skip to main content

Generating Proof Certificates for a Language-Agnostic Deductive Program Verifier

Published:06 April 2023Publication History
Skip Abstract Section

Abstract

Previous work on rewriting and reachability logic establishes a vision for a language-agnostic program verifier, which takes three inputs: a program, its formal specification, and the formal semantics of the programming language in which the program is written. The verifier then uses a language-agnostic verification algorithm to prove the program correct with respect to the specification and the formal language semantics. Such a complex verifier can easily have bugs. This paper proposes a method to certify the correctness of each successful verification run by generating a proof certificate. The proof certificate can be checked by a small proof checker. The preliminary experiments apply the method to generate proof certificates for program verification in an imperative language, a functional language, and an assembly language, showing that the proposed method is language-agnostic.

Skip Supplemental Material Section

Supplemental Material

References

  1. Mike Barnett, Bor-Yuh Evan Chang, Robert DeLine, Bart Jacobs, and K. Rustan M. Leino. 2006. Boogie: A Modular Reusable Verifier for Object-Oriented Programs. In Formal Methods for Components and Objects, Frank S. de Boer, Marcello M. Bonsangue, Susanne Graf, and Willem-Paul de Roever (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 364–387. isbn:978-3-540-36750-5 https://doi.org/10.1007/11804192_17 Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Clark Barrett, Leonardo De Moura, and Pascal Fontaine. 2015. Proofs in satisfiability modulo theories. Available at. http://leodemoura.github.io/files/SMTProofs.pdf All about proofs, Proofs for all, 55, 1 (2015), 23–44. Google ScholarGoogle Scholar
  3. Sandrine Blazy and Xavier Leroy. 2009. Mechanized semantics for the Clight subset of the C language. Journal of Automated Reasoning, 43, 3 (2009), 263–288. https://doi.org/10.1007/s10817-009-9148-3 Google ScholarGoogle ScholarCross RefCross Ref
  4. Denis Bogdănaş and Grigore Roşu. 2015. K-Java: A complete semantics of Java. In Proceedings of the 42 nd Symposium on Principles of Programming Languages (POPL’15). ACM, Mumbai, India. 445–456. https://doi.org/10.1145/2775051.2676982 Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Mario Carneiro. 2020. Metamath Zero: Designing a Theorem Prover Prover. In Intelligent Computer Mathematics, Christoph Benzmüller and Bruce Miller (Eds.). Springer International Publishing, Cham. 71–88. isbn:978-3-030-53518-6 https://doi.org/10.1007/978-3-030-53518-6_5 Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Xiaohong Chen, Zhengyao Lin, Minh-Thai Trinh, and Grigore Roşu. 2021. Towards a Trustworthy Semantics-Based Language Framework via Proof Generation. In Proceedings of the 33 rd International Conference on Computer-Aided Verification. ACM, Virtual. 22 pages. https://doi.org/10.1007/978-3-030-81688-9_23 Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Xiaohong Chen, Dorel Lucanu, and Grigore Roşu. 2020. Initial algebra semantics in matching logic. University of Illinois at Urbana-Champaign. http://hdl.handle.net/2142/107781 Google ScholarGoogle Scholar
  8. Xiaohong Chen, Dorel Lucanu, and Grigore Roşu. 2021. Matching logic explained. Journal of Logical and Algebraic Methods in Programming, 120 (2021), 1–36. https://doi.org/10.1016/j.jlamp.2021.100638 Google ScholarGoogle ScholarCross RefCross Ref
  9. Xiaohong Chen and Grigore Roşu. 2019. Matching μ -logic. In Proceedings of the 34 th Annual ACM/IEEE Symposium on Logic in Computer Science (LICS’19). IEEE, Vancouver, Canada. 1–13. https://doi.org/10.1109/LICS.2019.8785675 Google ScholarGoogle ScholarCross RefCross Ref
  10. Xiaohong Chen and Grigore Roşu. 2019. Matching μ -logic. University of Illinois at Urbana-Champaign. http://hdl.handle.net/2142/102281 Google ScholarGoogle Scholar
  11. Xiaohong Chen and Grigore Roşu. 2020. A general approach to define binders using matching logic. In Proceedings of the 25 th ACM SIGPLAN International Conference on Functional Programming (ICFP’20). ACM, New Jersey, USA. 1–32. https://doi.org/10.1145/3408970 Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Coq Team. 2021. Coq GitHub Repository. https://github.com/coq/coq Google ScholarGoogle Scholar
  13. Coq Team. 2021. The Coq proof assistant. http://coq.inria.fr Google ScholarGoogle Scholar
