Vous pouvez vous abonner à nos annonces de séminaires:
http://cambium.inria.fr/seminar.html
Nos séminaires sont accessibles en ligne en direct:
https://webconf.math.cnrs.fr/b/fra-ryy-fjn
S É M I N A I R E
______ __ _
/ ____/___ _____ ___ / /_ (_)_ ______ ___
/ / / __ `/ __ `__ \/ __ \/ / / / / __ `__ \
/ /___/ /_/ / / / / / / /_/ / / /_/ / / / / / /
\____/\__,_/_/ /_/ /_/_.___/_/\__,_/_/ /_/ /_/
I N R I A - Paris
2 rue Simone Iff (ou: 41 rue du Charolais)
En ligne
Lundi 7 décembre, 10h30
------------------
Raphaël Rieu-Helft
------------------
Laboratoire de Recherche en Informatique
===========================================================
Verification of efficient C arithmetic algorithms with Why3
===========================================================
Arbitrary-precision integer arithmetic algorithms are used in contexts where
both their performance and their correctness are critical, such as
cryptographic software or computer algebra systems. GMP is a very widely-used
arbitrary-precision integer arithmetic library. It features state-of-the-art
algorithms that are intricate enough that their formal verification is both
justified and difficult. This work tackles the formal verification of the
functional correctness of a large fragment of GMP using the Why3 deductive
verification platform.
We have developed models of the memory management and datatypes of the C
language in WhyML, Why3's functional programming and specification language.
This allowed us to reimplement GMP's algorithms in WhyML and verify them. We
have also extended Why3's extraction mechanism so that WhyML programs can be
compiled to idiomatic C code, where only OCaml used to be supported.
The result of this extraction is a verified C library called WhyMP. It
implements many algorithms from GMP, with almost all of the optimization
tricks preserved. WhyMP is compatible with GMP and performance-competitive
with the assembly-free version.