Results 1  10
of
19
Compiling with Proofs
, 1998
"... One of the major challenges of building software systems is to ensure that the various components fit together in a welldefined manner. This problem is exacerbated by the recent advent of software components whose origin is unknown or inherently untrusted, such as mobile code or user extensions ..."
Abstract

Cited by 141 (9 self)
 Add to MetaCart
One of the major challenges of building software systems is to ensure that the various components fit together in a welldefined manner. This problem is exacerbated by the recent advent of software components whose origin is unknown or inherently untrusted, such as mobile code or user extensions for operatingsystem kernels or database servers. Such extensions are useful for implementing an e#cient interaction model between a client and a server because several data exchanges between them can be saved at the cost of a single code exchange. In this dissertation, I propose to tackle such system integrity and security problems with techniques from mathematical logic and programminglanguage semantics. I propose a framework, called proofcarrying code, in which the extension provider sends along with the extension code a representation of a formal proof that the code meets certain safety and correctness requirements. Then, the code receiver can ensure the safety of executing the...
Intuitionistic Model Constructions and Normalization Proofs
, 1998
"... We investigate semantical normalization proofs for typed combinatory logic and weak calculus. One builds a model and a function `quote' which inverts the interpretation function. A normalization function is then obtained by composing quote with the interpretation function. Our models are just like ..."
Abstract

Cited by 44 (7 self)
 Add to MetaCart
We investigate semantical normalization proofs for typed combinatory logic and weak calculus. One builds a model and a function `quote' which inverts the interpretation function. A normalization function is then obtained by composing quote with the interpretation function. Our models are just like the intended model, except that the function space includes a syntactic component as well as a semantic one. We call this a `glued' model because of its similarity with the glueing construction in category theory. Other basic type constructors are interpreted as in the intended model. In this way we can also treat inductively defined types such as natural numbers and Brouwer ordinals. We also discuss how to formalize terms, and show how one model construction can be used to yield normalization proofs for two different typed calculi  one with explicit and one with implicit substitution. The proofs are formalized using MartinLof's type theory as a meta language and mechanized using the A...
Generalized Semantics and Abstract Interpretation for Constraint Logic Programs
, 1995
"... We present a simple and powerful generalized algebraic semantics for constraint logic programs that is parameterized with respect to the underlying constraint system. The idea is to abstract away from standard semantic objects by focusing on the general properties of any possibly nonstandard ..."
Abstract

Cited by 38 (5 self)
 Add to MetaCart
We present a simple and powerful generalized algebraic semantics for constraint logic programs that is parameterized with respect to the underlying constraint system. The idea is to abstract away from standard semantic objects by focusing on the general properties of any possibly nonstandard  semantic definition. In constraint logic programming, this corresponds to a suitable definition of the constraint system supporting the semantic definition. An algebraic structure is introduced to formalize the notion of a constraint system, thus making classical mathematical results applicable. Both topdown and bottomup semantics are considered. Nonstandard semantics for constraint logic programs can then be formally specified using the same techniques used to define standard semantics. Different nonstandard semantics for constraint logic languages can be specified in this ...
A Provably Correct Compiler Generator
, 1992
"... We have designed, implemented, and proved the correctness of a compiler generator that accepts action semantic descriptions of imperative programming languages. The generated compilers emit absolute code for an abstract RISC machine language that currently is assembled into code for the SPARC and th ..."
Abstract

Cited by 26 (2 self)
 Add to MetaCart
We have designed, implemented, and proved the correctness of a compiler generator that accepts action semantic descriptions of imperative programming languages. The generated compilers emit absolute code for an abstract RISC machine language that currently is assembled into code for the SPARC and the HP Precision Architecture. Our machine language needs no runtime typechecking and is thus more realistic than those considered in previous compiler proofs. We use solely algebraic specifications; proofs are given in the initial model. 1 Introduction The previous approaches to proving correctness of compilers for nontrivial languages all use target code with runtime typechecking. The following semantic rule is typical for these target languages: (FIRST : C; hv 1 ; v 2 i : S) ! (C; v 1 : S) The rule describes the semantics of an instruction that extracts the first component of the topelement of the stack, provided that the topelement is a pair. If not, then it is implicit that the...
Proving the Correctness of Compiler Optimisations Based on a Global Analysis: A Study of Strictness Analysis
, 1992
"... A substantial amount of work has been devoted to the proof of correctness of various program analyses but much less attention has been paid to the correctness of compiler optimisations based on these analyses. In this paper we tackle the problem in the context of strictness analysis for lazy functio ..."
Abstract

