Results 1  10
of
17
A formally verified compiler backend
, 2008
"... This article describes the development and formal verification (proof of semantic preservation) of a compiler backend from Cminor (a simple imperative intermediate language) to PowerPC assembly code, using the Coq proof assistant both for programming the compiler and for proving its correctness. Su ..."
Abstract

Cited by 59 (12 self)
 Add to MetaCart
This article describes the development and formal verification (proof of semantic preservation) of a compiler backend from Cminor (a simple imperative intermediate language) to PowerPC assembly code, using the Coq proof assistant both for programming the compiler and for proving its correctness. Such a verified compiler is useful in the context of formal methods applied to the certification of critical software: the verification of the compiler guarantees that the safety properties proved on the source code hold for the executable compiled code as well. Categories and Subject Descriptors: F.3.1 [Logics and meanings of programs]: Specifying and verifying and reasoning about programs—Mechanical verification; D.2.4 [Software engineering]: Software/program verification—Correctness proofs, formal methods, reliability; D.3.4 [Programming languages]: Processors—Compilers, optimization
Formal Verification of Translation Validators  A Case Study on Instruction Scheduling Optimizations
, 2008
"... Translation validation consists of transforming a program and a posteriori validating it in order to detect a modification of its semantics. This approach can be used in a verified compiler, provided that validation is formally proved to be correct. We present two such validators and their Coq proof ..."
Abstract

Cited by 24 (4 self)
 Add to MetaCart
Translation validation consists of transforming a program and a posteriori validating it in order to detect a modification of its semantics. This approach can be used in a verified compiler, provided that validation is formally proved to be correct. We present two such validators and their Coq proofs of correctness. The validators are designed for two instruction scheduling optimizations: list scheduling and trace scheduling.
Finding lexicographic orders for termination proofs in Isabelle/HOL
 Theorem Proving in Higher Order Logics: TPHOLs 2007, volume 4732 of Lecture Notes in Computer Science
, 2007
"... Abstract. We present a simple method to formally prove termination of recursive functions by searching for lexicographic combinations of size measures. Despite its simplicity, the method turns out to be powerful enough to solve a large majority of termination problems encountered in daily theorem pr ..."
Abstract

Cited by 15 (5 self)
 Add to MetaCart
Abstract. We present a simple method to formally prove termination of recursive functions by searching for lexicographic combinations of size measures. Despite its simplicity, the method turns out to be powerful enough to solve a large majority of termination problems encountered in daily theorem proving practice. 1
Partial recursive functions in higherorder logic
 Int. Joint Conference on Automated Reasoning (IJCAR 2006), LNCS
, 2006
"... Abstract. Based on inductive definitions, we develop an automated tool for defining partial recursive functions in HigherOrder Logic and providing appropriate reasoning tools for them. Our method expresses termination in a uniform manner and includes a very general form of pattern matching, where p ..."
Abstract

