HtmlToText
home partners motivations research compiler publications downloads compcert compilers you can formally trust menu home partners motivations research the compcert c compiler publications downloads the compcert project investigates the formal verification of realistic compilers usable for critical embedded software. such verified compilers come with a mathematical, machine-checked proof that the generated executable code behaves exactly as prescribed by the semantics of the source program. by ruling out the possibility of compiler-introduced bugs, verified compilers strengthen the guarantees that can be obtained by applying formal methods to source programs. the main result of the project is the compcert c verified compiler, a high-assurance compiler for almost all of the c language (iso c99), generating efficient code for the powerpc, arm, risc-v and x86 processors. get compcert c » news [02/2019] release of compcert c version 3.5. this release improves compatibility with gcc and clang with respect to the handling of c attributes. it fixes a few bugs and adds support for coq 8.9.0. last but not least, the coq development can now be rechecked in full using coqchk . [09/2018] release of compcert c version 3.4. it adds more error and warning messages, tightens compatibility with iso c11, fixes a few bugs, and improves compatibility with newer coq, menhir, and ocaml versions. [05/2018] release of compcert c version 3.3. it features a source annotation mechanism to transmit information to absint's a 3 analyzers , improved error and warning messages, and compatibility with coq 8.8. [01/2018] publication: compcert: practical experience on integrating and qualifying a formally verified optimizing compiler , by daniel kästner, ulrich wünsche, jörg barrho, marc schlickling, bernhard schommer, michael schmidt, christian ferdinand, xavier leroy, and sandrine blazy. erts 2018: embedded real time software and systems. [01/2018] compcert c version 3.2 is released. novelties include an improved inlining heuristic, resurrected support for cygwin x86 32-bit as a target architecture, and compatibility with coq 8.7 and 8.7.1. [08/2017] compcert c version 3.1 is released, featuring a new code generator for the risc-v architecture (in 32 and 64 bit modes) and improved support for powerpc 64 and e5500 processors (in 32/64 bit hybrid mode). [02/2017] publication: closing the gap — the formally verified optimizing compiler compcert , by daniel kästner, xavier leroy, sandrine blazy, bernhard schommer, michael schmidt, and christian ferdinand. sss'17: developments in system safety engineering: proceedings of the twenty-fifth safety-critical systems symposium. [02/2017] release of compcert c version 3.0. this is the first version of compcert that fully supports 64-bit architectures, with pointers and memory addresses that can be either 32 or 64-bit wide. the existing x86 32-bit port was extended to generate x86 64-bit code as well. a version 3.0.1 for coq 8.6 is also available. [06/2016] release of compcert c version 2.7. it features a formal account of separate compilation and linking, and generation of full dwarf debugging information for the arm and ia32 targets. a version 2.7.1 adds support for coq 8.5pl2. [01/2016] the paper compcert — a formally verified optimizing compiler , by xavier leroy, sandrine blazy, daniel kästner, bernhard schommer, markus pister, and christian ferdinand, was presented at erts 2016 (embedded real time software and systems conference) and received the "president's favorite" award. [12/2015] compcert c version 2.6 is released, with complete generation of dwarf debugging information for the powerpc target, detailed explanations of syntax errors, and support for powerpc 64 bits and e5500 processors. [06/2015] release of compcert c version 2.5. novelties include a formally-verified type checker for compcert c, a more careful modeling of pointer comparisons against the null pointer, algorithmic improvements in the handling of deeply nested struct and union types, much better abi compatibility for passing composite values, support for gcc-style extended inline asm, and more complete generation of dwarf debugging information (contributed by absint). [09/2014] the working sources for compcert are now hosted on github . [09/2014] compcert c version 2.4 is released, with a revised handling of single-precision floating-point arithmetic and support for c99 compound literals and switch statements over 64-bit integers. [06/2014] as part of a licensing agreement with inria, absint angewandte informatik gmbh will market and provide support for the compcert verified c compiler. [05/2014] compcert c version 2.3 is released. novelties includes a formally-verified parser, and support for c99 designated initializers. [02/2014] release of compcert c version 2.2, featuring more aggressive optimizations, support for more features of iso c99 (especially variable-argument functions), and improved conformance with the target abis. [10/2013] minor release of compcert c version 2.1. the main novelty is support for the _alignas attribute from iso c2011, for finer control of alignment. [06/2013] compcert c version 2.0 is now available, featuring two major improvements: 1- support for 64-bit integer arithmetic (type long long ) and 2- a new register allocator based on a posteriori validation. [03/2013] release of version 1.13 of the compcert c compiler. the semantics of pointers "one past the end of an array" is now properly defined as in the iso c standard. [01/2013] compcert c versions 1.12 and 1.12.1 are released. the two versions are functionally identical, but 1.12 is for coq 8.3 and 1.12.1 for coq 8.4. [12/2012] the microsoft research verified software milestone award was awarded to xavier leroy for his work on the compcert verified compiler. [07/2012] compcert c version 1.11 is released. novelties include a full formalization and proof of floating-point arithmetic, and performance improvements: function inlining, more aggressive constant propagation and cse. [06/2012] a technical report describing the memory model used in compcert versions 1.7 and up. [03/2012] release of version 1.10 of the compcert c compiler. now with a provably-correct implementation of volatile accesses and by-value structure passing and assignment, plus various small performance improvements, and a user's manual . [02/2012] publication: formally verified optimizing compilation in acg-based flight control software , with ricardo bedin frança, sandrine blazy, denis favre-felix, marc pantel and jean souyris, symposium erts2 2012. [11/2011] release of version 1.9.1 of the compcert c compiler. [10/2011] the 2011 la recherche prize in information sciences was awarded to xavier leroy, sandrine blazy, zaynah dargaye and jean-baptiste tristan for their work on the compcert verified c compiler. [08/2011] release of version 1.9 of the compcert c compiler. novelties include a reference c interpreter and stronger semantic preservation results. [05/2011] release of version 1.8.2 of the compcert c compiler. [03/2011] release of version 1.8.1 of the compcert c compiler. now compatible with coq 8.3pl1, and including algorithmic improvements (lower compilation times) and better handling of initialized global variables. [09/2010] version 1.8 of the compcert c compiler is available. it includes a larger subset of c (including side-effects within expressions) as its source language; a new port generating x86-32 bits code; and more precise semantics for volatile accesses. [03/2010] release of version 1.7 of the compcert c compiler, featuring a new c type-checker/elaborator/simplifier and a refined memory model. [01/2010] release of version 1.6 of the compcert c compiler. [11/2009] publication: a formally verified compiler back-end . an extensive (80 pages!) description of the back-end part of compcert, published in journal of automated reasoning 43(4). [08/2009] release of version 1.5 of the compcert c compiler. now wi