introduction to our research on certifying compiler
DESCRIPTION
Introduction to Our Research on Certifying Compiler. Zhaopeng Li (In Chinese: 李兆鹏 ) Email: [email protected] Certifying Compiler Group USTC-Yale Joint Research Center September 4, 2009. Outline. Motivation. Previous Work. On-going Work. Demonstration. Goal of Our Center. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Introduction to Our Research on Certifying Compiler](https://reader035.vdocuments.site/reader035/viewer/2022081517/5681525d550346895dc090c2/html5/thumbnails/1.jpg)
Introduction to Our Research on
Certifying Compiler
Zhaopeng Li (In Chinese: 李兆鹏 )Email: [email protected]
Certifying Compiler Group
USTC-Yale Joint Research Center
September 4, 2009
![Page 2: Introduction to Our Research on Certifying Compiler](https://reader035.vdocuments.site/reader035/viewer/2022081517/5681525d550346895dc090c2/html5/thumbnails/2.jpg)
Outline
![Page 3: Introduction to Our Research on Certifying Compiler](https://reader035.vdocuments.site/reader035/viewer/2022081517/5681525d550346895dc090c2/html5/thumbnails/3.jpg)
Goal of Our Center
Building Certified System Software
Building Certified System Software
Verification Framework Language: x86/MIPS assembly Lang. Logic: domain-specific logics Proof: developed in Coq manually
Verification Framework Language: x86/MIPS assembly Lang. Logic: domain-specific logics Proof: developed in Coq manually
Methodology!
Methodology!
Shortcoming: Development under this framework is costly.
![Page 4: Introduction to Our Research on Certifying Compiler](https://reader035.vdocuments.site/reader035/viewer/2022081517/5681525d550346895dc090c2/html5/thumbnails/4.jpg)
Motivation
Lift the verification framework to source-level. ★ productivity ★ user-friendly
Lift the verification framework to source-level. ★ productivity ★ user-friendly
Generate proof by automated theorem prover.★ automation ★ support proof-carrying code
Generate proof by automated theorem prover.★ automation ★ support proof-carrying code
![Page 5: Introduction to Our Research on Certifying Compiler](https://reader035.vdocuments.site/reader035/viewer/2022081517/5681525d550346895dc090c2/html5/thumbnails/5.jpg)
Motivation (cont.)
Compcert [Xavier Leroy et al.]★ a Certified C Compiler★ Realistic (Optimization)
Compcert [Xavier Leroy et al.]★ a Certified C Compiler★ Realistic (Optimization)
CompcertCompcert
C CodeC Code
Assembly Code
Assembly Code
ProofProof
ProofProof
Difference from acertified compiler?Difference from acertified compiler?
Specifications
Specifications
![Page 6: Introduction to Our Research on Certifying Compiler](https://reader035.vdocuments.site/reader035/viewer/2022081517/5681525d550346895dc090c2/html5/thumbnails/6.jpg)
Previous Work
Pointer Logic Certifying Compiler
Pointer Logic Certifying Compiler
AnnotatedC Code
AnnotatedC Code
Annotatedx86 Assembly
Code
Annotatedx86 Assembly
Code Proof
Front-endFront-end
VCGenVCGen
Proof assistantCoq
Proof-GenProof-Gen
Back-endBack-end
VC Proof
Pointer Logic Certifying CompilerPointer Logic Certifying Compiler
Lang.:Subset of CLogic : Pointer Logic
Manual Proof in Coq
![Page 7: Introduction to Our Research on Certifying Compiler](https://reader035.vdocuments.site/reader035/viewer/2022081517/5681525d550346895dc090c2/html5/thumbnails/7.jpg)
Previous Work (cont.)
