• Top
  • Documentation
    • Xdoc
    • ACL2-doc
    • Recursion-and-induction
    • Loop$-primer
    • Operational-semantics
      • Operational-semantics-3__annotated-bibliography
        • Bib::bhmy89
        • Bib::liu06
        • Bib::bm96
        • Bib::plotkin04b
        • Bib::bgm90
        • Bib::hkms17
        • Bib::bkm96
        • Bib::moore15
        • Bib::bh99
        • Bib::wilding93
        • Bib::plotkin04a
        • Bib::moore03b
        • Bib::mp02
        • Bib::moore19
        • Bib::manolios00
        • Bib::flatau92
        • Bib::hb92
        • Bib::bm05
        • Bib::goel16
        • Bib::bm73
        • Bib::ghk17
        • Bib::wilding92
        • Bib::moore17
        • Bib::moore96
        • Bib::ghkg14
        • Bib::yu92
        • Bib::hunt85
        • Bib::boh03
        • Bib::mmrv06
        • Bib::bm80
        • Bib::bh97
        • Bib::moore99b
        • Bib::moore14
        • Bib::rm04
        • Bib::by96
        • Bib::sawada00
        • Bib::mccarthy62
        • Bib::bm79
        • Bib::moore99a
        • Bib::sh98
        • Bib::rhmm07
        • Bib::kmm00a
        • Bib::ghk13
        • Bib::moore03a
        • Bib::hk12
        • Bib::mp67
        • Bib::young88
        • Bib::bm97
        • Bib::moore73
        • Bib::kmm00b
        • Bib::bevier87
      • Operational-semantics-1__simple-example
      • Operational-semantics-2__other-examples
      • Operational-semantics-5__history-etc
      • Operational-semantics-4__how-to-find-things
    • Pointers
    • Doc
    • Documentation-copyright
    • Course-materials
    • Args
    • ACL2-doc-summary
    • Finding-documentation
    • Broken-link
    • Doc-terminal-test-2
    • Doc-terminal-test-1
  • Books
  • Boolean-reasoning
  • Projects
  • Debugging
  • Std
  • Proof-automation
  • Macro-libraries
  • ACL2
  • Interfacing-tools
  • Hardware-verification
  • Software-verification
  • Math
  • Testing-utilities

• Operational-semantics-3__annotated-bibliography

Bib::moore96

J S. Moore, Piton: A Mechanically Verified Assembly-Level Language, J S. Moore, Automated Reasoning Series, Kluwer Academic Publishers, 1996.



Relevance: verified assembler/linker/loader and a component of the CLI Verified Stack

———

The verified assembler/linker/loader in the final version of the CLI Stack (see bib::bhmy89) is described here. See also the 1991 Nqthm script examples/fm9001-piton/piton.events. The Preface to the book and the comment at the top of the .events file give a lot of history of the evolution of the components of the CLI Stack.

Of particular interest to users who wish to verify the correct implementation of one programming language on top of a state machine is decomposition of the main theorem into “commuting diagrams” that stack various layers of abstraction between the assembly language and the binary image. Among other things these layers of abstraction solve the problem of “hidden resources,” in which the lower level machine state has resources that are not reflected in the upper level. For example at the high level, if one pushes items on the high level stack and then pops them off, there is no change to the stack when viewed from the high level. But the low level machine still records, in the region of memory dedicated to the stack but beyond the current top of stack, the items last pushed. Furthermore, those residual values can be accessed by the low level machine. So one has to prove that they are not. The Piton proof dealt with this by imposing an intermediate abstract machine just above the low level machine but with an instruction set in which it is impossible to access beyond the top of stack.