Alive2: bounded translation validation for LLVM
We designed, implemented, and deployed Alive2: a bounded translation validation tool for
the LLVM compiler's intermediate representation (IR). It limits resource consumption by, for …
the LLVM compiler's intermediate representation (IR). It limits resource consumption by, for …
Formal verification of a constant-time preserving C compiler
Timing side-channels are arguably one of the main sources of vulnerabilities in
cryptographic implementations. One effective mitigation against timing side-channels is to …
cryptographic implementations. One effective mitigation against timing side-channels is to …
What you get is what you C: Controlling side effects in mainstream C compilers
Security engineers have been fighting with C compilers for years. A careful programmer
would test for null pointer dereferencing or division by zero; but the compiler would fail to …
would test for null pointer dereferencing or division by zero; but the compiler would fail to …
Modular, compositional, and executable formal semantics for LLVM IR
This paper presents a novel formal semantics, mechanized in Coq, for a large, sequential
subset of the LLVM IR. In contrast to previous approaches, which use relationally-specified …
subset of the LLVM IR. In contrast to previous approaches, which use relationally-specified …
Formally Verifying Optimizations with Block Simulations
L Gourdin, B Bonneau, S Boulmé, D Monniaux… - Proceedings of the …, 2023 - dl.acm.org
CompCert (ACM Software System Award 2021) is the first industrial-strength compiler with a
mechanically checked proof of correctness. Yet, CompCert remains a moderately optimizing …
mechanically checked proof of correctness. Yet, CompCert remains a moderately optimizing …
Formally verified native code generation in an effectful JIT: turning the CompCert backend into a formally verified JIT compiler
Modern Just-in-Time compilers (or JITs) typically interleave several mechanisms to execute
a program. For faster startup times and to observe the initial behavior of an execution …
a program. For faster startup times and to observe the initial behavior of an execution …
Gauntlet: Finding bugs in compilers for programmable packet processing
F Ruffy, T Wang, A Sivaraman - 14th USENIX Symposium on Operating …, 2020 - usenix.org
Programmable packet-processing devices such as programmable switches and network
interface cards are becoming mainstream. These devices are configured in a domain …
interface cards are becoming mainstream. These devices are configured in a domain …
Leapfrog: certified equivalence for protocol parsers
We present Leapfrog, a Coq-based framework for verifying equivalence of network protocol
parsers. Our approach is based on an automata model of P4 parsers, and an algorithm for …
parsers. Our approach is based on an automata model of P4 parsers, and an algorithm for …
K-LLVM: a relatively complete semantics of LLVM IR
Abstract LLVM [Lattner and Adve, 2004] is designed for the compile-time, link-time and run-
time optimization of programs written in various programming languages. The language …
time optimization of programs written in various programming languages. The language …
Spoq: Scaling {Machine-Checkable} Systems Verification in Coq
System software is often large and complex, resulting in many vulnerabilities that can
potentially be exploited to compromise the security of a system. Formal verification offers a …
potentially be exploited to compromise the security of a system. Formal verification offers a …