koika
CompCert
Our great sponsors
| koika | CompCert | |
|---|---|---|
| 2 | 30 | |
| 103 | 1,544 | |
| 1.9% | 2.1% | |
| 3.2 | 7.1 | |
| 11 months ago | 5 days ago | |
| Coq | Coq | |
| GNU General Public License v3.0 only | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
koika
-
Let's collect relatively new research programming languages in this thread
https://github.com/koka-lang/koka Algebraic effects and reference counting. https://github.com/mit-plv/koika hardware description DSL for coq
-
There's an ongoing effort to rewrite Principia Mathematica using Coq
There are ongoing research projects about that, you may want to have a look at KĂ´ika (https://github.com/mit-plv/koika), Kami (https://github.com/mit-plv/kami), Lutsig (https://github.com/CakeML/hardware) and silveroak (https://github.com/project-oak/silveroak). Closer to HLS there is also Vericert (https://github.com/ymherklotz/vericert). There may be other research project I am unaware of, feel free to add them in a reply, I am interested in it.
CompCert
-
OpenAI might be training its AI technology to replace some software engineers, report says
But that's fine, because we can do even better with things like the CompCert C compiler, which is formally proven to produce correct asm output for ISO C 2011 source. It's designed for high-reliability, safety-critical applications; it's used for things like Airbus A380 avionics software, or control software for emergency generators at nuclear power plants. Software that's probably not overly sophisticated and doesn't need to be highly optimized, but does need to work ~100% correctly, ~100% of the time.
-
Checked C
Does anybody know how does this compare to https://compcert.org/ ?
-
Is it possible to make C as safe as Rust?
There is. They're called formally verified compilers, and are used for safety critical applications: https://compcert.org/ https://github.com/AbsInt/CompCert
-
New Coq tutorial
Hi all, Coq is a "proof assistant" that allows you to write both code and proofs in the same language (thanks to the Curry–Howard correspondence). Its uses range from pure math (e.g., the Feit–Thompson theorem was proven in Coq!) to reasoning about programming languages (e.g., proving the soundness of a type system) to writing verified code (e.g., this verified C compiler!). You can "extract" your code (without the proofs) to OCaml/Haskell/Scheme for running it in production. Coq is awesome, but it's known for having a steep learning curve (it's based on type theory, which is a foundational system of mathematics). It took me several years to become proficient in it. I wanted to help people pick it up faster than I did, so I wrote this introductory tutorial. Hope you find it useful!
-
The Software Foundations: mathematical underpinnings of reliable software
Not an expert but I've heard formal methods are used in Chip Design. Also https://compcert.org/ a c compiler which uses formal verifcation. I tiored some exercises in the series. Its pretty interesting thing to do, but yes I don't think its great for rapid software development.
The seL4 microkernel: https://sel4.systems/
The CompCert C compiler: https://compcert.org/
TLS implementation in Firefox: https://blog.mozilla.org/security/2020/07/06/performance-imp...
Elasticsearch model checks some of their core algorithms with TLA+: https://youtu.be/qYDcbcOVurc.
Amazon is known to apply formal methods in varying forms to services like S3: https://www.amazon.science/publications/using-lightweight-fo...
Many components in airplane software is formally verified in some aspect.
-
Two Mechanisations of WebAssembly 1.0
If this interests you, I'd highly recommend checking out CompCert (docs here) and CakeML.
-
Why the C Language Will Never Stop You from Making Mistakes
With Frama-C you can prove doubly linked lists and all manner of complicated pointer manipulating graph algorithms. It does not impose a Rust-like pointer ownership policy as does SPARK.
However, for embedded development, SPARK's restrictions are a good trade-off, as the more restrictive rules allow more proofs to be fully automated than with Frama-C and simplify diagnostic messages. A fly-by-wire avionics computer doesn't need to dynamically allocate a billion graph nodes. But SPARK is not "general purpose" like C with Frama-C is.
AdaCore's SPARK tool stack is not actually written in SPARK as far as I can see, much of it is actually OCaml and Coq/Gallina for the Why3 component also used by Frama-C. See all the .ml OCaml and .v Gallina source code for yourself:
https://github.com/AdaCore/why3
And of course the compiler backend for Ada/SPARK is GNU GCC, written in unverified C:
https://github.com/gcc-mirror/gcc/tree/master/gcc/config
Compare with CompCert, the formally verified C compiler:
https://github.com/AbsInt/CompCert
Frama-C unfortunately requires a user to be mathematician-logician logic programming expert to fully utilize. One can begin training in Coq/Gallina with the large free online Software Foundations course:
-
Hacker News top posts: Jun 27, 2021
A Proven Correct C Compiler\ (76 comments)
-
A Proven Correct C Compiler (Used by Airbus)
As noted in the License section of the readme,
> CompCert is not free software. This non-commercial release can only be used for evaluation, research, educational and personal purposes. A commercial version of CompCert, without this restriction and with professional support and extra features, can be purchased from AbsInt. See the file LICENSE for more information.
However, https://github.com/AbsInt/CompCert/blob/master/LICENSE goes onto say that
> The following files in this distribution are dual-licensed both under
What are some alternatives?
coq - Coq is a formal proof management system. It provides a formal language to write mathematical definitions, executable algorithms and theorems together with an environment for semi-interactive development of machine-checked proofs.
kami - A Platform for High-Level Parametric Hardware Specification and its Modular Verification
unbound - Replib: generic programming & Unbound: generic treatment of binders
seL4 - The seL4 microkernel
vericert - A formally verified high-level synthesis tool based on CompCert and written in Coq.
corn - Coq Repository at Nijmegen [[email protected],@VincentSe]
gcc
hardware - Verilog development and verification project for HOL4
cakeml - CakeML: A Verified Implementation of ML
winix - A UNIX-style Operating System for the Waikato RISC Architecture Microprocessor (WRAMP)
silt - An in-progress fast, dependently typed, functional programming language implemented in Swift.
wuffs - Wrangling Untrusted File Formats Safely