A Mechanically Verified Compiling Specification for a Lisp Compiler

We report on an ongoing effort in mechanically proving correct a compiling specification for a bootstrap compiler from ComLisp (a subset of ANSI Common Lisp suciently expressive to serve as a compiler implementation language) to binary Transputer code using the PVS system. The compilation is carried out in four steps through a series of intermediate languages. This paper focuses on the first phase, namely, the compilation of ComLisp to the stack-intermediate language SIL, where parameter passing is implemented by a stack technique. The context of this work is the joint research effort Verifix aiming at developing methods for the construction of correct compilers for realistic programming languages

A formally verified compiler back-end

This article describes the development and formal verification (proof of semantic preservation) of a compiler back-end from Cminor (a simple imperative intermediate language) to PowerPC assembly code, using the Coq proof assistant both for programming the compiler and for proving its correctness. Such a verified compiler is useful in the context of formal methods applied to the certification of critical software: the verification of the compiler guarantees that the safety properties proved on the source code hold for the executable compiled code as well

An introduction to (Co)algebras and (Co)induction and their application to the semantics of programming languages

This report summarizes operational approaches to the formal semantics of programming languages and shows that they can be interpreted inductively by least fixed points as well as coinductively by greatest fixed points. While the inductive interpretation gives semantics to all terminating programs, the coinductive one defines moreover also a semantics for all non-terminating programs. This is especially important in areas where programs do not terminate in general, e.g. data bases, operating systems, or control software in embedded systems. The semantic foundations described in this report can be used to verify that transformations (e.g. in compilers) of such software systems are correct. In the course of this report, coalgebras and coinduction are introduced, starting with a gentle intuitive motivation and ending with a detailed mathematical description within the notions of category theory

Compiler verification in the context of pervasive system verification

This thesis presents the formal verification of the compiling specification for a simple, non-optimizing compiler from the C-like programming language C0 to VAMP assembly code. The main result is a step-by-step simulation theorem between C0 programs and the compiled code (which is specified by the compiling specification). Additionally, a C0 small-step semantics and a verification methodology for VAMP assembly have been developed. This work is part of the Verisoft project which aims at the pervasive formal verification of an entire computer system. The key concept in Verisoft';s methodology is to prove properties of computer systems at the relatively abstract C0 layer and to transfer them via several intermediate layers down to the concrete hardware layer. After successful transfer of a property to the hardware layer, we can be sure that no oversimplifications have been done in the formalizations of the more abstract layers. This context of pervasive system verification imposes several special requirements to our compiler correctness theorem. In particular, the simulation theorem had to be formulated based on small-step semantics to allow for reasoning about non-terminating and interleaving programs. Another important feature is that our result incorporates resource restrictions at the hardware layer and allows to discharge them at the C0 layer. All results presented in this thesis have been formalized in the theorem prover Isabelle / HOL.Die vorliegende Arbeit befasst sich mit der formalen Verifikation des Codegenerierungsalgorithmus eines nicht optimierenden Compilers von der C-ähnlichen Sprache C0 nach VAMP Assembler. Das Hauptergebnis ist ein Schritt-für- Schritt Simulationssatz zwischen C0 Programmen und dem compilierten Code. Die Arbeit umfasst zus¨atzlich die Entwicklung einer Small-Step Semantik für C0 sowie einer Verifikationsmethodik für VAMP Assemblerprogramme. Diese Arbeit ist Teil des Verisoft Projekts, das auf die durchgängige formale Verifikation von Computersystemen abzielt. Die Methodik von Verisoft basiert auf der Verifikation von Eigenschaften eines Computersystems auf der relativ abstrakten C0 Ebene und deren anschließendem Transfer auf die konkrete Hardwareebene. Ein solcher erfolgreicher Eigenschaftstransfer garantiert, dass auf den abstrakten Ebenen keine zu starken Vereinfachungen vorgenommen worden sind. Die Einbettung in die durchgängige Verifikation von Systemen stellt zahlreiche speziellen Anforderungen an den Compilerkorrektheitssatz. Insbesondere muss der Simulationssatz auf einer Small-Step Semantik basieren, um die Behandlung von nebenläufigen und von nicht terminierenden Programmen zu ermöglichen. Eine weitere Eigenschaft ist, dass unser Resultat Ressourcenbeschränkungen auf der Hardwareebene einbezieht und deren Entlastung auf der C0 Ebene erlaubt. Alle Resultate dieser Arbeit sind im Theorembeweiser Isabelle / HOL formalisiert worden