The Compcert Memory Model, Version 2 the Compcert Memory Model, Version 2 Le Modèle Mémoire Compcert Version 2
نویسندگان
چکیده
A memory model is an important component of the formal semantics of imperative programming languages: it speci es the behavior of operations over memory states, such as reads and writes. The formally veri ed CompCert C compiler uses a sophisticated memory model that is shared between the semantics of its source language (the CompCert subset of C) and intermediate languages. The algebraic properties of this memory model play an important role in the proofs of semantic preservation for the compiler. The initial design of the CompCert memory model is described in an article by Leroy and Blazy (J. Autom. Reasoning 2008). The present research report describes version 2 of this memory model, improving over the main limitations of version 1. The rst improvement is to expose the byte-level, in-memory representation of integers and oats, while preserving desirable opaqueness properties of pointer values. The second improvement is the integration of a ne-grained mechanism of permissions (access rights), which supports more aggressive optimizations over read-only data, and paves the way towards shared-memory, datarace-free concurrency in the style of Appel's Veri ed Software Toolchain project. Key-words: Memory models, formal semantics, veri ed compilation, CompCert ∗ INRIA Paris-Rocquencourt, project-team Gallium † Supported in part by Agence Nationale de la Recherche, project Arpège U3CAT, grant ANR 08-SEGI-021 ‡ Princeton University § Supported in part by the Air Force O ce of Scienti c Research (grant FA9550-09-1-0138) and the National Science Foundation (grant CNS-0910448). ¶ Université de Rennes 1, IRISA, project-team Celtique ha l-0 07 03 44 1, v er si on 1 1 Ju n 20 12 Le modèle mémoire CompCert version 2 Résumé : Le modèle mémoire est un composant important de la sémantique formelle d'un langage impératif de programmation: il spéci e le comportement des opérations sur les états mémoire, tels que les lectures et les écritures. Le compilateur formellement véri é CompCert C utilise un modèle mémoire élaboré, qu'il partage entre les sémantiques de son langage source (le sous-ensemble CompCert de C) et de ses langages intermédiaires. Les propriétés algébriques de ce modèle mémoire jouent un rôle important dans les preuves de préservation sémantique du compilateur. La première version du modèle mémoire CompCert est décrit dans un article de Leroy et Blazy (J. Autom. Reasoning 2008). Ce rapport de recherche décrit la version 2 de ce modèle mémoire, qui résout les principales limitations de la version 1. Première amélioration: il expose la représentation en mémoire, au niveau de l'octet, des entiers et des ottants, tout en préservant les propriétés utiles d'opacité des pointeurs. Seconde amélioration: il intègre un mécanisme de permissions (droits d'accès) à grain n, qui autorise le compilateur à e ectuer des optimisations plus agressives sur les données en lecture seule, et constitue un premier pas vers le parallélisme à mémoire partagée bien synchronisé, dans le style du projet Veri ed Software Toolchain d'Appel. Mots-clés : Modèles mémoires, sémantiques formelles, compilation véri ée, CompCert ha l-0 07 03 44 1, v er si on 1 1 Ju n 20 12 The CompCert memory model version 2 3
منابع مشابه
A Concrete Memory Model for CompCert
Semantics preserving compilation of low-level C programs is challenging because their semantics is implementation defined according to the C standard. This paper presents the proof of an enhanced and more concrete memory model for the CompCert C compiler which assigns a definite meaning to more C programs. In our new formally verified memory model, pointers are still abstract but are nonetheles...
متن کاملCompCertS: A Memory-Aware Verified C Compiler Using Pointer as Integer Semantics
The CompCert C compiler provides the formal guarantee that the observable behaviour of the compiled code improves on the observable behaviour of the source code. In this paper, we present a formally verified C compiler, CompCertS, which is essentially the CompCert compiler, albeit with a stronger formal guarantee: it gives a semantics to more programs and ensures that the memory consumption is ...
متن کاملVerified Compilation for Shared-Memory C
We present a new architecture for specifying and proving optimizing compilers in the presence of shared-memory interactions such as buffer-based system calls, shared-memory concurrency, and separate compilation. The architecture, which is implemented in the context of CompCert, includes a novel interaction-oriented model for C-like languages, and a new proof technique, called logical simulation...
متن کاملFormal C Semantics: CompCert and the C Standard
We discuss the difference between a formal semantics of the C standard, and a formal semantics of an implementation of C that satisfies the C standard. In this context we extend the CompCert semantics with end-of-array pointers and the possibility to byte-wise copy objects. This is a first and necessary step towards proving that the CompCert semantics refines the formal version of the C standar...
متن کاملTowards Optimizing Certified Compilation in Flight Control Software∗
This work presents an evaluation of the CompCert formally-proved compiler for level A critical flight control software. First, the motivation for choosing CompCert is presented, as well as the requirements and constraints of safety-critical avionics software. The evaluation of its performance (measured in WCET) is presented and the results are compared to those obtained with the currently used ...
متن کامل