Cited by 12 (2 self)
 Add to MetaCart
Abstract. Based on inductive definitions, we develop an automated tool for defining partial recursive functions in HigherOrder Logic and providing appropriate reasoning tools for them. Our method expresses termination in a uniform manner and includes a very general form of pattern matching, where patterns can be arbitrary expressions. Termination proofs can be deferred, restricted to subsets of arguments and are interchangeable with other proofs about the function. We show that this approach can also facilitate termination arguments for total functions, in particular for nested recursions. We implemented our tool as a definitional specification mechanism for Isabelle/HOL. 1
Recursive definitions of monadic functions
 In Proc. of PAR 2010
, 2010
"... Using standard domaintheoretic fixedpoints, we present an approach for defining recursive functions that are formulated in monadic style. The method works both in the simple option monad and the stateexception monad of Isabelle/HOL’s imperative programming extension, which results in a convenient ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Using standard domaintheoretic fixedpoints, we present an approach for defining recursive functions that are formulated in monadic style. The method works both in the simple option monad and the stateexception monad of Isabelle/HOL’s imperative programming extension, which results in a convenient definition principle for imperative programs, which were previously hard to define. For such monadic functions, the recursion equation can always be derived without preconditions, even if the function is partial. The construction is easy to automate, and convenient induction principles can be derived automatically. 1
Verification of the Redecoration Algorithm for Triangular Matrices
, 2007
"... Abstract. Triangular matrices with a dedicated type for the diagonal elements can be profitably represented by a nested datatype, i. e., a heterogeneous family of inductive datatypes. These families are fully supported since the version 8.1 of the Coq theorem proving environment, released in 2007. R ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
Abstract. Triangular matrices with a dedicated type for the diagonal elements can be profitably represented by a nested datatype, i. e., a heterogeneous family of inductive datatypes. These families are fully supported since the version 8.1 of the Coq theorem proving environment, released in 2007. Redecoration of triangular matrices has a succinct implementation in this representation, thus giving the challenge of proving it correct. This has been achieved within Coq, using also induction with measures. An axiomatic approach allowed a verification in the Isabelle theorem prover, giving insights about the differences of both systems. 1
Under consideration for publication in Math. Struct. in Comp. Science Partiality and Recursion in Interactive Theorem Provers — An Overview
, 2011
"... The use of interactive theorem provers to establish the correctness of critical parts of a software development or for formalising mathematics is becoming more common and feasible in practice. However, most mature theorem provers lack a direct treatment of partial and general recursive functions; ov ..."
Abstract
 Add to MetaCart
The use of interactive theorem provers to establish the correctness of critical parts of a software development or for formalising mathematics is becoming more common and feasible in practice. However, most mature theorem provers lack a direct treatment of partial and general recursive functions; overcoming this weakness has been the objective of intensive research during the last decades. In this article, we review many techniques that have been proposed in the literature to simplify the formalisation of partial and general recursive functions in interactive theorem provers. Moreover, we classify the techniques according to their theoretical basis and their practical use. This uniform presentation of the different techniques facilitates the comparison and highlights their commonalities and differences, as well as their relative advantages and limitations. We focus on theorem provers based on constructive type theory (in particular, Agda and Coq) and higherorder logic (in particular Isabelle/HOL). Other systems and logics are covered to a certain extend, but not exhaustively. In addition to the description of the techniques, we also demonstrate tools which facilitate working with the problematic functions in particular theorem provers. 1.
Simple simpl
"... Abstract. We report on a new implementation of a reduction strategy in Coq to simplify terms during interactive proofs. By “simplify”, we mean to reduce terms as much as possible while avoidingtomakethemgrow insize. Reachingthis goal amounts toadiscussion about how not to unfold uselessly global con ..."
Abstract
 Add to MetaCart
Abstract. We report on a new implementation of a reduction strategy in Coq to simplify terms during interactive proofs. By “simplify”, we mean to reduce terms as much as possible while avoidingtomakethemgrow insize. Reachingthis goal amounts toadiscussion about how not to unfold uselessly global constants. Coq’s simpl is such a reduction strategy and the current paper describes an alternative more efficient abstractmachinebased implementation to it hal00816918, version 1 23 Apr 2013
Abstract FINAL PREPRINT
"... This paper develops machinery necessary to mechanically import arbitrary functional programs into Coq’s type theory, manually strengthen their specifications with additional proofs, and then mechanicaly reextract the newlycertified program in a form which is as efficient as the original program. I ..."
Abstract
 Add to MetaCart
This paper develops machinery necessary to mechanically import arbitrary functional programs into Coq’s type theory, manually strengthen their specifications with additional proofs, and then mechanicaly reextract the newlycertified program in a form which is as efficient as the original program. In order to facilitate this goal, the coinductive technique of [Cap05] is modified to form a monad whose operators are the constructors of a coinductive type rather than functions defined over the type. The inductive invariant technique of [KM03] is extended to allow optional “after the fact ” termination proofs. These proofs inhabit members of Prop, and therefore do not affect extracted code. Compared to [Cap05], the new monad makes it possible to directly represent unrestricted recursion without violating productivity requirements [Gim95], and it produces efficient code via Coq’s extraction mechanism. The disadvantages of this technique include reliance on the JMeq axiom [McB00] and a significantly more complex notion of equality. The resulting technique is packaged as a Coq library, and is suitable for formalizing programs written in any sideeffectfree functional language with callbyvalue semantics.
Journal of Automated Reasoning manuscript No.
"... (will be inserted by the editor) Tilting at windmills with Coq: formal verification of a compilation algorithm for parallel moves ..."
Abstract
 Add to MetaCart
(will be inserted by the editor) Tilting at windmills with Coq: formal verification of a compilation algorithm for parallel moves