  14. Andrei Ştefănescu, Ştefan Ciobâcă, Radu Mereuţă, Brandon M. Moore, Traian Florin Şerbănuţă, and Grigore Roşu. 2014. All-path reachability logic. In Proceedings of the Joint 25 th International Conference on Rewriting Techniques and Applications and 12 th International Conference on Typed Lambda Calculi and Applications (RTA-TLCA’14). 8560, Springer, Vienna, Austria. 425–440. https://doi.org/10.1007/978-3-319-08918-8_29 Google ScholarGoogle ScholarCross RefCross Ref
  15. Andrei Ştefănescu, Daejun Park, Shijiao Yuwen, Yilong Li, and Grigore Roşu. 2016. Semantics-based program verifiers for all languages. In Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA’16). ACM, Amsterdam, Netherlands. 74–91. isbn:978-1-4503-4444-9 https://doi.org/10.1145/3022671.2984027 Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Sandeep Dasgupta, Daejun Park, Theodoros Kasampalis, Vikram S. Adve, and Grigore Roşu. 2019. A complete formal semantics of x86-64 user-level instruction set architecture. In Proceedings of the 40 th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI’19). ACM, Phoenix, Arizona, USA. 1133–1148. https://doi.org/10.1145/3314221.3314601 Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Leonardo De Moura and Nikolaj Bjørner. 2008. Z3: An efficient SMT solver. In Proceedings of the 14 th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS’08). 4963, Springer, Budapest, Hungary. 337–340. https://doi.org/10.1007/978-3-540-78800-3_24 Google ScholarGoogle ScholarCross RefCross Ref
  18. Chucky Ellison and Grigore Rosu. 2012. An executable formal semantics of C with applications. ACM SIGPLAN Notices, 47, 1 (2012), 533–544. https://doi.org/10.1145/2103621.2103719 Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Jean-Christophe Filliâtre and Andrei Paskevich. 2013. Why3 — Where Programs Meet Provers. In Programming Languages and Systems, Matthias Felleisen and Philippa Gardner (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 125–128. isbn:978-3-642-37036-6 https://doi.org/10.1007/978-3-642-37036-6_8 Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Quentin Garchery. 2021. A Framework for Proof-carrying Logical Transformations. Electronic Proceedings in Theoretical Computer Science, 336 (2021), July, 5–23. https://doi.org/10.4204/eptcs.336.2 Google ScholarGoogle ScholarCross RefCross Ref
  21. Joseph Goguen, James Thatcher, Eric Wagner, and Jesse Wright. 1977. Initial algebra semantics and continuous algebras. Journal of the ACM, 24, 1 (1977), 68–95. https://doi.org/10.1145/321992.321997 Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Dwight Guth. 2013. A formal semantics of Python 3.3. University of Illinois at Urbana-Champaign. http://hdl.handle.net/2142/45275 Google ScholarGoogle Scholar
  23. Dwight Guth, Chris Hathhorn, Manasvi Saxena, and Grigore Roşu. 2016. RV-Match: Practical semantics-based program analysis. In Proceedings of the 28 th International Conference on Computer Aided Verification (CAV’16). 9779, Springer, Toronto, Ontario, Canada. 447–453. https://doi.org/10.1007/978-3-319-41528-4_24 Google ScholarGoogle ScholarCross RefCross Ref
  24. Richard Guy. 2004. Unsolved problems in number theory. 1, Springer Science & Business Media, Berlin, Heidelberg. https://doi.org/10.1007/978-0-387-26677-0 Google ScholarGoogle ScholarCross RefCross Ref
  25. Robert Harper, David MacQueen, and Robin Milner. 1986. Standard ML. Department of Computer Science, University of Edinburgh, Edinburgh, UK. http://www.lfcs.inf.ed.ac.uk/reports/86/ECS-LFCS-86-2/ Google ScholarGoogle Scholar
  26. Joseph D Hendrix. 2008. Decision procedures for equationally based reasoning. Ph. D. Dissertation. University of Illinois at Urbana-Champaign. http://hdl.handle.net/2142/11487 Google ScholarGoogle Scholar
  27. Everett Hildenbrandt, Manasvi Saxena, Xiaoran Zhu, Nishant Rodrigues, Philip Daian, Dwight Guth, Brandon Moore, Yi Zhang, Daejun Park, Andrei Ştefănescu, and Grigore Roşu. 2018. KEVM: A complete semantics of the Ethereum virtual machine. In Proceedings of the 2018 IEEE Computer Security Foundations Symposium (CSF’18). IEEE, Oxford, UK. 204–217. https://doi.org/10.1109/CSF.2018.00022 Google ScholarGoogle ScholarCross RefCross Ref
  28. C. A. R. Hoare. 1969. An axiomatic basis for computer programming. Commun. ACM, 12, 10 (1969), 576–580. https://doi.org/10.1145/363235.363259 Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Isabelle Team. 2021. Isabelle. https://isabelle.in.tum.de/ Google ScholarGoogle Scholar
  30. Bart Jacobs, Jan Smans, Pieter Philippaerts, Frédéric Vogels, Willem Penninckx, and Frank Piessens. 2011. VeriFast: A Powerful, Sound, Predictable, Fast Verifier for C and Java. In NASA Formal Methods, Mihaela Bobaru, Klaus Havelund, Gerard J. Holzmann, and Rajeev Joshi (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 41–55. isbn:978-3-642-20398-5 https://doi.org/10.1007/978-3-642-20398-5_4 Google ScholarGoogle ScholarCross RefCross Ref
