Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/thamugadi/semantic-preservation

Work in progress. Attempt to prove semantic preservation (forward simulation) for a simple compiler.
https://github.com/thamugadi/semantic-preservation

bisimulation compiler coq dependent-types formal-verification

Last synced: 27 days ago
JSON representation

Work in progress. Attempt to prove semantic preservation (forward simulation) for a simple compiler.

Host: GitHub
URL: https://github.com/thamugadi/semantic-preservation
Owner: thamugadi
License: bsd-2-clause
Created: 2023-10-09T17:30:12.000Z (about 1 year ago)
Default Branch: main
Last Pushed: 2024-05-01T09:06:34.000Z (6 months ago)
Last Synced: 2024-09-30T20:42:51.399Z (about 1 month ago)
Topics: bisimulation, compiler, coq, dependent-types, formal-verification
Language: Coq
Homepage:
Size: 106 KB
Stars: 9
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# semantic-preservation
## Introduction

The purpose of this repo is to give a minimal example of a compiler for which the forward simulation property is verified. The proof is located in [src/Verification.v](src/Verification.v).

I considered an abstract machine using absolute addresses for ``Jump`` as a target, and one using a BF-like ``Jump`` / ``Ret``, both jumping one instruction after the associated instruction, as a source. The small compiler used is defined in [src/Compiler.v](src/Compiler.v).

The proof of some lemmas is still missing, and those are admitted for the moment. This was my first real contact with Coq and dependent types, and it allowed me to make progress on the basics. Also, it makes extensive use of CoqHammer, which makes some proofs quite incomprehensible.

The ``first_attempt`` folder contains previous attempts to prove the property, in particular through an approach using vectors, in the belief that this would simplify the proof of certain lemmas. This was quite true, but it made it too complex to state certain theorems, and I preferred to give up on it.

It is globally a matter of proving that given two source states p and p' and a target state q, if

- p compiles into q
- p evaluates into p'

then there exist q' such as:

- p' compiles into q'
- q evaluates+ into q'

where "+" is the transitive closure.

Main reference: https://xavierleroy.org/publi/compcert-backend.pdf

## Semantics

- Small-step semantics for the two abstract machines are defined in [src/Language.v](src/Language.v) and [src/Assembly.v](src/Assembly.v)

## Simulation property

- The aim of [Leroy's paper](https://xavierleroy.org/publi/compcert-backend.pdf) is to describe how a source program S and a target program C retain the same semantics if the compilation process succeeds.
- Several relations are defined to express semantic preservation. In [src/Simulation.v](src/Simulation.v) are included the definitions to construct the lockstep, "plus", "option" and "star" simulation relations described in p. 16.