FreeSpec: specifying, verifying, and executing impure computations in Coq

FreeSpec is a framework for the Coq theorem prover which allows for specifying and verifying complex systems as hierarchies of components verified both in isolation and in composition. While FreeSpec was originally introduced for reasoning about hardware architectures, in this article we propose a novel iteration of FreeSpec formalism specifically designed to write certified programs and libraries. Then, we present in depth how we use this formalism to verify a static files webserver. We use this opportunity to present FreeSpec proof automation tactics, and to demonstrate how they successfully erase FreeSpec internal definitions to let users focus on the core of their proofs. Finally, we introduce FreeSpec.Exec, a plugin for Coq to seamlessly execute certified programs written with FreeSpec.

[1]  Simon Boulier,et al.  Towards Certified Meta-Programming with Typed Template-Coq , 2018, ITP.

[2]  Derek Dreyer,et al.  Mtac2: typed tactics for backward reasoning in Coq , 2018, Proc. ACM Program. Lang..

[3]  Jean-Raymond Abrial,et al.  The B-book - assigning programs to meanings , 1996 .

[4]  K. Rustan M. Leino,et al.  Specification and verification , 2011, Commun. ACM.

[5]  Adam Chlipala,et al.  Kami: a platform for high-level parametric hardware specification and its modular verification , 2017, Proc. ACM Program. Lang..

[6]  Jean-Christophe Filliâtre,et al.  Why3 - Where Programs Meet Provers , 2013, ESOP.

[7]  Jan Christiansen,et al.  One Monad to Prove Them All , 2019, Art Sci. Eng. Program..

[8]  David Harel,et al.  On folk theorems , 1980, CACM.

[9]  Robert Atkey,et al.  Dijkstra monads for all , 2019, Proc. ACM Program. Lang..

[10]  Matthieu Sozeau,et al.  Un environnement pour la programmation avec types dépendants. (An environment for programming with dependent types) , 2008 .

[11]  Oleg Kiselyov,et al.  Freer monads, more extensible effects , 2015, Haskell.

[12]  Jeannette M. Wing,et al.  A behavioral notion of subtyping , 1994, TOPL.

[13]  K. Rustan M. Leino,et al.  Accessible Software Verification with Dafny , 2017, IEEE Softw..

[14]  Yann Régis-Gianas,et al.  Mechanical Verification of Interactive Programs Specified by Use Cases , 2015, 2015 IEEE/ACM 3rd FME Workshop on Formal Methods in Software Engineering.

[15]  Edwin Brady Resource-Dependent Algebraic Effects , 2014, Trends in Functional Programming.

[16]  David Lorge Parnas,et al.  A technique for software module specification with examples , 1972, CACM.

[17]  WOUTER SWIERSTRA,et al.  A predicate transformer semantics for effects (functional pearl) , 2019, Proc. ACM Program. Lang..

[18]  Tarmo Uustalu Container Combinatorics: Monads and Lax Monoidal Functors , 2017, TTCS.

[19]  Raúl Monroy,et al.  Web Attack Detection Using ID3 , 2006, IFIP PPAI.

[20]  François Pessaux FoCaLiZe: Inside an F-IDE , 2014, F-IDE.

[21]  Arthur Charguéraud,et al.  Characteristic formulae for the verification of imperative programs , 2011, ICFP.

[22]  Viktor Vafeiadis,et al.  Mtac: a monad for typed tactic programming in Coq , 2013, ICFP.

[23]  Hans H. Kron,et al.  Programming-in-the-Large Versus Programming-in-the-Small , 1975, IEEE Transactions on Software Engineering.

[24]  Matthieu Sozeau,et al.  First-Class Type Classes , 2008, TPHOLs.

[25]  Benjamin C. Pierce,et al.  From C to interaction trees: specifying, verifying, and testing a networked server , 2018, CPP.

[26]  Mark Lillibridge,et al.  PLDI 2002: Extended static checking for Java , 2013, SIGP.

[27]  Lars Birkedal,et al.  Ynot: dependent types for imperative programs , 2008, ICFP.

[28]  Pierre Letouzey Extraction in Coq: An Overview , 2008, CiE.

[29]  Chung-Kil Hur,et al.  Interaction trees: representing recursive and impure programs in Coq , 2020, Proc. ACM Program. Lang..

[30]  Greg Nelson,et al.  Extended static checking for Java , 2002, PLDI '02.

[31]  Bertrand Meyer,et al.  Applying 'design by contract' , 1992, Computer.

[32]  Yann Régis-Gianas,et al.  Modular Verification of Programs with Effects and Effect Handlers in Coq , 2018, FM.

[33]  Jan Christiansen,et al.  Verifying effectful Haskell programs in Coq , 2019, Haskell@ICFP.

[34]  Andrej Bauer,et al.  Programming with algebraic effects and handlers , 2012, J. Log. Algebraic Methods Program..