Abstract
Previous work on rewriting and reachability logic establishes a vision for a language-agnostic program verifier, which takes three inputs: a program, its formal specification, and the formal semantics of the programming language in which the program is written. The verifier then uses a language-agnostic verification algorithm to prove the program correct with respect to the specification and the formal language semantics. Such a complex verifier can easily have bugs. This paper proposes a method to certify the correctness of each successful verification run by generating a proof certificate. The proof certificate can be checked by a small proof checker. The preliminary experiments apply the method to generate proof certificates for program verification in an imperative language, a functional language, and an assembly language, showing that the proposed method is language-agnostic.
Supplemental Material
Available for Download
The attached PDF file contains appendices of the paper.
- Mike Barnett, Bor-Yuh Evan Chang, Robert DeLine, Bart Jacobs, and K. Rustan M. Leino. 2006. Boogie: A Modular Reusable Verifier for Object-Oriented Programs. In Formal Methods for Components and Objects, Frank S. de Boer, Marcello M. Bonsangue, Susanne Graf, and Willem-Paul de Roever (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 364–387. isbn:978-3-540-36750-5 https://doi.org/10.1007/11804192_17
Google Scholar
Digital Library
- Clark Barrett, Leonardo De Moura, and Pascal Fontaine. 2015. Proofs in satisfiability modulo theories. Available at. http://leodemoura.github.io/files/SMTProofs.pdf All about proofs, Proofs for all, 55, 1 (2015), 23–44.
Google Scholar
- Sandrine Blazy and Xavier Leroy. 2009. Mechanized semantics for the Clight subset of the C language. Journal of Automated Reasoning, 43, 3 (2009), 263–288. https://doi.org/10.1007/s10817-009-9148-3
Google Scholar
Cross Ref
- Denis Bogdănaş and Grigore Roşu. 2015. K-Java: A complete semantics of Java. In Proceedings of the 42 nd Symposium on Principles of Programming Languages (POPL’15). ACM, Mumbai, India. 445–456. https://doi.org/10.1145/2775051.2676982
Google Scholar
Digital Library
- Mario Carneiro. 2020. Metamath Zero: Designing a Theorem Prover Prover. In Intelligent Computer Mathematics, Christoph Benzmüller and Bruce Miller (Eds.). Springer International Publishing, Cham. 71–88. isbn:978-3-030-53518-6 https://doi.org/10.1007/978-3-030-53518-6_5
Google Scholar
Digital Library
- Xiaohong Chen, Zhengyao Lin, Minh-Thai Trinh, and Grigore Roşu. 2021. Towards a Trustworthy Semantics-Based Language Framework via Proof Generation. In Proceedings of the 33 rd International Conference on Computer-Aided Verification. ACM, Virtual. 22 pages. https://doi.org/10.1007/978-3-030-81688-9_23
Google Scholar
Digital Library
- Xiaohong Chen, Dorel Lucanu, and Grigore Roşu. 2020. Initial algebra semantics in matching logic. University of Illinois at Urbana-Champaign. http://hdl.handle.net/2142/107781
Google Scholar
- Xiaohong Chen, Dorel Lucanu, and Grigore Roşu. 2021. Matching logic explained. Journal of Logical and Algebraic Methods in Programming, 120 (2021), 1–36. https://doi.org/10.1016/j.jlamp.2021.100638
Google Scholar
Cross Ref
- Xiaohong Chen and Grigore Roşu. 2019. Matching μ -logic. In Proceedings of the 34 th Annual ACM/IEEE Symposium on Logic in Computer Science (LICS’19). IEEE, Vancouver, Canada. 1–13. https://doi.org/10.1109/LICS.2019.8785675
Google Scholar
Cross Ref
- Xiaohong Chen and Grigore Roşu. 2019. Matching μ -logic. University of Illinois at Urbana-Champaign. http://hdl.handle.net/2142/102281
Google Scholar
- Xiaohong Chen and Grigore Roşu. 2020. A general approach to define binders using matching logic. In Proceedings of the 25 th ACM SIGPLAN International Conference on Functional Programming (ICFP’20). ACM, New Jersey, USA. 1–32. https://doi.org/10.1145/3408970
Google Scholar
Digital Library
- Coq Team. 2021. Coq GitHub Repository. https://github.com/coq/coq
Google Scholar
- Coq Team. 2021. The Coq proof assistant. http://coq.inria.fr
