This report is one part of a series of documents describing the fully veri ed speci cation, construction and implementation of a ComLisp{compiler. ComLisp is a subset of ANSI-CommonLisp. Programs are systems of rst order mutually recursive function and procedure de nitions on dynamic Lisp data. ComLisp is both compiler source and implementation language. The work is part of the DFG research project Veri x on Correct Compilers. The major goal in Veri x is to develop methods for correct realistic compiler construction for practically relevant source languages and concrete target machines, and to completely verify them down to their binary machine code implementations. We specify a four-phase compilation transforming ComLisp{programs to binary machine code executables on transputer T400 processors. The compilation is modularized to four steps using three intermediate languages, a stack language, a C-like abstract machine oriented language, and an assembly language. Compiling speci cations between each pair of source and target languages are given as inductively de ned relations. They can easily be re ned to a system of rst order mutually recursive ComLisp{functions. Additionally, we de ne a boot loader machine program which we use as a minimal operating system kernel in order to load and to execute target programs. A correctly constructed ComLisp{compiler program, proved to be compliant to the speci cations given here, may be used in order to bootstrap itself as a binary transputer{machine code executable. The bootstrapping process, however, initially depends on an unveri ed execution basis for ComLisp. Without further investigation it does not guarantee full correctness. We depend on unveri ed tool support if we use a CommonLisp system in order to execute the compiler. Mathematical a-posteriori control (double checking) of the bootstrapping result will close this gap for the fully veri ed initial ComLisp{compiler executable. Correctness proofs for the speci cation with respect to source and target language semantics (compiling veri cation) as well as the documentation of the a-posteriori double checking of the bootstrapping result are not part of this report.
[1]
Hans Langmaack,et al.
Softwareengineering zur Zertifizierung von Systemen: Spezifikations-, Implementierungs-, Ubersetzerkorrektheit
,
1997,
Informationstechnik Tech. Inform..
[2]
J. S. Moore,et al.
ACL2: an industrial strength version of Nqthm
,
1996,
Proceedings of 11th Annual Conference on Computer Assurance. COMPASS '96.
[3]
Corporate Inmos Limited.
Transputer instruction set - a compiler writer's guide
,
1988
.
[4]
David F. Martin,et al.
Toward compiler implementation correctness proofs
,
1986,
TOPL.
[5]
Jeffrey S. Moore.
Piton: a verified assembly level language
,
1988
.
[6]
Wolfgang Goerigk,et al.
Rigorous Compiler Implementation Correctness: How to Prove the Real Thing Correct
,
1998,
FM-Trends.
[7]
Guy L. Steele,et al.
Common Lisp the Language
,
1984
.
[8]
J. S. MooreTechnical,et al.
Design Goals for Acl2
,
1994
.
[9]
J. Strother Moore.
Piton: A Mechanically Verified Assembly-Level Language
,
1996
.
[10]
Ulrich Hoffmann.
Compiler implementation verification through rigorous syntactical code inspection
,
1998
.