Skip to main content
SpringerLink
Log in

Mechanized Semantics for the Clight Subset of the C Language

  • Published:
Journal of Automated Reasoning Aims and scope Submit manuscript

Abstract

This article presents the formal semantics of a large subset of the C language called Clight. Clight includes pointer arithmetic, struct and union types, C loops and structured switch statements. Clight is the source language of the CompCert verified compiler. The formal semantics of Clight is a big-step operational semantics that observes both terminating and diverging executions and produces traces of input/output events. The formal semantics of Clight is mechanized using the Coq proof assistant. In addition to the semantics of Clight, this article describes its integration in the CompCert verified compiler and several ways by which the semantics was validated.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Aiken, A., Bugrara, S., Dillig, I., Dillig, T., Hackett, B., Hawkins, P.: An overview of the Saturn project. In: PASTE ’07: Proceedings of the 7th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering, pp. 43–48. ACM, New York (2007)

    Chapter  Google Scholar 

  2. Appel, A.W., Blazy, S.: Separation logic for small-step Cminor. In: Theorem Proving in Higher Order Logics, 20th Int. Conf. TPHOLs 2007. Lecture Notes in Computer Science, vol. 4732, pp. 5–21. Springer, New York (2007)

    Chapter  Google Scholar 

  3. Appel, A.W., Leroy, X.: A list-machine benchmark for mechanized metatheory (extended abstract). In: Proc. Int. Workshop on Logical Frameworks and Meta-Languages (LFMTP’06). Electronic Notes in Computer Science, vol. 174/5, pp. 95–108 (2007)

  4. Bertot, Y., Castéran, P.: Interactive Theorem Proving and Program Development – Coq’Art: the Calculus of Inductive Constructions. EATCS Texts in Theoretical Computer Science. Springer, New York (2004)

    MATH  Google Scholar 

  5. Bishop, S., Fairbairn, M., Norrish, M., Sewell, P., Smith, M., Wansbrough, K.: Engineering with logic: HOL specification and symbolic-evaluation testing for TCP implementations. In: 33rd Symposium on Principles of Programming Languages, pp. 55–66. ACM, New York (2006)

    Google Scholar 

  6. Blazy, S., Dargaye, Z., Leroy, X.: Formal verification of a C compiler front-end. In: FM 2006: 14th Int. Symp. on Formal Methods. Lecture Notes in Computer Science, vol. 4085, pp. 460–475. Springer, New York (2006)

    Chapter  Google Scholar 

  7. Börger, E., Fruja, N., Gervasi, V., Stärk, R.F.: A high-level modular definition of the semantics of C#. Theor. Comp. Sci. 336(2–3), 235–284 (2005)

    Article  MATH  Google Scholar 

  8. CEA LIST: FRAMA-C: framework for modular analysis of C. Software and documentation available on the web. http://frama-c.cea.fr/ (2008)

  9. Condit, J., Harren, M., McPeak, S., Necula, G.C., Weimer, W.: CCured in the real world. In: PLDI ’03: Proceedings of the ACM SIGPLAN 2003 Conference on Programming Language Design and Implementation, pp. 232–244. ACM, New York (2003)

    Chapter  Google Scholar 

  10. Coq Development Team: The Coq proof assistant. http://coq.inria.fr/ (1989–2009)

  11. Delahaye, D., Dubois, C., Étienne, J.F.: Extracting purely functional contents from logical inductive types. In: Theorem Proving in Higher Order Logics, 20th International Conference, TPHOLs 2007. Lecture Notes in Computer Science, vol. 4732, pp. 70–85. Springer, New York (2007)

    Chapter  Google Scholar 

  12. Duff, T.: On Duff’s device. http://www.lysator.liu.se/c/duffs-device.html. Message to the comp.lang.c Usenet Group (1988)

  13. Filliâtre, J.C., Marché, C.: Multi-prover verification of C programs. In: 6th Int. Conference on Formal Engineering Methods, ICFEM 2004. Lecture Notes in Computer Science, vol. 3308, pp. 15–29 (2004)

  14. Gimenez, E., Ledinot, E.: Semantics of a subset of the C language. Coq contributed library. http://coq.inria.fr/contribs/minic.html (2004)

