Automating reasoning about memory safety for the Pancake language

Low-level systems programming such as device driver development is tedious and error-prone.  Pancake is a research programming language currently under development at Chalmers University of Technology, ANU, and UNSW. It comes with a formally verified compiler and is built from the ground up for predictable compilation, ease of verification and the right expressive power for low-level systems programming.

In Pancake, memory is flat and statically allocated.  The semantics of a memory access outside the allocated region is to fail; however, this is not enforced at runtime because the performance overhead of bounds checks is undesirable.

Ideally, full formal verification of a Pancake program will address memory safety anyway: a memory-unsafe program cannot be shown to not fail. Even more ideally, the proof engineer should not be burdened with this task.

The aim of this project is to prototype a way of automating proofs of memory safety for Pancake programs. This can be done in different ways: for example, by developing a type system that implies memory safety, or by developing tactics and algoritms.  Assessing these tradeoffs is part of the project.  Any output should be formulated, and ideally proven sound, in the HOL4 interactive theorem prover.