© 1996 by British Computer Society
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
Correctness of compiling Occam to transputer code
2 
1 Dipartimento di Informatica, Universita di Pisa, Cso Italia 40, 56125 Pisa, Italy, 2 University Paderborn, Fachbereich 17 - Informatik, Warburgerstrasse 100, 33098 Paderborn, Germany
This paper contributes to the development of a rigorous mathematical framework for the study of provably correct compilation techniques. The proposed method is developed through an implementation of a real-life non-toy imperative programming language with non-determinism and parallelism, i.e. Occam, to a commercial machine, namely the Transputer. We provide a mathematical definition of the Transputer Instruction Set architecture for executing Occam together with a correctness proof for a general compilation schema of Occam programs into Transputer code. We start from the ground model, an abstract processor, running a high and a low priority queue of Occam processes, which formalizes the semantics of Occam at the abstraction level of atomic Occam instructions. We develop here increasingly more refined levels of Transputer semantics, proving correctness (and when possible also completeness) for each refinement step. Along the way we collect our proof assumptions, a set of natural conditions for a compiler to be correct, thus making our proof applicable to a large class of compilers. As a by-product our construction provides a challenging realistic case study for proof verification by theorem provers.
Received July 11, 1995. revised November 20, 1995.
* Dipartimento di Informatica, Università di Pisa, Cso Italia 40, 56125 Pisa, Italy
University Paderborn, Fachbereich 17—Informatik, Warburgerstrasse 100, 33098 Paderborn, Germany