  15. Grégoire, B., Leroy, X.: A compiled implementation of strong reduction. In: International Conference on Functional Programming (ICFP 2002), pp. 235–246. ACM, New York (2002)

    Chapter  Google Scholar 

  16. Gurevich, Y., Huggins, J.: The semantics of the C programming language. In: Computer Science Logic, 6th Workshop, CSL ’92. Lecture Notes in Computer Science, vol. 702, pp. 274–308. Springer, New York (1993)

    Google Scholar 

  17. Hardekopf, B., Lin, C.: The ant and the grasshopper: fast and accurate pointer analysis for millions of lines of code. SIGPLAN Not. 42(6), 290–299 (2007)

    Article  Google Scholar 

  18. Hartel, P.H., Moreau, L.: Formalizing the safety of Java, the Java virtual machine, and Java card. ACM Comput. Surv. 33(4), 517–558 (2001)

    Article  Google Scholar 

  19. Hatton, L.: Safer language subsets: an overview and a case history, MISRA C. Inf. Soft. Technol. 46(7), 465–472 (2004)

    Article  Google Scholar 

  20. Hoare, T., O’Hearn, P.W.: Separation logic semantics for communicating processes. In: Proceedings of the First International Conference on Foundations of Informatics, Computing and Software (FICS 2008). Electronic Notes in Computer Science, vol. 212, pp. 3–25 (2008)

  21. Huisman, M., Jacobs, B.: Java program verification via a Hoare logic with abrupt termination. In: Fundamental Approaches to Software Engineering, 3rd Int. Conf. FASE 2000. Lecture Notes in Computer Science, vol. 1783, pp. 284–303. Springer, New York (2000)

    Chapter  Google Scholar 

  22. Hymans, C., Levillain, O.: Newspeak, doubleplussimple minilang for goodthinkful static analysis of C. Technical Note 2008-IW-SE-00010-1, EADS (2008)

  23. van Inwegen, M., Gunter, E.L.: HOL-ML. In: Higher Order Logic Theorem Proving and its Applications, 6th International Workshop, HUG ’93. Lecture Notes in Computer Science, vol. 780, pp. 61–74. Springer, New York (1993)

    Google Scholar 

  24. Klein, G., Nipkow, T.: A machine-checked model for a Java-like language, virtual machine, and compiler. ACM Trans. Program. Lang. Syst. 28(4), 619–695 (2006)

    Article  Google Scholar 

  25. Lee, D.K., Crary, K., Harper, R.: Towards a mechanized metatheory of Standard ML. In: 34th Symposium on Principles of Programming Languages, pp. 173–184. ACM, New York (2007)

    Google Scholar 

  26. Leinenbach, D., Paul, W., Petrova, E.: Towards the formal verification of a C0 compiler: code generation and implementation correctness. In: IEEE Conference on Software Engineering and Formal Methods (SEFM’05), pp. 2–11. IEEE Computer Society, Silver Spring (2005)

    Chapter  Google Scholar 

  27. Leroy, X.: Formal certification of a compiler back-end, or: programming a compiler with a proof assistant. In: 33rd ACM symposium on Principles of Programming Languages, pp. 42–54. ACM, New York (2006)

    Google Scholar 

  28. Leroy, X.: A formally verified compiler backend. arXiv:0902.2137 [cs] (2008)

  29. Leroy, X., Blazy, S.: Formal verification of a C-like memory model and its uses for verifying program transformations. J. Autom. Reason. 41(1), 1–31 (2008)

    Article  MATH  MathSciNet  Google Scholar 

  30. Leroy, X., Grall, H.: Coinductive big-step operational semantics. Inf. Comput. 207(2), 284–304 (2009). doi:10.1016/j.ic.2007.12.004

    Article  MathSciNet  Google Scholar 

  31. Milner, R., Tofte, M., Harper, R., MacQueen, D.: The Definition of Standard ML (Revised). MIT, Cambridge (1997)

    Google Scholar 

  32. Motor Industry Software Reliability Association: MISRA-C. http://www.misra-c.com/ (2004)

  33. Necula, G.C., McPeak, S., Rahul, S.P., Weimer, W.: CIL: Intermediate language and tools for analysis and transformation of C programs. In: Compiler Construction, 11th International Conference, CC 2002. Lecture Notes in Computer Science, vol. 2304, pp. 213–228. Springer, New York (2002)

