Awesome
Hoare Type Theory
This repository contains the main libraries of Hoare Type Theory (HTT) for reasoning about sequential heap-manipulating programs.
HTT is a verification system which incorporates Hoare style specifications via preconditions and
postconditions, into types. A Hoare type {P}x : A{Q}
denotes computations with a precondition P
and postcondition Q
, returning a value of type A
. Hoare types are a dependently typed version
of monads, as used in the programming language Haskell. Monads higenically combine the language
features for pure functional programming, with those for imperative programming, such as state or
exceptions. In this sense, HTT establishes a formal connection between Hoare logic and monads, in
the style of Curry-Howard isomorphism: every effectful command in HTT has a type which corresponds
to the appropriate inference rule in Hoare logic, and vice versa, every inference rule in (a version
of) Hoare logic, corresponds to a command in HTT which has that rule as the type.
Building and executing artifacts
Requirements
- Coq (>= "8.10.0" & < "8.12~")
- Mathematical Components
ssreflect
(>= "1.10.0" & < "1.12~") - FCSL-PCM (>= "1.0.0" & < "1.3~")
For the installation, follow instructions in the corresponding
README
files.
Alternatively, Coq and mathcomp can be installed via the opam package manager, by executing the following commands in the console:
opam repo add coq-released https://coq.inria.fr/opam/released
opam install coq-mathcomp-ssreflect coq-fcsl-pcm
Build
make clean; make
Install
make install
Usage with opam
To install HTT as a opam package from your local repository, run the following command from the repository's root directory.
opam install .
References
-
Partiality, State and Dependent Types
Kasper Svendsen, Lars Birkedal and Aleksandar Nanevski. TLCA 2011.
A semantic model for HTT, with large sigma types.
-
Structuring the Verification of Heap-Manipulating Programs
Aleksandar Nanevski, Viktor Vefeiadis and Josh Berfine. POPL 2010.
This paper introduces what is closest to the current structure of the implementation of HTT. It puts emphasis on structuring programs and proofs together, rather than on attacking the verification problem using proof automation. It carries out a large case study, verifying the congruence closure algorithm of the Barcelogic SAT solver.
The current implementation differs from what's explained in this paper, in that it uses unary, rather than binary postconditions.
-
Ynot: Dependent Types for Imperative Programs
Aleksandar Nanevski, Greg Morrisett, Avi Shinnar, Paul Govereau, Lars Birkedal. ICFP 2008.
First implementation of HTT as a DSL in Coq, and a number of examples.
-
A Realizability Model for Impredicative Hoare Type Theory
Rasmus L. Petersen, Lars Birkedal, Aleksandar Nanevski, Greg Morrisett. ESOP 2008.
A semantic model for HTT, but without large sigma types.
-
Abstract Predicates and Mutable ADTs in Hoare Type Theory
Aleksandar Nanevski, Amal Ahmed, Greg Morrisett, Lars Birkedal. ESOP 2007.
Adding abstract predicates to HTT.
-
Hoare Type Theory, Polymorphism and Separation
Aleksandar Nanevski, Greg Morrisett and Lars Birkedal. JFP 2007.
Journal version of the ICFP 2006 paper.
-
Polymorphism and Separation in Hoare Type Theory
Aleksandar Nanevski, Greg Morrisett and Lars Birkedal. ICFP 2006.
The first paper containing a (very impoverished) definition of HTT.