Iteratively Composing Statically Verified Traits
share
Metaprogramming is often used to programmatically generate faster specialised code when some parameters are known in advance. To use metaprogramming and SV together, we could generate code containing contracts, and such code could be checked after metaprogramming has been completed. SV could then be applied to the code resulting from the metaprogramming to ensure it is correct. However this could be very time consuming, since it would require verifying all the generated code from scratch. Even worse, since SV is unpredictable, there would be no guarantee that the result of a given metaprogram will be verifiable, even if its result is correct by construction. We extend the disciplined form of metaprogramming of Servetto & Zucca, which is based on trait composition and adaptation. Here a Trait is a unit of code: a set of method declarations with pre/post-conditions. They are well-typed and correct. Traits directly written in the source code are proven correct by SV. The composition and adaptation of Traits is carefully defined to preserve correctness. Metaprogramming cannot generate code directly, code is only generated by composing and adapting traits, thus generated code is also correct. However generated code may not be able to pass SV, since theorem provers are not complete.
READ FULL TEXT