Results 1 
9 of
9
Formal certification of a compiler backend, or: programming a compiler with a proof assistant
 IN PROC. 33RD ACM SYMPOSIUM ON PRINCIPLES OF PROGRAMMING LANGUAGES (POPL ’06
, 2006
"... This paper reports on the development and formal certification (proof of semantic preservation) of a compiler from Cminor (a Clike imperative language) to PowerPC assembly code, using the Coq proof assistant both for programming the compiler and for proving its correctness. Such a certified compile ..."
Abstract

Cited by 277 (15 self)
 Add to MetaCart
(Show Context)
This paper reports on the development and formal certification (proof of semantic preservation) of a compiler from Cminor (a Clike imperative language) to PowerPC assembly code, using the Coq proof assistant both for programming the compiler and for proving its correctness. Such a certified compiler is useful in the context of formal methods applied to the certification of critical software: the certification of the compiler guarantees that the safety properties proved on the source code hold for the executable compiled code as well.
Formal verification of a C compiler frontend
, 2006
"... This paper presents the formal verification of a compiler frontend that translates a subset of the C language into the Cminor intermediate language. The semantics of the source and target languages as well as the translation between them have been written in the specification language of the Coq pr ..."
Abstract

Cited by 70 (15 self)
 Add to MetaCart
(Show Context)
This paper presents the formal verification of a compiler frontend that translates a subset of the C language into the Cminor intermediate language. The semantics of the source and target languages as well as the translation between them have been written in the specification language of the Coq proof assistant. The proof of observational semantic equivalence between the source and generated code has been machinechecked using Coq. An executable compiler was obtained by automatic extraction of executable Caml code from the Coq specification of the translator, combined with a certified compiler backend generating PowerPC assembly code from Cminor, described in previous work.
Coinductive bigstep operational semantics
, 2006
"... This paper illustrates the use of coinductive definitions and proofs in bigstep operational semantics, enabling the latter to describe diverging evaluations in addition to terminating evaluations. We show applications to proofs of type soundness and to proofs of semantic preservation for compilers ..."
Abstract

Cited by 41 (6 self)
 Add to MetaCart
(Show Context)
This paper illustrates the use of coinductive definitions and proofs in bigstep operational semantics, enabling the latter to describe diverging evaluations in addition to terminating evaluations. We show applications to proofs of type soundness and to proofs of semantic preservation for compilers.
Formal Verification of Translation Validators  A Case Study on Instruction Scheduling Optimizations
, 2008
"... Translation validation consists of transforming a program and a posteriori validating it in order to detect a modification of its semantics. This approach can be used in a verified compiler, provided that validation is formally proved to be correct. We present two such validators and their Coq proof ..."
Abstract

Cited by 35 (5 self)
 Add to MetaCart
Translation validation consists of transforming a program and a posteriori validating it in order to detect a modification of its semantics. This approach can be used in a verified compiler, provided that validation is formally proved to be correct. We present two such validators and their Coq proofs of correctness. The validators are designed for two instruction scheduling optimizations: list scheduling and trace scheduling.
Experience with Randomized Testing in Programming Language Metatheory
, 2009
"... We explore the use of QuickCheckstyle randomized testing in programming languages metatheory, a methodology proposed to reduce development time by revealing shallow errors early, before a formal proof attempt. This exploration begins with the development of a randomized testing framework for PLT Re ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
We explore the use of QuickCheckstyle randomized testing in programming languages metatheory, a methodology proposed to reduce development time by revealing shallow errors early, before a formal proof attempt. This exploration begins with the development of a randomized testing framework for PLT Redex, a domainspecific language for specifying and debugging operational semantics. In keeping with the spirit of Redex, the framework is as lightweight as possible—the user encodes a conjecture as a predicate over the terms of the language, and guided by the structure of the language’s grammar, reduction relation, and metafunctions, Redex attempts to falsify the conjecture automatically. In addition to the details of this framework, we present a tutorial demonstrating its use and two case studies applying it to large language specifications. The first study, a postmortem, applies randomized testing to the formal semantics published with the latest revision of the Scheme language standard. Despite a community review period and a comprehensive, manuallyconstructed test suite, randomized testing in Redex revealed four bugs in the semantics. The second study presents our experience applying the tool concurrently with the development of a formal model for the MzScheme virtual machine and bytecode verifier. In addition to many errors in our formalization, randomized testing revealed six bugs in the core bytecode verification algorithm in production use. The results of these studies suggest that randomized testing is a cheap and effective technique for finding bugs in large programming language metatheories.
Journal of Automated Reasoning manuscript No.
"... (will be inserted by the editor) A listmachine benchmark for mechanized metatheory ..."
Abstract
 Add to MetaCart
(Show Context)
(will be inserted by the editor) A listmachine benchmark for mechanized metatheory
Coinductive bigstep operational semantics
, 808
"... Using a callbyvalue functional language as an example, this article illustrates the use of coinductive definitions and proofs in bigstep operational semantics, enabling it to describe diverging evaluations in addition to terminating evaluations. We formalize the connections between the coinductiv ..."
Abstract
 Add to MetaCart
(Show Context)
Using a callbyvalue functional language as an example, this article illustrates the use of coinductive definitions and proofs in bigstep operational semantics, enabling it to describe diverging evaluations in addition to terminating evaluations. We formalize the connections between the coinductive bigstep semantics and the standard smallstep semantics, proving that both semantics are equivalent. We then study the use of coinductive bigstep semantics in proofs of type soundness and proofs of semantic preservation for compilers. A methodological originality of this paper is that all results have been proved using the Coq proof assistant. We explain the prooftheoretic presentation of coinductive definitions and proofs offered by Coq, and show that it facilitates the discovery and the presentation of the results.