    Google Scholar 

  34. Nepomniaschy, V.A., Anureev, I.S., Promsky, A.V.: Towards verification of C programs: axiomatic semantics of the C-kernel language. Program. Comput. Softw. 29(6), 338–350 (2003)

    Article  MATH  Google Scholar 

  35. Nipkow, T., Paulson, L.C.: Isabelle/Hol: a Proof Assistant for Higher-Order Logic. Springer, New York (2004)

    Google Scholar 

  36. Norrish, M.: C formalised in HOL. Ph.D. thesis, University of Cambridge. Technical Report UCAM-CL-TR-453 (1998)

  37. Norrish, M.: Deterministic expressions in C. In: Programming Languages and Systems, 8th European Symposium on Programming, ESOP’99. Lecture Notes in Computer Science, vol. 1576, pp. 147–161. Springer, New York (1999)

    Chapter  Google Scholar 

  38. Owens, S.: A sound semantics for OCamllight. In: Programming Languages and Systems, 17th European Symposium on Programming, ESOP 2008. Lecture Notes in Computer Science, vol. 4960, pp. 1–15. Springer, New York (2008)

    Google Scholar 

  39. Papaspyrou, N.: A formal semantics for the C programming language. Ph.D. thesis, National Technical University of Athens (1998)

  40. Paul, W., et al.: The Verisoft project. http://www.verisoft.de/ (2003–2008)

  41. Schirmer, N.: Verification of sequential imperative programs in Isabelle/HOL. Ph.D. thesis, Technische Universität München (2006)

  42. Sen, K., Marinov, D., Agha, G.: CUTE: a concolic unit testing engine for C. In: ESEC/FSE-13: Proceedings of the 10th European Software Engineering Conference, pp. 263–272. ACM, New York (2005)

    Google Scholar 

  43. Sewell, P., Zappa Nardelli, F., Owens, S., Peskine, G., Ridge, T., Sarkar, S., Strnisa, R.: Ott: effective tool support for the working semanticist. In: Proceedings of the 12th International Conference on Functional Programming, pp. 1–12. ACM, New York (2007)

    Google Scholar 

  44. Strecker, M.: Compiler verification for C0. Tech. Rep., Université Paul Sabatier, Toulouse (2005)

  45. Tews, H.: Verifying Duff’s device: a simple compositional denotational semantics for goto and computed jumps. http://www.cs.ru.nl/~tews/Goto/goto.pdf. Draft Paper (2004)

  46. Tews, H., Weber, T., Völp, M.: A formal model of memory peculiarities for the verification of low-level operating-system code. In: Proceedings of the International Workshop on Systems Software Verification (SSV’08). Electronic Notes in Computer Science, vol. 217, pp. 79–96 (2008)

  47. Tews, H., Weber, T., Völp, M., Poll, E., van Eekelen, M., van Rossum, P.: Nova micro-hypervisor verification. Robin Project Deliverable D13, Radboud Universiteit Nijmegen. http://robin.tudos.org/D.13 (2008)

  48. Zucker, S., Karhi, K.: System V application binary interface, PowerPC processor supplement. Tech. Rep. 802-3334-10, SunSoft (1995)

Download references

Author information

Authors and Affiliations

  1. ENSIIE, 1 square de la Résistance, 91025, Evry cedex, France

    Sandrine Blazy

  2. INRIA Paris-Rocquencourt, B.P. 105, 78153, Le Chesnay, France

    Xavier Leroy

Authors
  1. Sandrine Blazy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xavier Leroy
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xavier Leroy.

Additional information

This work was supported by Agence Nationale de la Recherche, grant number ANR-05-SSIA-0019.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Blazy, S., Leroy, X. Mechanized Semantics for the Clight Subset of the C Language. J Autom Reasoning 43, 263–288 (2009). https://doi.org/10.1007/s10817-009-9148-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10817-009-9148-3

Keywords

Search

Navigation