Section: New Results

Program verification and formal languages

Participant : Arthur Charguéraud.

• A. Charguéraud and François Pottier (Inria Paris) extended their formalization of the correctness and asymptotic complexity of the classic Union Find data structure, which features the bound expressed in terms of the inverse Ackermann function. The proof, conducted using CFML extended with time credits, was refined using a slightly more complex potential function, allowing to derive a simpler and richer interface for the data structure. This work appeared in the Journal of Automated Reasoning (JAR) [9].

• A. Charguéraud and F. Pottier have developed an extension of Separation Logic with temporary read-only permissions. This mechanism allows to temporarily convert any assertion (or “permission”) to a read-only form. Unlike with fractional permissions, no accounting is required: the proposed read-only permissions can be freely duplicated and discarded. Where mutable data structures are temporarily accessed only for reading, the proposed read-only permissions enable more concise specifications and proofs. All the metatheory is verified in Coq. An article was presented at ESOP [14].

• Armaël Guéneau, PhD student advised by A. Charguéraud and F. Pottier, has developed a Coq library formalizing the asymptotic notation (big-$O$), and has developed an extension of the CFML verification tool to allow specifying the asymptotic complexity of higher-order, imperative programs. This new feature has been tested on several classic examples of complexity analyses, including: nested loops in $O\left(n^3\right)$ and $O\left(nm\right)$, selection sort in $O\left(n^2\right)$, recursive functions in $O\left(n\right)$ and $O\left(2^n\right)$, binary search in $O(logn)$, and Union-Find in $O\left(\alpha \right(n\left)\right)$. A paper was submitted paper to an international conference.

• A. Charguéraud has made progress towards CFML 2.0, a reimplementation of CFML entirely inside Coq. In contrast, the initial version of CFML, developed in A. Charguéraud's PhD thesis, is based on an external tool that parses OCaml source code and produces Coq axioms describing their semantics. The new version will remove the need for axioms, thereby further reducing the trusted code base. Furthermore, CFML 2.0 provides a more general memory model, designed to also accomodate formal reasoning about C-style programs, in future work. In passing, A. Charguéraud performed a complete cleanup of the TLC Coq library, which is used extensively by CFML, leading to the beta release of TLC 2.0.

• A. Charguéraud, together with Alan Schmitt (Inria Rennes) and Thomas Wood (Imperial College), developed an interactive debugger for JavaScript. The interface, accessible as a webpage in a browser, allows to execute a given JavaScript program, following step by step the formal specification of JavaScript developed in prior work on JsCert [31]. Concretely, the tool acts as a double-debugger: one can visualize both the state of the interpreted program and the state of the interpreter program. This tool is intended for the JavaScript committee, VM developers, and other experts in JavaScript semantics. A paper describing the tool has been submitted, and the tool has been presented to the JavaScript standardization committee (ECMA) in November 2017.