Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/appliedfm/coq-vsu-int63

Formally verified 63-bit integer arithmetic, implemented in C and proven in Coq
https://github.com/appliedfm/coq-vsu-int63

appliedfm c compcert coq coq-vst formal-methods formal-specification formal-verification verification

Last synced: about 1 month ago
JSON representation

Formally verified 63-bit integer arithmetic, implemented in C and proven in Coq

Host: GitHub
URL: https://github.com/appliedfm/coq-vsu-int63
Owner: appliedfm
License: mit
Created: 2022-01-16T01:26:59.000Z (about 3 years ago)
Default Branch: main
Last Pushed: 2022-03-04T05:02:48.000Z (almost 3 years ago)
Last Synced: 2024-11-06T05:43:30.606Z (3 months ago)
Topics: appliedfm, c, compcert, coq, coq-vst, formal-methods, formal-specification, formal-verification, verification
Language: Coq
Homepage: https://coq-vsu-int63.readthedocs.io
Size: 146 KB
Stars: 2
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # coq-vsu-int63

![Website](https://img.shields.io/website?url=https%3A%2F%2Fcoq-vsu-int63.readthedocs.io)

![Documentation Status](https://readthedocs.org/projects/coq-vsu-int63/badge/?version=latest)

[![build](https://github.com/appliedfm/coq-vsu-int63/actions/workflows/build.yml/badge.svg)](https://github.com/appliedfm/coq-vsu-int63/actions/workflows/build.yml)

![GitHub](https://img.shields.io/github/license/appliedfm/coq-vsu-int63)

A [Verified Software Unit](https://github.com/appliedfm/coq-vsu) for 63-bit integer arithmetic.

Implemented in C, modeled in [Coq](https://coq.inria.fr), and proven correct using the [Verified Software Toolchain](https://vst.cs.princeton.edu/).

Compatible with [CompCert](https://compcert.org/).

## Verification status

Specifications are proven correct for the following targets:

- [x] `x86_64-linux`

- [x] `x86_32-linux`

Proofs are checked by our [CI infrastructure](https://github.com/appliedfm/coq-vsu-int63/actions/workflows/build.yml).

## Packages

* `coq-int63` - functional model

* `coq-vsu-int63-src` - C source code

* `coq-vsu-int63-vst` - VST spec & proof (`x86_64-linux`)

* `coq-vsu-int63-vst-32` - VST spec & proof (`x86_32-linux`)

* `coq-vsu-int63` - All of the above

## Installing

Installation is performed by `opam` with help by [coq-vsu](https://github.com/appliedfm/coq-vsu).

```console

$ opam pin -n -y .

$ opam install coq-vsu-int63

```

## Using the C library

The C library is installed to the path given by `vsu -I`. For example:

```console

$ tree `vsu -I`

/home/tcarstens/.opam/coq-8.14/lib/coq-vsu/lib/include

└── coq-vsu-int63

    ├── int63.h

    └── src

        └── int63.c

2 directories, 2 files

$

```

## Using the Coq library

We currently publish three Coq libraries:

* `coq-int63` - functional model

* `coq-vsu-int63-vst` - VST spec & proof (`x86_64-linux`)

* `coq-vsu-int63-vst-32` - VST spec & proof (`x86_32-linux`)

The `coq-int63` library is target-agnostic and is therefore always installed into a location within Coq's search path.

However, `coq-vsu-int63-vst` and `coq-vsu-int63-vst-32` are both target-specific. As such, they are sometimes installed into locations outside of Coq's search path. Fortunately, these libraries can be found by calling `vsu --show-coq-variant-path=PACKAGE`. For example:

```console

$ echo `vsu --show-coq-variant-path=coq-vsu-int63-vst-32`

/home/tcarstens/.opam/coq-8.14/lib/coq/../coq-variant/appliedfm/32/Int63

$

```

The `vsu` tool can also be used to supply Coq with the correct arguments for importing the target-specific libraries. For example:

```

$ tcarstens@pop-os:~/formal_methods/coq-vsu-int63$ coqtop \

    `vsu -Q coq-vsu-int63-vst-32` \

    `vsu -Q coq-compcert-32` \

    `vsu -Q coq-vst-32`

Welcome to Coq 8.14.0

Coq < From VST Require Import floyd.proofauto.

Coq < From appliedfm Require Import Int63.vst.spec.spec.

Coq < From appliedfm Require Import Int63.vst.proof.proof.

Coq < Check encode_int63_spec.

encode_int63_spec

     : ident * funspec

Coq < Check encode_int63_body.

encode_int63_body

     : semax_body ast.Vprog ASI int63.f_encode_int63 encode_int63_spec

Coq < 

```

## Building without `opam`

The general pattern looks like this:

```console

$ make [verydeepclean|deepclean|clean]

$ make BITSIZE={opam|64|32} [all|_CoqProject|clightgen|theories]

```

`BITSIZE` determines which `compcert` target to use. If unspecified, the default value is `opam`:

* `opam` and `64` both use `x86_64-linux`

* `32` uses `x86_32-linux`

### Example: `x86_64-linux`

```console

$ make verydeepclean ; make

```

### Example: `x86_32-linux`

```console

$ make verydeepclean ; make BITSIZE=32

```

## Building the docs

Note that this requires [Doxygen](https://www.doxygen.nl) and [Sphinx](https://www.sphinx-doc.org).

```console

$ make -C docs html

$ xdg-open docs/build/html/index.html

```

#

[![Coq](https://img.shields.io/badge/-Coq-royalblue)](https://github.com/coq/coq)

[![compcert](https://img.shields.io/badge/-compcert-pink)](https://compcert.org/)

[![VST](https://img.shields.io/badge/-VST-palevioletred)](https://vst.cs.princeton.edu/)

[![Alectryon](https://img.shields.io/badge/-Alectryon-orangered)](https://github.com/cpitclaudel/alectryon/)

[![Sphinx](https://img.shields.io/badge/-Sphinx-navy)](https://www.sphinx-doc.org)

[![readthedocs](https://img.shields.io/badge/-readthedocs-slateblue)](https://readthedocs.org)

[![applied.fm](https://img.shields.io/badge/-applied.fm-orchid)](https://applied.fm)