CompCertS: A Memory-Aware Verified C Compiler Using a Pointer as Integer Semantics

The CompCert C compiler provides the formal guarantee that the observable behaviour of the compiled code improves on the observable behaviour of the source code. In this paper, we present a formally verified C compiler, CompCertS, which is essentially the CompCert compiler, albeit with a stronger formal guarantee: it gives a semantics to more programs and ensures that the memory consumption is preserved by the compiler. CompCertS is based on an enhanced memory model where, unlike CompCert but like Gcc, the binary representation of pointers can be manipulated much like integers and where, unlike CompCert, allocation may fail if no memory is available. The whole proof of CompCertS is a significant proof-effort and we highlight the crux of the novel proofs of 12 passes of the back-end and a challenging proof of an essential optimising pass of the front-end.

[1]  Michael Norrish C formalised in HOL , 1998 .

[2]  Xavier Leroy,et al.  A Formally-Verified Alias Analysis , 2012, CPP.

[3]  Robbert Krebbers,et al.  Aliasing Restrictions of C11 Formalized in Coq , 2013, CPP.

[4]  Robert N. M. Watson,et al.  Into the depths of C: elaborating the de facto standards , 2016, PLDI.

[5]  Sandrine Blazy,et al.  A Verified CompCert Front-End for a Memory Model Supporting Pointer Arithmetic and Uninitialised Data , 2019, Journal of Automated Reasoning.

[6]  Chucky Ellison,et al.  An executable formal semantics of C with applications , 2011, POPL '12.

[7]  Sandrine Blazy,et al.  Formal verification of control-flow graph flattening , 2016, CPP.

[8]  Xavier Leroy,et al.  Formal verification of a realistic compiler , 2009, CACM.

[9]  Robbert Krebbers An operational and axiomatic semantics for non-determinism and sequence points in C , 2014, POPL.

[10]  Zhong Shao,et al.  End-to-end verification of stack-space bounds for C programs , 2014, PLDI.

[11]  Xavier Leroy,et al.  Formal Verification of a C-like Memory Model and Its Uses for Verifying Program Transformations , 2008, Journal of Automated Reasoning.

[12]  Sandrine Blazy,et al.  A Concrete Memory Model for CompCert , 2015, ITP.

[13]  Chucky Ellison,et al.  Defining the undefinedness of C , 2015, PLDI.

[14]  Sandrine Blazy,et al.  A Precise and Abstract Memory Model for C Using Symbolic Values , 2014, APLAS.

[15]  Marc Pantel,et al.  Formally verified optimizing compilation in ACG-based flight control software , 2012 .

[16]  Jeehoon Kang,et al.  A formal C memory model supporting integer-pointer casts , 2015, PLDI.

[17]  Suresh Jagannathan,et al.  CompCertTSO: A Verified Compiler for Relaxed-Memory Concurrency , 2013, JACM.

[18]  Dan Grossman,et al.  Verified peephole optimizations for CompCert , 2016, PLDI.