Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
124 tokens/sec
GPT-4o
8 tokens/sec
Gemini 2.5 Pro Pro
47 tokens/sec
o3 Pro
5 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Refinement Proofs in Rust Using Ghost Locks (2311.14452v1)

Published 24 Nov 2023 in cs.LO

Abstract: Refinement transforms an abstract system model into a concrete, executable program, such that properties established for the abstract model carry over to the concrete implementation. Refinement has been used successfully in the development of substantial verified systems. Nevertheless, existing refinement techniques have limitations that impede their practical usefulness. Some techniques generate executable code automatically, which generally leads to implementations with sub-optimal performance. Others employ bottom-up program verification to reason about efficient implementations, but impose strict requirements on the structure of the code, the structure of the refinement proofs, as well as the employed verification logic and tools. In this paper, we present a novel refinement technique that removes these limitations. It supports a wide range of program structures, data representations, and proof structures. Our approach supports reasoning about both safety and liveness properties. We implement our approach in a state-of-the-art verifier for the Rust language, which itself offers a strong foundation for memory safety. We demonstrate the practicality of our approach on a number of substantial case studies.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (44)
  1. Position paper: the science of deep specification. Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences 375, 2104 (2017), 20160331.
  2. Leveraging Rust types for modular specification and verification. Proceedings of the ACM on Programming Languages 3, OOPSLA (2019), 1–30.
  3. Iron: Managing obligations in higher-order concurrent separation logic. Proceedings of the ACM on Programming Languages 3, POPL (2019), 1–30.
  4. Pontus Boström and Peter Müller. 2015. Modular Verification of Finite Blocking in Non-terminating Programs. In 29th European Conference on Object-Oriented Programming. 639.
  5. VST-Floyd: A separation logic tool to verify correctness of C programs. Journal of Automated Reasoning 61 (2018), 367–422.
  6. Verifying safety properties with the TLA+ proof system. In Automated Reasoning: 5th International Joint Conference, IJCAR 2010, Edinburgh, UK, July 16-19, 2010. Proceedings 5. Springer, 142–148.
  7. Local verification of global invariants in concurrent programs. In Computer Aided Verification: 22nd International Conference, CAV 2010, Edinburgh, UK, July 15-19, 2010. Proceedings 22. Springer, 480–494.
  8. C aper: automatic verification for fine-grained concurrency. In Programming Languages and Systems: 26th European Symposium on Programming, ESOP 2017, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2017, Uppsala, Sweden, April 22–29, 2017, Proceedings 26. Springer, 420–447.
  9. Concurrent abstract predicates. In ECOOP 2010–Object-Oriented Programming: 24th European Conference, Maribor, Slovenia, June 21-25, 2010. Proceedings 24. Springer, 504–528.
  10. Gidon Ernst and Alexander Weigl. 2023. 2nd VerifyThis Long-term Challenge: Specifying and Verifying a Real-life Remote Key-Value Cache (memcached). (2023).
  11. Brad Fitzpatrick. 2004. Distributed caching with memcached. Linux journal 2004, 124 (2004), 5.
  12. Robert W Floyd. 1993. Assigning meanings to programs. In Program Verification: Fundamental Issues in Computer Science. Springer, 65–81.
  13. Jafar Hamin and Bart Jacobs. 2019. Transferring obligations through synchronizations. In 33rd European Conference on Object-Oriented Programming (ECOOP 2019), Vol. 134. Dagstuhl LIPIcs; Dagstuhl, Germany, 19–1.
  14. Travis Hance. 2022. Verus Transition Systems. https://verus-lang.github.io/verus/state_machines/. Accessed: 2023-11-15.
  15. Sharding the State Machine: Automated Modular Reasoning for Complex Concurrent Systems. In 17th USENIX Symposium on Operating Systems Design and Implementation (OSDI 23). USENIX Association, Boston, MA, 911–929. https://www.usenix.org/conference/osdi23/presentation/hance
  16. IronFleet: proving practical distributed systems correct. In Proceedings of the 25th Symposium on Operating Systems Principles. 1–17.
  17. Automated and modular refinement reasoning for concurrent programs. In International Conference on Computer Aided Verification. Springer, 449–465.
  18. Maurice P Herlihy and Jeannette M Wing. 1990. Linearizability: A correctness condition for concurrent objects. ACM Transactions on Programming Languages and Systems (TOPLAS) 12, 3 (1990), 463–492.
  19. ISO. 2021. International Standard ISO/IEC 14882:2020(E) – Programming Language C++. International Organization for Standardization (ISO), Geneva, Switzerland.
