diff options
author | Yann Herklotz <git@yannherklotz.com> | 2021-02-22 22:20:02 +0000 |
---|---|---|
committer | Yann Herklotz <git@yannherklotz.com> | 2021-02-22 22:20:02 +0000 |
commit | 0c5b604c798ae1ff7fd8f157c30d2253b784eeac (patch) | |
tree | 0f097afd72493cdcbef0f385c7de428fcc8a48fb | |
parent | 7b695dcd03a33be70a93ded83ad9727cbfb4fb5e (diff) | |
download | latte21_hlstpc-0c5b604c798ae1ff7fd8f157c30d2253b784eeac.tar.gz latte21_hlstpc-0c5b604c798ae1ff7fd8f157c30d2253b784eeac.zip |
Add more
-rw-r--r-- | main.tex | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -194,9 +194,11 @@ The solution to both of these points is to have a formally verified high-level s \section{How to prove an HLS tool correct} +The standard methods for checking the outputs of the HLS tools are the following. First, the output could be checked by using a test bench and checking the outputs against the model. However, this does not provide many guarantees, and a lot of the + \paragraph{How could such a tool be constructed?} -The radical solution to this problem is to formally verify the complete tool, writing the complete tool in Coq~\cite{coquand86}, an interactive theorem prover. This has been proven to be successful, for example, CompCert~\cite{leroy09_formal_verif_realis_compil} is a formally verified C compiler written in Coq. This was demonstrated by CSmith~\cite{yang11_findin_under_bugs_c_compil}, a random C, valid C generator, which found more than 300 bugs in GCC and Clang, whereas only 5 bugs were found in the unverified parts of CompCert, which prompted the verification of those parts as well. +The radical solution to this problem is to formally verify the complete tool, writing the complete tool in Coq~\cite{coquand86}, an interactive theorem prover. This has been proven to be successful, for example, CompCert~\cite{leroy09_formal_verif_realis_compil} is a formally verified C compiler written in Coq. This was demonstrated by CSmith~\cite{yang11_findin_under_bugs_c_compil}, a random C, valid C generator, which found more than 300 bugs in GCC and Clang, whereas only 5 bugs were found in the unverified parts of CompCert, which prompted the verification of those parts as well. In addition to that, recently Lutsig~\cite{loow21_lutsig}, a synthesis tool going from behavioural Verilog to a technology mapped netlist in Verilog, was also proven correct. \section{Guarantees of trusted code} |