Google Scholar
- Andrei Ştefănescu, Ştefan Ciobâcă, Radu Mereuţă, Brandon M. Moore, Traian Florin Şerbănuţă, and Grigore Roşu. 2014. All-path reachability logic. In Proceedings of the Joint 25 th International Conference on Rewriting Techniques and Applications and 12 th International Conference on Typed Lambda Calculi and Applications (RTA-TLCA’14). 8560, Springer, Vienna, Austria. 425–440. https://doi.org/10.1007/978-3-319-08918-8_29
Google Scholar
Cross Ref
- Andrei Ştefănescu, Daejun Park, Shijiao Yuwen, Yilong Li, and Grigore Roşu. 2016. Semantics-based program verifiers for all languages. In Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA’16). ACM, Amsterdam, Netherlands. 74–91. isbn:978-1-4503-4444-9 https://doi.org/10.1145/3022671.2984027
Google Scholar
Digital Library
- Sandeep Dasgupta, Daejun Park, Theodoros Kasampalis, Vikram S. Adve, and Grigore Roşu. 2019. A complete formal semantics of x86-64 user-level instruction set architecture. In Proceedings of the 40 th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI’19). ACM, Phoenix, Arizona, USA. 1133–1148. https://doi.org/10.1145/3314221.3314601
Google Scholar
Digital Library
- Leonardo De Moura and Nikolaj Bjørner. 2008. Z3: An efficient SMT solver. In Proceedings of the 14 th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS’08). 4963, Springer, Budapest, Hungary. 337–340. https://doi.org/10.1007/978-3-540-78800-3_24
Google Scholar
Cross Ref
- Chucky Ellison and Grigore Rosu. 2012. An executable formal semantics of C with applications. ACM SIGPLAN Notices, 47, 1 (2012), 533–544. https://doi.org/10.1145/2103621.2103719
Google Scholar
Digital Library
- Jean-Christophe Filliâtre and Andrei Paskevich. 2013. Why3 — Where Programs Meet Provers. In Programming Languages and Systems, Matthias Felleisen and Philippa Gardner (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 125–128. isbn:978-3-642-37036-6 https://doi.org/10.1007/978-3-642-37036-6_8
Google Scholar
Digital Library
- Quentin Garchery. 2021. A Framework for Proof-carrying Logical Transformations. Electronic Proceedings in Theoretical Computer Science, 336 (2021), July, 5–23. https://doi.org/10.4204/eptcs.336.2
Google Scholar
Cross Ref
- Joseph Goguen, James Thatcher, Eric Wagner, and Jesse Wright. 1977. Initial algebra semantics and continuous algebras. Journal of the ACM, 24, 1 (1977), 68–95. https://doi.org/10.1145/321992.321997
Google Scholar
Digital Library
- Dwight Guth. 2013. A formal semantics of Python 3.3. University of Illinois at Urbana-Champaign. http://hdl.handle.net/2142/45275
Google Scholar
- Dwight Guth, Chris Hathhorn, Manasvi Saxena, and Grigore Roşu. 2016. RV-Match: Practical semantics-based program analysis. In Proceedings of the 28 th International Conference on Computer Aided Verification (CAV’16). 9779, Springer, Toronto, Ontario, Canada. 447–453. https://doi.org/10.1007/978-3-319-41528-4_24
Google Scholar
Cross Ref
- Richard Guy. 2004. Unsolved problems in number theory. 1, Springer Science & Business Media, Berlin, Heidelberg. https://doi.org/10.1007/978-0-387-26677-0
Google Scholar
Cross Ref
- Robert Harper, David MacQueen, and Robin Milner. 1986. Standard ML. Department of Computer Science, University of Edinburgh, Edinburgh, UK. http://www.lfcs.inf.ed.ac.uk/reports/86/ECS-LFCS-86-2/
Google Scholar
- Joseph D Hendrix. 2008. Decision procedures for equationally based reasoning. Ph. D. Dissertation. University of Illinois at Urbana-Champaign. http://hdl.handle.net/2142/11487
Google Scholar
- Everett Hildenbrandt, Manasvi Saxena, Xiaoran Zhu, Nishant Rodrigues, Philip Daian, Dwight Guth, Brandon Moore, Yi Zhang, Daejun Park, Andrei Ştefănescu, and Grigore Roşu. 2018. KEVM: A complete semantics of the Ethereum virtual machine. In Proceedings of the 2018 IEEE Computer Security Foundations Symposium (CSF’18). IEEE, Oxford, UK. 204–217. https://doi.org/10.1109/CSF.2018.00022
Google Scholar
Cross Ref
- C. A. R. Hoare. 1969. An axiomatic basis for computer programming. Commun. ACM, 12, 10 (1969), 576–580. https://doi.org/10.1145/363235.363259