  20. A quick tour of the VeriFast program verifier. In Programming Languages and Systems: 8th Asian Symposium, APLAS 2010, Shanghai, China, November 28-December 1, 2010. Proceedings 8. Springer, 304–311.
  21. seL4: Formal verification of an OS kernel. In Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles. 207–220.
  22. From C to interaction trees: specifying, verifying, and testing a networked server. In Proceedings of the 8th ACM SIGPLAN International Conference on Certified Programs and Proofs. 234–248.
  23. Refinement for Structured Concurrent Programs. In Computer Aided Verification (CAV) (Lecture Notes in Computer Science, Vol. 12224), Shuvendu K. Lahiri and Chao Wang (Eds.). Springer, 275–298.
  24. Markus A Kuppe. 2017. A Verified and Scalable Hash Table for the TLC Model Checker. Master’s thesis. University of Hamburg.
  25. Leslie Lamport. 1998. The Part-Time Parliament. ACM Transactions on Computer Systems 16, 2 (1998), 133–169.
  26. K. Rustan M. Leino. 2010. Dafny: An Automatic Program Verifier for Functional Correctness. In Logic for Programming, Artificial Intelligence, and Reasoning (LPAR) (Lecture Notes in Computer Science, Vol. 6355), Edmund M. Clarke and Andrei Voronkov (Eds.). Springer, 348–370.
  27. Deadlock-free channels and locks. In Programming Languages and Systems: 19th European Symposium on Programming, ESOP 2010, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2010, Paphos, Cyprus, March 20-28, 2010. Proceedings 19. Springer, 407–426.
  28. Xavier Leroy. 2006. Formal certification of a compiler back-end or: programming a compiler with a proof assistant. In Conference record of the 33rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. 42–54.
  29. Chapar: certified causally consistent distributed key-value stores. In Principles of Programming Languages (POPL), Rastislav Bodík and Rupak Majumdar (Eds.). ACM, 357–370.
  30. Richard J Lipton. 1975. Reduction: A method of proving properties of parallel programs. Commun. ACM 18, 12 (1975), 717–721.
  31. Generating Correct-by-Construction Distributed Implementations from Formal Maude Designs. In NASA Formal Methods (Lecture Notes in Computer Science, Vol. 12229), Ritchie Lee, Susmit Jha, and Anastasia Mavridou (Eds.). Springer, 22–40.
  32. Armada: low-effort verification of high-performance concurrent programs. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation. 197–210.
  33. Zohar Manna and Amir Pnueli. 1991. Completing the temporal picture. Theoretical Computer Science 83, 1 (1991), 97–130.
  34. Nicholas D. Matsakis and Felix S. Klock. 2014. The Rust language. ACM SIGAda Ada Letters 34, 3 (Nov 2014), 103–104. https://doi.org/10.1145/2692956.2663188
  35. Viper: A verification infrastructure for permission-based reasoning. In Verification, Model checking, and Abstract interpretation (VMCAI). Springer, 41–62.
  36. Wytse Oortwijn and Marieke Huisman. 2019. Practical Abstractions for Automated Verification of Message Passing Concurrency. In Integrated Formal Methods (iFM) (Lecture Notes in Computer Science, Vol. 11918), Wolfgang Ahrendt and Silvia Lizeth Tapia Tarifa (Eds.). Springer, 399–417.
  37. Sound, Modular and Compositional Verification of the Input/Output Behavior of Programs. In European Symposium on Programming (ESOP) (Lecture Notes in Computer Science, Vol. 9032), Jan Vitek (Ed.). Springer, 158–182.
  38. Amir Pnueli. 1977. The temporal logic of programs. In 18th Annual Symposium on Foundations of Computer Science (sfcs 1977). ieee, 46–57.
  39. Velisarios: Byzantine Fault-Tolerant Protocols Powered by Coq. In European Symposium on Programming (ESOP) (Lecture Notes in Computer Science, Vol. 10801), Amal Ahmed (Ed.). Springer, 619–650.
  40. Programming and proving with distributed protocols. PACMPL 2, POPL (2018), 28:1–28:30.
  41. Igloo: Soundly linking compositional refinement and separation logic for distributed system verification. Proceedings of the ACM on Programming Languages 4, OOPSLA (2020), 1–31.
  42. Trillium: Unifying refinement and higher-order distributed separation logic. arXiv preprint arXiv:2109.07863 (2021).
  43. Planning for change in a formal verification of the Raft consensus protocol. In Certified Programs and Proofs (CPP), Jeremy Avigad and Adam Chlipala (Eds.). 154–165.
  44. Interaction trees: representing recursive and impure programs in Coq. Proc. ACM Program. Lang. 4, POPL (2020), 51:1–51:32.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now