Results 1 
7 of
7
Aliasing restrictions of C11 formalized in Coq
 In CPP, volume 8307 of LNCS
, 2013
"... Abstract. The C11 standard of the C programming language describes dynamic typing restrictions on memory operations to make more effective optimizations based on alias analysis possible. These restrictions are subtle due to the lowlevel nature of C, and have not been treated in a formal semantics ..."
Abstract

Cited by 8 (5 self)
 Add to MetaCart
(Show Context)
Abstract. The C11 standard of the C programming language describes dynamic typing restrictions on memory operations to make more effective optimizations based on alias analysis possible. These restrictions are subtle due to the lowlevel nature of C, and have not been treated in a formal semantics before. We present an executable formal memory model for C that incorporates these restrictions, and at the same time describes required lowlevel operations. Our memory model and essential properties of it have been fully formalized using the Coq proof assistant. 1
An Operational and Axiomatic Semantics for Nondeterminism and Sequence
 Points in C. In POPL
, 2014
"... The C11 standard of the C programming language does not specify the execution order of expressions. Besides, to make more effective optimizations possible (e.g. delaying of sideeffects and interleaving), it gives compilers in certain cases the freedom to use even more behaviors than just those of ..."
Abstract

Cited by 6 (5 self)
 Add to MetaCart
(Show Context)
The C11 standard of the C programming language does not specify the execution order of expressions. Besides, to make more effective optimizations possible (e.g. delaying of sideeffects and interleaving), it gives compilers in certain cases the freedom to use even more behaviors than just those of all execution orders. Widely used C compilers actually exploit this freedom given by the C standard for optimizations, so it should be taken seriously in formal verification. This paper presents an operational and axiomatic semantics (based on separation logic) for nondeterminism and sequence points in C. We prove soundness of our axiomatic semantics with respect to our operational semantics. This proof has been fully formalized using the Coq proof assistant.
Separation algebras for C verification in Coq
 In VSTTE, volume 8471 of LNCS
, 2014
"... Abstract. Separation algebras are a wellknown abstraction to capture common structure of both permissions and memories in programming languages, and form the basis of models of separation logic. As part of the development of a formal version of an operational and axiomatic semantics of the C11 sta ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
(Show Context)
Abstract. Separation algebras are a wellknown abstraction to capture common structure of both permissions and memories in programming languages, and form the basis of models of separation logic. As part of the development of a formal version of an operational and axiomatic semantics of the C11 standard, we present a variant of separation algebras that is well suited for C verification. Our variant of separation algebras has been fully formalized using the Coq proof assistant, together with a library of concrete implementations. These instances are used to build a complex permission model, and a memory model that captures the strict aliasing restrictions of C. 1
A Typed C11 Semantics for Interactive Theorem Proving
"... We present a semantics of a significant fragment of the C programming language as described by the C11 standard. It consists of a small step semantics of a core language, which uses a structured memory model to capture subtleties of C11, such as strictaliasing restrictions related to unions, that ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
We present a semantics of a significant fragment of the C programming language as described by the C11 standard. It consists of a small step semantics of a core language, which uses a structured memory model to capture subtleties of C11, such as strictaliasing restrictions related to unions, that have not yet been addressed by others. The semantics of actual C programs is defined by translation into this core language. We have an explicit type system for the core language, and prove type preservation and progress, as well as type correctness of the translation. Due to unspecified order of evaluation, our operational semantics is nondeterministic. To explore all defined and undefined behaviors, we present an executable semantics that computes a stream of finite sets of reachable states. It is proved sound and complete with respect to the operational semantics. Both the translation into the core language and the executable semantics are defined as Coq programs. Extraction to OCaml is used to obtain a C interpreter to run and test the semantics on actual C programs. All proofs are fully formalized in Coq.
Journal of Automated Reasoning manuscript No. (will be inserted by the editor) A Formal C Memory Model for Separation Logic
"... Abstract The core of a formal semantics of an imperative programming language is a memory model that describes the behavior of operations on the memory. Defining a memory model that matches the description of C in the C11 standard is challenging because C allows both highlevel (by means of typed ex ..."
Abstract
 Add to MetaCart
Abstract The core of a formal semantics of an imperative programming language is a memory model that describes the behavior of operations on the memory. Defining a memory model that matches the description of C in the C11 standard is challenging because C allows both highlevel (by means of typed expressions) and lowlevel (by means of bit manipulation) memory accesses. The C11 standard has restricted the interaction between these two levels to make more effective compiler optimizations possible, on the expense of making the memory model complicated. We describe a formal memory model of the (nonconcurrent part of the) C11 standard that incorporates these restrictions, and at the same time describes lowlevel memory operations. This formal memory model includes a rich permission model to make it usable in separation logic and supports reasoning about program transformations. The memory model and essential properties of it have been fully formalized using the Coq proof assistant.
Formal C semantics: CompCert
"... Abstract. We discuss the difference between a formal semantics of the C standard, and a formal semantics of an implementation of C that satisfies the C standard. In this context we extend the CompCert semantics with endofarray pointers and the possibility to bytewise copy objects. This is a firs ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. We discuss the difference between a formal semantics of the C standard, and a formal semantics of an implementation of C that satisfies the C standard. In this context we extend the CompCert semantics with endofarray pointers and the possibility to bytewise copy objects. This is a first and necessary step towards proving that the CompCert semantics refines the formal version of the C standard that is being developed in the Formalin project in Nijmegen. 1