GOSPEL—Providing OCaml with a Formal Specification Language

Charguéraud, Arthur; Filliâtre, Jean Christophe; Lourenço, Cláudio Belo; Pereira, Mário

doi:10.1007/978-3-030-30942-8_29

Cited by 9 publications

(7 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…After the success of Eiffel, new BISL were designed for mainstream programming languages [25] at the turn of the millennium: first JML [38] for Java, then Spec# [3] for C#, VCC [14], ACSL [4] and E-ACSL [16] for C, CodeContract [17] for .NET, Spark2014 [26] for Ada and, more recently, GOSPEL [11] for OCaml. Dedicated BISL such as Boogie [40] and WhyML [22] were also designed in the meantime: they do not target a mainstream specification language but, instead, propose their own general-purpose specification and programming framework.…”

Section: Behavioral Interface Specification Languagesmentioning

confidence: 99%

The e-ACSL perspective on runtime assertion checking

Signoles

2021

Proceedings of the 5th ACM International Workshop on Verification and mOnitoring at Runtime EXecution

View full text Add to dashboard Cite

Runtime Assertion Checking (RAC) is the discipline of verifying program assertions at runtime, i.e. when executing the code. Nowadays, RAC usually relies on Behavioral Interface Specification Languages (BISL) à la Eiffel for writing powerful code specifications. Since now more than 20 years, several works have studied RAC. Most of them have focused on BISL. Some others have also considered combinations of RAC with others techniques, e.g. deductive verification (DV). Very few tackle RAC as a verification technique that soundly generates efficient code from formal annotations. Here, we revisit these three RAC's research areas by emphasizing the works done in E-ACSL, which is both a BISL and a RAC tool for C code. We also compare it to others languages and tools.

show abstract

Section: Behavioral Interface Specification Languagesmentioning

confidence: 99%

The e-ACSL perspective on runtime assertion checking

Signoles

2021

Proceedings of the 5th ACM International Workshop on Verification and mOnitoring at Runtime EXecution

View full text Add to dashboard Cite

show abstract

“…The payload of a GOSPEL attribute is, hence, a string that contains the user-supplied specification 4 . The GOSPEL attributes are processed by a dedicated parser and type-checker [6], where specifications are attached to nodes of a patched version of the OCaml AST. This custom AST is the entry-point for our OCaml to WhyML translation, which we describe next.…”

Section: Using Gospel Toolchainmentioning

confidence: 99%

“…In this paper, we present Cameleer, a tool for the deductive verification of programs directly written in OCaml, with a clear focus on proof automation. Cameleer uses the recently proposed GOSPEL [6], a specification language for the OCaml language. We believe this is one of the strengths of our approach: firstly, GOSPEL makes a certain number of design choices, that turn it into a clean and digestible specification language; secondly, GOSPEL terms are written in a subset of the OCaml language.…”

Section: Introductionmentioning

confidence: 99%

Cameleer: a Deductive Verification Tool for OCaml (extended version)

Pereira,

Ravara

2021

Preprint

Self Cite

View full text Add to dashboard Cite

OCaml is particularly well-fitted for formal verification. On one hand, it is a multiparadigm language with a well-defined semantics, allowing one to write clean, concise, type-safe, and efficient code. On the other hand, it is a language of choice for the implementation of sensible software, e.g., industrial compilers, proof assistants, and automated solvers. Yet, with the notable exception of some interactive tools, formal verification has been seldom applied to OCaml-written programs. In this paper, we present the ongoing project Cameleer, aiming for the development of a deductive verification tool for OCaml, with a clear focus on proof automation. We leverage on the recently proposed GOSPEL, Generic OCaml SPE cification Language, to attach rigorous, yet readable, behavioral specification to OCaml code. The formally-specified program is fed to our toolchain, which translates it into an equivalent program in WhyML, the programming and specification language of the Why3 verification framework. Finally, Why3 is used to compute verification conditions for the generated program, which can be discharged by off-the-shelf SMT solvers. We present successful applications of the Cameleer tool to prove functional correctness of several significant case studies, like FIFO queues (ephemeral and applicative implementations) and leftist heaps, issued from existing OCaml libraries.

show abstract

“…It is an open-source project available at https://github.com/ocaml-gospel/ortac. We build upon Gospel, a behavioral specification language for OCaml [9]. Interfaces are annotated with formal specification, such as function contracts, type models and invariants, and logical definitions.…”

Section: Introductionmentioning

confidence: 99%

Ortac: Runtime Assertion Checking for OCaml (Tool Paper)

Filliâtre

Pascutto

2021

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Runtime assertion checking (RAC) is a convenient set of techniques that lets developers abstract away the process of verifying the correctness of their programs by writing formal specifications and automating their verification at runtime. In this work, we present ortac, a runtime assertion checking tool for OCaml libraries and programs. OCaml is a functional programming language in which idioms rely on an expressive type system, modules, and interface abstractions. ortac consumes interfaces annotated with type invariants and function contracts and produces code wrappers with the same signature that check these specifications at runtime. It provides a flexible framework for traditional assertion checking, monitoring misbehaviors without interruptions, and automated fuzz testing for OCaml programs. This paper presents an overview of ortac features and highlights its main design choices.

show abstract

GOSPEL—Providing OCaml with a Formal Specification Language

Cited by 9 publications

References 30 publications

The e-ACSL perspective on runtime assertion checking

The e-ACSL perspective on runtime assertion checking

Cameleer: a Deductive Verification Tool for OCaml (extended version)

Ortac: Runtime Assertion Checking for OCaml (Tool Paper)

Contact Info

Product

Resources

About