The objective of this work is to study the interaction between program verification and program compilation, and to show that the proof that a source program meets its specification can be reused to show that the corresponding compiled program meets the same specification. More concretely, we introduce a core imperative language, and a bytecode language for a stack-based abstract machine, and a non-optimizing compiler. Then we consider for both languages verification condition generators that operate on programs annotated with loop invariants and procedure specifications. In such a setting, we show that compilation preserves proof obligations, in the sense that the proof obligations generated for the source annotated program are the same that those generated for the compiled annotated program (using the same loop invariants and procedure specifications). Furthermore, we discuss the relevance of our results to Proof Carrying Code.
展开▼