Google Scholar
Digital Library
- Isabelle Team. 2021. Isabelle. https://isabelle.in.tum.de/
Google Scholar
- Bart Jacobs, Jan Smans, Pieter Philippaerts, Frédéric Vogels, Willem Penninckx, and Frank Piessens. 2011. VeriFast: A Powerful, Sound, Predictable, Fast Verifier for C and Java. In NASA Formal Methods, Mihaela Bobaru, Klaus Havelund, Gerard J. Holzmann, and Rajeev Joshi (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 41–55. isbn:978-3-642-20398-5 https://doi.org/10.1007/978-3-642-20398-5_4
Google Scholar
Cross Ref
- K Team. 2022. K framework Haskell backend. https://github.com/kframework/kore
Google Scholar
- K Team. 2022. Matching logic proof checker. GitHub page. https://github.com/kframework/proof-generation See
Google Scholar
- Theodoros Kasampalis, Daejun Park, Zhengyao Lin, Vikram S Adve, and Grigore Roşu. 2021. Language-parametric compiler validation with application to LLVM. In Proceedings of the 26 th ACM International Conference on Architectural Support for Programming Languages and Operating Systems. ACM New York, NY, USA, Virtual. 1004–1019. https://doi.org/10.1145/3445814.3446751
Google Scholar
Digital Library
- Dexter Kozen. 1983. Results on the propositional μ -calculus. Theoretical Computer Science, 27, 3 (1983), 333–354. isbn:978-3-540-39308-5 https://doi.org/10.1016/0304-3975(82)90125-6
Google Scholar
Cross Ref
- Ramana Kumar, Magnus O Myreen, Michael Norrish, and Scott Owens. 2014. CakeML: a verified implementation of ML. ACM SIGPLAN Notices, 49, 1 (2014), 179–191. https://doi.org/10.1145/2578855.2535841
Google Scholar
Digital Library
- Xavier Leroy. 2020. The CompCert verified compiler, software and commented proof. Available at. https://compcert.org/
Google Scholar
- Raph Levien and David A. Wheeler. 2019. Metamath Verifier in Python. https://github.com/david-a-wheeler/mmverify.py
Google Scholar
- Liyi Li and Elsa Gunter. 2020. K-LLVM: A Relatively Complete Semantics of LLVM IR. In Proceedings of the 34 th European Conference on Object-Oriented Programming (ECOOP 2020). ACM New York, NY, USA, Virtual. 1–29. https://doi.org/10.4230/LIPIcs.ECOOP.2020.7
Google Scholar
Cross Ref
- Zhengyao Lin, Xiaohong Chen, Minh-Thai Trinh, John Wang, and Grigore Roşu. 2022. K Proof Generation Tool Repository. https://github.com/kframework/proof-generation
Google Scholar
- Zhengyao Lin, Xiaohong Chen, Minh-Thai Trinh, John Wang, and Grigore Roşu. 2023. Generating Proof Certificates for a Language-Agnostic Deductive Program Verifier. https://doi.org/10.5281/zenodo.7503088
Google Scholar
Digital Library
- Qingzhou Luo, Yi Zhang, Choonghwan Lee, Dongyun Jin, Patrick O’Neil Meredith, Traian Florin Şerbănuţă, and Grigore Roşu. 2014. RV-Monitor: Efficient parametric runtime verification with simultaneous properties. In Proceedings of the 5 th International Conference on Runtime Verification (RV’14). Springer International Publishing, Toronto, Canada. 285–300. https://doi.org/10.1007/978-3-319-11164-3_24
Google Scholar
Cross Ref
- Norman Megill and David A. Wheeler. 2019. Metamath: a computer language for mathematical proofs. Available at. http://us.metamath.org/downloads/metamath.pdf
Google Scholar
- George C Necula and Peter Lee. 2000. Proof generation in the Touchstone theorem prover. In Proceedings of the 17 th International Conference on Automated Deduction. Springer-VerlagBerlin, Heidelberg, Pittsburgh, Pennsylvania, USA. 25–44. https://doi.org/10.1007/10721959_3
Google Scholar
Cross Ref
- Stefan O’Rear and Mario Carneiro. 2019. Metamath Verifier in Rust. https://github.com/sorear/smetamath-rs
Google Scholar
- Daejun Park, Andrei Ştefănescu, and Grigore Roşu. 2015. KJS: A complete formal semantics of JavaScript. In Proceedings of the 36 th annual ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI’15). ACM, Portland, OR. 346–356. https://doi.org/10.1145/2737924.2737991
Google Scholar
Digital Library