Prototype I : a Certifying Compiler Language: PointerC (subset of C) Logic: Pointer Logic
(long access path, alias inference) Supported data structures
(circular) singly-linked list(circular) doubly-linked listtree
![Page 8: Introduction to Our Research on Certifying Compiler](https://reader035.vdocuments.site/reader035/viewer/2022081517/5681525d550346895dc090c2/html5/thumbnails/8.jpg)
On-going Work
/*n>0 | emp*/struct list* list_create(int n) { … while(n>0) /*n>=0 | list(p)*/ {… } return p;}/* true | list(res)*/
/*n>0 | emp*/struct list* list_create(int n) { … while(n>0) /*n>=0 | list(p)*/ {… } return p;}/* true | list(res)*/
C-like language + Separation Logic
Lemma wf_L0: …Lemma wf_L1: …Lemma …
List_create: push ebp mov esp, ebp sub esp, 8 jmp L0L0 : …L1 :
SCAP Framework
overview
CCompCompilerCComp
Compiler
![Page 9: Introduction to Our Research on Certifying Compiler](https://reader035.vdocuments.site/reader035/viewer/2022081517/5681525d550346895dc090c2/html5/thumbnails/9.jpg)
On-going Work (cont.)
Prototype II : CComp Language: C-like(subset of C)
Logic: Separation Logic (fragment)
Build-in automated theorem provers
Support data structures: list/tree
![Page 10: Introduction to Our Research on Certifying Compiler](https://reader035.vdocuments.site/reader035/viewer/2022081517/5681525d550346895dc090c2/html5/thumbnails/10.jpg)
On-going Work (cont.)
CComp Certifying Compiler
CComp Certifying Compiler
AnnotatedC Code
AnnotatedC Code
Annotatedx86 Assembly
Code
Annotatedx86 Assembly
Code Proof
Front-endFront-end
VCGenVCGen
Proof-GenProof-Gen
Back-endBack-end
VC Proof
Lang.:Subset of CLogic : Separation Logic
Build-in Automated
Theorem Prover
ATPATP
![Page 11: Introduction to Our Research on Certifying Compiler](https://reader035.vdocuments.site/reader035/viewer/2022081517/5681525d550346895dc090c2/html5/thumbnails/11.jpg)
Automated Theorem Prover
Linear integer
ArithmeticProver
Formulas
Prover for fragment of
Separation Logic OtherDomain-Specific
Provers (list, and etc.)
Automated Theorem Prover
Proof Tree Proof Output
Proof(Proof TermCheckable
by Coq)
Fragment of Separation Logic : separation star / emp / p|->_ Build-in Predicates : list/lseg/dlist/dlseg/tree…
![Page 12: Introduction to Our Research on Certifying Compiler](https://reader035.vdocuments.site/reader035/viewer/2022081517/5681525d550346895dc090c2/html5/thumbnails/12.jpg)
Automated Theorem Prover (cont.)
Prover for linear integer arithmeticBased on Simplex decision
procedureOutput coq-compatible proof term
• Build using coq libraries (ZArith … )• Check using coqc
Provide interfaces to VCGen & other provers
![Page 13: Introduction to Our Research on Certifying Compiler](https://reader035.vdocuments.site/reader035/viewer/2022081517/5681525d550346895dc090c2/html5/thumbnails/13.jpg)
Automated Theorem Prover (cont.)
Prover for separation logicSupport a fragment (star/ |->/list/lseg/dlist/dlseg/tree)Using linear integer arithmetic
prover to prove equalityOutput coq-compatible proof term (on-going work)More powerful than Smallfoot
![Page 14: Introduction to Our Research on Certifying Compiler](https://reader035.vdocuments.site/reader035/viewer/2022081517/5681525d550346895dc090c2/html5/thumbnails/14.jpg)
Demonstration
Simin Yang Automated linear integer arithmetic
prover Test cases on integer arithmetic
Zhong Zhuang Automated prover for fragment of
separation logic Test cases manipulating on linked list
![Page 15: Introduction to Our Research on Certifying Compiler](https://reader035.vdocuments.site/reader035/viewer/2022081517/5681525d550346895dc090c2/html5/thumbnails/15.jpg)
Thanks!