For documentation on how to use Pulse, see https://fstar-lang.org/tutorial/book/pulse/pulse.html#pulse-proof-oriented-programming-in-concurrent-separation-logic
This repository has been designed to closely follow the Filesystem Hierarchy Standard (FHS), so that it can be used the same way in all the following cases:
- direct use of the Pulse repository clone
- installation into a FHS-like hierarchy (e.g.
/usr/local) - installation as an opam package, using the opam package manager for OCaml
In all cases, a Pulse installation (or the Pulse repository clone) is laid out as follows:
-
in
lib/pulse:- the theoretical foundations of Pulse, in
core(namespacePulseCore) - the interface powering the Pulse DSL,
Pulse.Main.fsti - the Pulse standard library, in
lib(namespacePulse.Lib), with some subdirectories for typeclasses (inclass, namespacePulse.Class) and pledges (inpledge), and for the OCaml runtime implementation of Pulse references, etc. (inml) - the Pulse F* plugin,
pulse.cmxs, containing the Pulse tactics, and the Pulse and PulseC extraction to krml, is installed here - the PulseC F* modules of the
Pulse.Cnamespace (inc)
- the theoretical foundations of Pulse, in
-
in
share/pulse:Makefile.include, the GNU Make rules to verify Pulse code
In addition, share/pulse/examples also contains all examples and
tests, but those are not installed as of now.
The only exception is Pulse2Rust, which is still in its own directory, and is not installed as of now, due to its dependency on the Rust toolchain.
- Z3 4.8.5 exactly
- OCaml 4.10 or higher
- GNU Make
- A GCC-compatible compiler
- F* 2023.04.15 or higher (installed via opam or via its source. A binary package is unlikely to work, since Pulse needs to dynamically load a plugin.)
- Karamel, but only if you are interested in extracting to C. If you are only interested in verifying Pulse code, or extracting to OCaml, then Karamel is not needed.
- Make sure
fstar.exeis in yourPATH. If F* was installed with opam, you may need to runeval $(opam env). If F* is not in yourPATH, set theFSTAR_HOMEenvironment variable to the directory where F* was installed (or to the F* source tree), so that the F* executable should be in$FSTAR_HOME/bin/fstar.exe. - Run
make -j
- Follow the instructions above to build Pulse from the source.
- Install with
PREFIX=<your prefix> make -j install. By default,PREFIXwill be set to/usr/local, as per the UNIX custom.
-
Clone the F* repository and install F* with
opam install <path to FStar>/./fstar.opam. This will build F* and all of its dependencies (including Z3)(Right now the F* release on the opam package repository is too old. Once version 2023.04.15 or later is made available on the opam repository, cloning the F* repository will no longer be necessary, and
opam install fstarshould be enough for this step.) -
Build and install Pulse with
opam install ./pulse.opam
Pulse comes with share/pulse/Makefile.include (which is also
properly installed by make install or via opam), which contains the
GNU Make rules to call F* with the Pulse include path and the Pulse
plugin loaded.
-
Make sure
fstar.exeis in yourPATH. If F* was installed with opam, you may need to runeval $(opam env). Alternatively, instead of having F* in yourPATH, you can also set theFSTAR_HOMEenvironment variable to the directory where F* was installed (or to the F* source tree), so that the F* executable should be in$FSTAR_HOME/bin/fstar.exe. -
Define the
PULSE_HOMEenvironment variable. This should be one of the following:- If used directly from source: The root directory of your clone of the Pulse repository
- If installed with
make install: The PREFIX directory used when installing Pulse - If installed with
opam: The prefix directory of the opam switch where Pulse was installed, obtained withopam config var prefix
-
(Optional) In your Makefile, define the following variables with
+=or:=:SRC_DIRS: the directories containing the source.fstand.fstifiles of your project, in addition to the current directory.FSTAR_FILES: the F* files to verify. By default, those are the*.fstand*.fstifiles from the directories inSRC_DIRSINCLUDE_PATHS: the paths to include for verification with F*'s--includeoption. By default, those are the Pulse library include paths andSRC_DIRS.- If you want to use PulseC, add
$PULSE_HOME/lib/pulse/cto this variable.
- If you want to use PulseC, add
ALREADY_CACHED_LIST: the comma-separated list of namespaces that are assumed to be already cached. By defaultPrims,FStar,PulseCore,Pulse, but if all of your source files are in the same namespace, you can override this variable with something like*,-MyNamespaceOTHERFLAGS: additional options to pass to F*.FSTAR_DEP_OPTIONS: additional options to pass to F* to compute dependencies (in addition toFSTAR_OPTIONS), such as--extractFSTAR_ML_CODEGEN: useful only if you want to extract OCaml code. If you want to extract a F* plugin, set this option toPlugin. Otherwise, it is set by default toOCaml.
-
After those variable definitions, insert
include $PULSE_HOME/share/pulse/Makefile.includeto your Makefile. -
In your project directory, run
make -j verify
If you already have an existing Makefile for your Pulse-based
project, you now need to pass new options to your Makefile to use
Pulse from this repository, as described in this section.
To call F* with Pulse:
- Make sure F* and Pulse are properly located, following steps 1 and 2 above.
- Pass the following options to F*:
- in all cases,
--include $PULSE_HOME/lib/pulse - if you want to use PulseC, add
--include $PULSE_HOME/lib/pulse/c
- in all cases,
The rule to extract *.krml files is already in the
share/pulse/Makefile.include file distributed and installed with
Pulse. To learn how to run Karamel, you can have a look at the
PulseCPointStruct example in share/pulse/examples/Makefile.
The rule to extract *.ml files is already in the
share/pulse/Makefile.include file distributed and installed with
Pulse. TODO: add a compilation example for OCaml.
If you want to contribute to Pulse, please read CONTRIBUTING.md