From: Stuart <google_news@palin-26.freeserve.co.uk>
Subject: Re: Verified compilers?
Date: Wed, 7 Mar 2012 04:42:22 -0800 (PST)
Date: 2012-03-07T04:42:22-08:00 [thread overview]
Message-ID: <15276255.3865.1331124143041.JavaMail.geo-discussion-forums@vbze11> (raw)
In-Reply-To: <jj3p5v$2tp$1@munin.nbi.dk>
On Tuesday, 6 March 2012 01:27:25 UTC, Randy Brukardt wrote:
> "Yannick Duchêne (Hibou57)" <...> wrote in message
> news:op.v91cleyiule2fv@douda-yannick
...
> >What do you think of this sentence, "now that he's found the right
> >architecture for building verified compilers, everyone will know how to do
> >it?"
>
> Why would anyone want to do it? This is *not* a problem area in compilers
> (at least in my experience). When we introduced an intermediate code to
> separate semantics from optimization from code generation, one of the
> unexpected benefits was that code generation bugs dropped to almost none.
I admit I have not read the report yet - so I am unaware of the scope of the 'formal verification'; and Randy's post does point out other areas where errors creep into the compilation process. That said, there is still an issue in safety-critical applications of constructing a robust and compelling safety case, particularly covering the compilation process. This would seem to be something that would aid in such cases.
You note 'code generation bugs dropped to almost none' - but then say:-
> Bugs come from incorrectly converting semantics (which could not be
> "verified" unless a formal description of the source language exists, and
> that has proven too hard to do for any real programming language - "a subset
> of C" not counting as such a language!). And most of all from optimizations;
> perhaps an optimizer could be formally verified but I suspect doing so would
> take 3 times as much work as fixing the bugs as they're found.
The remark about optimization is interesting as [certainly up to a few years back] the number of target code generation faults seemed evenly balanced between those that were caused during optimization and those that were fixed by optimization (i.e. the fault goes away when the compiler is allowed to apply optimization strategies).
Whichever stage of the compilation process is at fault, [in my experience] there are usually a number of target code faults associated with fairly mature compilers and these cases have to be managed by the safety case and development processes.
Getting people with the experience at both the high-level source and low-level target code to review compilation issues is becoming increasingly difficult. A technique that provides alternatives in verifying the compilation process are attractive.
next prev parent reply other threads:[~2012-03-07 12:42 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-02-21 15:42 Verified compilers? Yannick Duchêne (Hibou57)
2012-02-24 1:41 ` Shark8
2012-02-24 8:52 ` Georg Bauhaus
2012-02-24 17:36 ` Peter C. Chapin
2012-03-06 1:27 ` Randy Brukardt
2012-03-06 17:24 ` Shark8
2012-03-06 17:43 ` Dmitry A. Kazakov
2012-03-06 19:03 ` Shark8
2012-03-07 5:33 ` Yannick Duchêne (Hibou57)
2012-03-07 9:12 ` Dmitry A. Kazakov
2012-03-07 17:49 ` Niklas Holsti
2012-03-07 20:17 ` Dmitry A. Kazakov
2012-03-07 23:28 ` Usefulness of Formal Notions in Programming (was: Verified compilers?) Georg Bauhaus
2012-03-08 9:24 ` Usefulness of Formal Notions in Programming Dmitry A. Kazakov
2012-03-08 10:30 ` Nasser M. Abbasi
2012-03-08 12:37 ` Dmitry A. Kazakov
2012-03-08 0:42 ` Verified compilers? Randy Brukardt
2012-03-08 9:25 ` Dmitry A. Kazakov
2012-03-08 18:10 ` Niklas Holsti
2012-03-08 20:41 ` Dmitry A. Kazakov
2012-03-08 18:02 ` Niklas Holsti
2012-03-08 20:40 ` Dmitry A. Kazakov
2012-03-09 0:44 ` Georg Bauhaus
2012-03-09 22:13 ` Niklas Holsti
2012-03-10 10:36 ` Dmitry A. Kazakov
2012-03-10 20:35 ` Niklas Holsti
2012-03-11 9:47 ` Dmitry A. Kazakov
2012-03-11 22:22 ` Niklas Holsti
2012-03-12 5:12 ` Niklas Holsti
2012-03-12 9:43 ` Dmitry A. Kazakov
2012-03-14 8:36 ` Niklas Holsti
2012-03-14 9:24 ` Georg Bauhaus
2012-03-14 11:14 ` REAL (was: Verified compilers?) stefan-lucks
2012-03-14 12:59 ` REAL Dmitry A. Kazakov
2012-03-14 13:30 ` REAL Georg Bauhaus
2012-03-14 13:51 ` REAL Dmitry A. Kazakov
2012-03-14 20:37 ` REAL Brian Drummond
2012-03-14 21:52 ` REAL Dmitry A. Kazakov
2012-03-14 13:52 ` REAL georg bauhaus
2012-03-14 17:42 ` REAL Jeffrey Carter
2012-03-14 10:14 ` Verified compilers? Dmitry A. Kazakov
2012-03-14 20:13 ` Niklas Holsti
2012-03-11 10:55 ` Georg Bauhaus
2012-03-10 13:46 ` Brian Drummond
2012-03-07 1:00 ` Randy Brukardt
2012-03-07 12:42 ` Stuart [this message]
2012-03-08 1:06 ` Randy Brukardt
2012-03-08 9:04 ` Jacob Sparre Andersen
2012-03-08 9:37 ` Dmitry A. Kazakov
2012-03-08 11:23 ` Simon Wright
2012-03-08 12:27 ` Dmitry A. Kazakov
2012-03-08 10:23 ` Brian Drummond
2012-03-08 23:38 ` Bill Findlay
2012-03-09 13:56 ` Brian Drummond
2012-03-09 14:43 ` Shark8
2012-03-09 21:51 ` Brian Drummond
2012-03-09 15:49 ` Bill Findlay
2012-03-09 20:34 ` Brian Drummond
2012-03-09 19:40 ` Jeffrey Carter
2012-03-09 20:39 ` Brian Drummond
2012-03-09 23:59 ` phil.clayton
2012-03-08 15:23 ` Peter C. Chapin
2012-03-09 2:04 ` Randy Brukardt
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox