Verification of non-functional programs using interpretations in type theory

We study the problem of certifying programs combining imperative and functional features within the general framework of type theory. Type theory is a powerful specification language which is naturally suited for the proof of purely functional programs. To deal with imperative programs, we propose a logical interpretation of an annotated program as a partial proof of its specification. The construction of the corresponding partial proof term is based on a static analysis of the effects of the program which excludes aliases. The missing subterms in the partial proof term are seen as proof obligations, whose actual proofs are left to the user. We show that the validity of those proof obligations implies the total correctness of the program. This work has been implemented in the Coq proof assistant. It appears as a tactic taking an annotated program as argument and generating a set of proof obligations. Several nontrivial algorithms have been certified using this tactic.

[1]  Eugenio Moggi,et al.  Notions of Computation and Monads , 1991, Inf. Comput..

[2]  Jean-Raymond Abrial,et al.  The B-book - assigning programs to meanings , 1996 .

[3]  Robert W. Floyd,et al.  Assigning Meanings to Programs , 1993 .

[4]  Thierry Coquand,et al.  The Calculus of Constructions , 1988, Inf. Comput..

[5]  Philip Wadler,et al.  Monads for functional programming , 1995, NATO ASI PDC.

[6]  Christine Paulin-Mohring,et al.  Inductive Definitions in the system Coq - Rules and Properties , 1993, TLCA.

[7]  Andrew K. Wright Typing References by Effect Inference , 1992, ESOP.

[8]  Matthias Felleisen,et al.  A Syntactic Approach to Type Soundness , 1994, Inf. Comput..

[9]  Amr Sabry,et al.  Monadic encapsulation in ML , 1999, ICFP '99.

[10]  Eugenio Moggi,et al.  Monadic Encapsulation of Effects: a Revised Approach , 1999, Electron. Notes Theor. Comput. Sci..

[11]  Christine Paulin-Mohring,et al.  Extracting ω's programs from proofs in the calculus of constructions , 1989, POPL '89.

[12]  Catherine Parent Synthese de preuves de programmes dans le calcul des constructions inductives , 1995 .

[13]  Philip Wadler,et al.  The marriage of effects and monads , 1998, ICFP '98.

[14]  Andrew P. Tolmach,et al.  Optimizing ML Using a Hierarchy of Monadic Types , 1998, Types in Compilation.

[15]  Ian A. Mason,et al.  A sound and complete axiomatization of operational equivalence of programs with memory , 1989, LICS 1989.

[16]  Carolyn L. Talcott,et al.  A Theory of Classes for a Functional Language with Effects , 1992, CSL.

[17]  Pierre Jouvelot,et al.  The Type and Effect Discipline , 1994, Inf. Comput..

[18]  François Pessaux,et al.  Type-based analysis of uncaught exceptions , 2000, TOPL.

[19]  C. A. R. Hoare,et al.  An axiomatic basis for computer programming , 1969, CACM.

[20]  de Ng Dick Bruijn,et al.  A survey of the project Automath , 1980 .

[21]  Pierre Jouvelot,et al.  Algebraic reconstruction of types and effects , 1991, POPL '91.

[22]  Ralph-Johan Back,et al.  On Correct Refinement of Programs , 1981, J. Comput. Syst. Sci..