• Top
    • Documentation
    • Books
    • Boolean-reasoning
    • Projects
    • Debugging
    • Std
    • Proof-automation
    • Macro-libraries
    • ACL2
    • Interfacing-tools
    • Hardware-verification
    • Software-verification
      • Kestrel-books
        • Crypto-hdwallet
        • Apt
        • Error-checking
        • Fty-extensions
        • Isar
        • Kestrel-utilities
        • Soft
        • Bv
        • Imp-language
        • C
          • Syntax-for-tools
          • Atc
            • Atc-implementation
            • Atc-tutorial
              • Atc-tutorial-int-representation
              • Atc-tutorial-int-programs
              • Atc-tutorial-events
              • Atc-tutorial-conditionals-nonconcluding
              • Atc-tutorial-identifiers
              • Atc-tutorial-assignments
              • Atc-tutorial-multiple-functions
              • Atc-tutorial-conditionals-with-mbt
              • Atc-tutorial-local-variables
              • Atc-tutorial-conditional-statements
              • Atc-tutorial-conditional-expressions
              • Atc-tutorial-atj-comparison
              • Atc-tutorial-proofs
                • Atc-tutorial-approach
                • Atc-tutorial-motivation
            • Language
            • Representation
            • Transformation-tools
            • Pack
          • Event-macros
          • Java
          • Bitcoin
          • Ethereum
          • Yul
          • Zcash
          • ACL2-programming-language
          • Prime-fields
          • Json
          • Syntheto
          • File-io-light
          • Number-theory
          • Cryptography
          • Lists-light
          • Builtins
          • Axe
          • Solidity
          • Helpers
          • Htclient
          • Typed-lists-light
          • Arithmetic-light
        • X86isa
        • Axe
        • Execloader
      • Math
      • Testing-utilities
    • Atc-tutorial

    Atc-tutorial-proofs

    ATC tutorial: ACL2 Proofs Generated for the Generated C code.

    (This page may be skipped at first reading.)

    Besides generating C code, ATC also generates ACL2 proofs of the correctness of the generated C code with respect to the ACL2 code from which the C code is generated. More precisely, ATC generates ACL2 theorems that assert these correctness properties.

    The correctness properties proved by ATC are the following:

    • The generated C code satisfies the compile-time constraints prescribed by [C]. In other words, the C code is compilable by compliant compilers. This is expressed via a formal static semantics of C.
    • The generated C code is functionally equivalent to the ACL2 code that represents it. In other words, it computes the same things as the ACL2 code. This is expressed via a formal dynamic semantics of C.

    Previous: Approach to Generating C Code from ACL2

    Next: ACL2 representation of the C int type and operations