- Gaurav Parthasarathy, Peter Müller, and Alexander J. Summers. 2021. Formally Validating a Practical Verification Condition Generator. In Computer Aided Verification, Alexandra Silva and K. Rustan M. Leino (Eds.). Springer International Publishing, Cham. 704–727. isbn:978-3-030-81688-9 https://doi.org/10.1007/978-3-030-81688-9_33
Google Scholar
Digital Library
- Gordon D. Plotkin. 1977. LCF considered as a programming language. Theoretical computer science, 5, 3 (1977), 223–255. https://doi.org/10.1016/0304-3975(77)90044-5
Google Scholar
Cross Ref
- A. Pnueli, M. Siegel, and E. Singerman. 1998. Translation validation. In Tools and Algorithms for the Construction and Analysis of Systems, Bernhard Steffen (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg. 151–166. isbn:978-3-540-69753-4 https://doi.org/10.1007/BFb0054170
Google Scholar
Cross Ref
- Grigore Roşu. 2017. Matching logic. Logical Methods in Computer Science, 13, 4 (2017), 1–61. https://doi.org/10.23638/LMCS-13(4:28)2017
Google Scholar
Cross Ref
- Grigore Roşu, Andrei Ştefănescu, Ştefan Ciobâcă, and Brandon M. Moore. 2013. One-path reachability logic. In Proceedings of the 28 th Symposium on Logic in Computer Science (LICS’13). IEEE, New Orleans, USA. 358–367. https://doi.org/10.1109/LICS.2013.42
Google Scholar
Digital Library
- Grigore Roşu, Andrei Ştefănescu, Ştefan Ciobâcă, and Brandon M. Moore. 2012. Reachability Logic. University of Illinois at Urbana-Champaign. http://hdl.handle.net/2142/32952
Google Scholar
- Grigore Roşu and Wolfram Schulte. 2009. Matching logic—extended report. University of Illinois at Urbana-Champaign. https://fsl.cs.illinois.edu/publications/rosu-schulte-2009-tr.pdf
Google Scholar
- Joseph R. Shoenfield. 1967. Mathematical logic. Addison-Wesley Pub. Co, Boston, United States. isbn:1-56881-135-7
Google Scholar
- Konrad Slind and Michael Norrish. 2008. A brief overview of HOL4. In International Conference on Theorem Proving in Higher Order Logics. Springer-Verlag Berlin Heidelberg, Montreal, Canada. 28–32. https://doi.org/10.1007/978-3-540-71067-7_6
Google Scholar
Digital Library
- Aaron Stump, Duckki Oe, Andrew Reynolds, Liana Hadarean, and Cesare Tinelli. 2013. SMT proof checking using a logical framework. Formal Methods in System Design, 42, 1 (2013), 91–118. https://doi.org/10.1007/s10703-012-0163-3
Google Scholar
Digital Library
- SV-COMP. 2021. Benchmark for SV-COMP. https://gitlab.com/sosy-lab/benchmarking/sv-benchmarks
Google Scholar
- Alfred Tarski. 1955. A lattice-theoretical fixpoint theorem and its applications. Pacific J. Math., 5, 2 (1955), 285–309.
Google Scholar
Cross Ref
- Tukaani Team. 2021. XZ Utils. https://tukaani.org/xz/
Google Scholar
- John Wang. 2022. Metamath proof checker in Rust. GitHub page. https://github.com/kframework/rust-metamath
Google Scholar
- Stefan Wils and Bart Jacobs. 2021. Certifying C program correctness with respect to CompCert with VeriFast. https://doi.org/10.48550/ARXIV.2110.11034
Google Scholar
Index Terms
Generating Proof Certificates for a Language-Agnostic Deductive Program Verifier
Recommendations
Semantics-based program verifiers for all languages
OOPSLA 2016: Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and ApplicationsWe present a language-independent verification framework that can be instantiated with an operational semantics to automatically generate a program verifier. The framework treats both the operational semantics and the program correctness specifications ...
Semantics-based program verifiers for all languages
OOPSLA '16We present a language-independent verification framework that can be instantiated with an operational semantics to automatically generate a program verifier. The framework treats both the operational semantics and the program correctness specifications ...
Action Language verifier: an infinite-state model checker for reactive software specifications
Action Language is a specification language for reactive software systems. In this paper, we present the syntax and the semantics of the Action Language and we also present an infinite-state symbolic model checker called Action Language Verifier (ALV) ...






Comments