Cited by 15 (3 self)
 Add to MetaCart
A substantial amount of work has been devoted to the proof of correctness of various program analyses but much less attention has been paid to the correctness of compiler optimisations based on these analyses. In this paper we tackle the problem in the context of strictness analysis for lazy functional languages. We show that compiler optimisations based on strictness analysis can be expressed formally in the functional framework using continuations. This formal presentation has two benefits: it allows us to give a rigorous correctness proof of the optimised compiler; and it exposes the various optimisations made possible by a strictness analysis. 1 Introduction Realistic compilers for imperative or functional languages include a number of optimisations based on nontrivial global analyses. Proving the correctness of such optimising compilers can be done in three steps: 1. proving the correctness of the original (unoptimised) compiler; Correspondence regarding this paper should be ...
An Automatically Generated and Provably Correct Compiler for a Subset of Ada
 In IEEE International Conference on Computer Languages
, 1992
"... We describe the automatic generation of a provably correct compiler for a nontrivial subset of Ada. The compiler is generated from an action semantic description; it emits absolute code for an abstract RISC machine language that currently is assembled into code for the SPARC and the HP Precision Ar ..."
Abstract

Cited by 12 (2 self)
 Add to MetaCart
We describe the automatic generation of a provably correct compiler for a nontrivial subset of Ada. The compiler is generated from an action semantic description; it emits absolute code for an abstract RISC machine language that currently is assembled into code for the SPARC and the HP Precision Architecture. The generated code is an order of magnitude better than what is produced by compilers generated by the classical systems of Mosses, Paulson, and Wand. The use of action semantics makes the processable language specification easy to read and pleasant to work with. In Proc. ICCL'92, Fourth IEEE International Conference on Computer Languages, pages 117126. 1 Introduction The purpose of a language designer's workbench, envisioned by Pleban, is to drastically improve the language design process. The major components in such a workbench are: ffl A specification language whose specifications are easily maintainable, and accessible without knowledge of the underlying theory; and f...
Machine code programs are predicates too
 Sixth Refinement Workshop
, 1994
"... I present aninterpretation of machine language programs as boolean expressions. Source language programs may also be so interpreted. The correctness of a code generator can then be expressed as a simple relationship between boolean expressions. Code generators can then be calculated from their speci ..."
Abstract

Cited by 12 (2 self)
 Add to MetaCart
I present aninterpretation of machine language programs as boolean expressions. Source language programs may also be so interpreted. The correctness of a code generator can then be expressed as a simple relationship between boolean expressions. Code generators can then be calculated from their speci cation. 1
Provably Correct Systems
, 1994
"... . The goal of the Provably Correct Systems project (ProCoS) is to develop a mathematical basis for development of embedded, realtime, computer systems. This survey paper introduces the specification languages and verification techniques for four levels of development: Requirements definition and con ..."
Abstract

Cited by 9 (3 self)
 Add to MetaCart
. The goal of the Provably Correct Systems project (ProCoS) is to develop a mathematical basis for development of embedded, realtime, computer systems. This survey paper introduces the specification languages and verification techniques for four levels of development: Requirements definition and control design; Transformation to a systems architecture with program designs and their transformation to programs; Compilation of realtime programs to conventional processors, and Compilation of programs to hardware. 1 Introduction An embedded computer system is part of a total system that is a physical process, a plant, characterized by a state that changes over real time. The role of the computer is to monitor this state through sensors and to change the state through actuators. The computer is simply a convenient device that can be instructed to manipulate a mathematical model of the physical system and state. Correctness means that the program and the hardware faithfully implement the co...
Automatic Validation of CodeImproving Transformations
 In Proceedings of the ACM SIGPLAN Workshop on Language, Compilers, and Tools for Embedded Systems
, 2000
"... Programmers of embedded systems often develop software in assembly code due to inadequate support from compilers and the need to meet critical speed and/or space constraints. Many embedded applications are being used as a component of an increasing number of critical systems. While achieving high pe ..."
Abstract

Cited by 8 (5 self)
 Add to MetaCart
Programmers of embedded systems often develop software in assembly code due to inadequate support from compilers and the need to meet critical speed and/or space constraints. Many embedded applications are being used as a component of an increasing number of critical systems. While achieving high performance for these systems is important, ensuring that these systems execute correctly is vital. One portion of this process is to ensure that codeimproving transformations applied to a program will not change the program's semantic behavior, which is jeopardized when transformations are specified manually. This paper describes a general approach for validation of many lowlevel codeimproving transformations made either by a compiler or specified by hand. Initially, we associate a region of the program representation with a codeimproving transformation. Afterwards, we calculate the region's effects on the rest of the program before and after the transformation. The transformation is cons...
The ProCoS Approach to the Design of RealTime Systems: Linking Different Formalisms
, 1996
"... This report reflects work which is partially funded by the Commission of the European Communities (CEC) under the ESPRIT programme in the field of Basic Research Project No. 7071: "ProCoS II: Provably Correct Systems" ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
This report reflects work which is partially funded by the Commission of the European Communities (CEC) under the ESPRIT programme in the field of Basic Research Project No. 7071: "ProCoS II: Provably Correct Systems"