, they formally provide the source/binary
> correspondence, which is much stronger.  Once you have this proof, it
> doesn’t matter how HOL or PolyML or any other dependency is built, AIUI.
>
> In theory, HOL could be the target of a trusting-trust attack.  But then
> again, one could very well check it with paper-and-pen or with HOL plus
> manual verification.
>
> Food for thought!
>
> Ludo’.
>
>
>
>

I kind of wonder if their method of having a HOL-implemented proof for
their source/binary bytestream is a possibility for GNU Guix in the
future? It makes for an interesting speculation, especially for
system-level proofs of blob trust.

Bandli?

-- 
Brett M. Gilio
GNU Guix, Contributor | GNU Project, Webmaster
[DFC0 C7F7 9EE6 0CA7 AE55 5E19 6722 43C4 A03F 0EEE]
<address@hidden> <address@hidden>

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#38605] [WIP MLton 0/1] Add MLton, Brett Gilio, 2019/12/13
- [bug#38605] [WIP MLton 1/1] gnu: Add mlton., Brett Gilio, 2019/12/13
- [bug#38605] [WIP MLton 0/1] Add MLton, Ludovic Courtès, 2019/12/14
  - [bug#38605] [WIP MLton 0/1] Add MLton, Brett Gilio, 2019/12/15
    - [bug#38605] [WIP MLton 0/1] Add MLton, Ludovic Courtès, 2019/12/16
    - [bug#38605] [WIP MLton 0/1] Add MLton, zimoun, 2019/12/16
    - [bug#38605] [WIP MLton 0/1] Add MLton, Ludovic Courtès, 2019/12/16
    - [bug#38605] [WIP MLton 0/1] Add MLton, Brett Gilio, 2019/12/16
    - [bug#38605] [WIP MLton 0/1] Add MLton, zimoun, 2019/12/17
    - [bug#38605] [WIP MLton 0/1] Add MLton, Ludovic Courtès, 2019/12/18
    - [bug#38605] [WIP MLton 0/1] Add MLton, Brett Gilio <=

Prev by Date: [bug#38679] [PATCH] gnu: add geary.
Next by Date: bug#38682: [PATCH] gnu: Add emacs-punpun-theme.
Previous by thread: [bug#38605] [WIP MLton 0/1] Add MLton
Next by thread: [bug#38606] [WIP SMLnj 0/1] Add SMLnj.
Index(es):
- Date
- Thread