  31. K Team. 2022. K framework Haskell backend. https://github.com/kframework/kore Google ScholarGoogle Scholar
  32. K Team. 2022. Matching logic proof checker. GitHub page. https://github.com/kframework/proof-generation See Google ScholarGoogle Scholar
  33. Theodoros Kasampalis, Daejun Park, Zhengyao Lin, Vikram S Adve, and Grigore Roşu. 2021. Language-parametric compiler validation with application to LLVM. In Proceedings of the 26 th ACM International Conference on Architectural Support for Programming Languages and Operating Systems. ACM New York, NY, USA, Virtual. 1004–1019. https://doi.org/10.1145/3445814.3446751 Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Dexter Kozen. 1983. Results on the propositional μ -calculus. Theoretical Computer Science, 27, 3 (1983), 333–354. isbn:978-3-540-39308-5 https://doi.org/10.1016/0304-3975(82)90125-6 Google ScholarGoogle ScholarCross RefCross Ref
  35. Ramana Kumar, Magnus O Myreen, Michael Norrish, and Scott Owens. 2014. CakeML: a verified implementation of ML. ACM SIGPLAN Notices, 49, 1 (2014), 179–191. https://doi.org/10.1145/2578855.2535841 Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Xavier Leroy. 2020. The CompCert verified compiler, software and commented proof. Available at. https://compcert.org/ Google ScholarGoogle Scholar
  37. Raph Levien and David A. Wheeler. 2019. Metamath Verifier in Python. https://github.com/david-a-wheeler/mmverify.py Google ScholarGoogle Scholar
  38. Liyi Li and Elsa Gunter. 2020. K-LLVM: A Relatively Complete Semantics of LLVM IR. In Proceedings of the 34 th European Conference on Object-Oriented Programming (ECOOP 2020). ACM New York, NY, USA, Virtual. 1–29. https://doi.org/10.4230/LIPIcs.ECOOP.2020.7 Google ScholarGoogle ScholarCross RefCross Ref
  39. Zhengyao Lin, Xiaohong Chen, Minh-Thai Trinh, John Wang, and Grigore Roşu. 2022. K Proof Generation Tool Repository. https://github.com/kframework/proof-generation Google ScholarGoogle Scholar
  40. Zhengyao Lin, Xiaohong Chen, Minh-Thai Trinh, John Wang, and Grigore Roşu. 2023. Generating Proof Certificates for a Language-Agnostic Deductive Program Verifier. https://doi.org/10.5281/zenodo.7503088 Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Qingzhou Luo, Yi Zhang, Choonghwan Lee, Dongyun Jin, Patrick O’Neil Meredith, Traian Florin Şerbănuţă, and Grigore Roşu. 2014. RV-Monitor: Efficient parametric runtime verification with simultaneous properties. In Proceedings of the 5 th International Conference on Runtime Verification (RV’14). Springer International Publishing, Toronto, Canada. 285–300. https://doi.org/10.1007/978-3-319-11164-3_24 Google ScholarGoogle ScholarCross RefCross Ref
  42. Norman Megill and David A. Wheeler. 2019. Metamath: a computer language for mathematical proofs. Available at. http://us.metamath.org/downloads/metamath.pdf Google ScholarGoogle Scholar
  43. George C Necula and Peter Lee. 2000. Proof generation in the Touchstone theorem prover. In Proceedings of the 17 th International Conference on Automated Deduction. Springer-VerlagBerlin, Heidelberg, Pittsburgh, Pennsylvania, USA. 25–44. https://doi.org/10.1007/10721959_3 Google ScholarGoogle ScholarCross RefCross Ref
  44. Stefan O’Rear and Mario Carneiro. 2019. Metamath Verifier in Rust. https://github.com/sorear/smetamath-rs Google ScholarGoogle Scholar
  45. Daejun Park, Andrei Ştefănescu, and Grigore Roşu. 2015. KJS: A complete formal semantics of JavaScript. In Proceedings of the 36 th annual ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI’15). ACM, Portland, OR. 346–356. https://doi.org/10.1145/2737924.2737991 Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Gaurav Parthasarathy, Peter Müller, and Alexander J. Summers. 2021. Formally Validating a Practical Verification Condition Generator. In Computer Aided Verification, Alexandra Silva and K. Rustan M. Leino (Eds.). Springer International Publishing, Cham. 704–727. isbn:978-3-030-81688-9 https://doi.org/10.1007/978-3-030-81688-9_33 Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. Gordon D. Plotkin. 1977. LCF considered as a programming language. Theoretical computer science, 5, 3 (1977), 223–255. https://doi.org/10.1016/0304-3975(77)90044-5 Google ScholarGoogle ScholarCross RefCross Ref
  48. A. Pnueli, M. Siegel, and E. Singerman. 1998. Translation validation. In Tools and Algorithms for the Construction and Analysis of Systems, Bernhard Steffen (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg. 151–166. isbn:978-3-540-69753-4 https://doi.org/10.1007/BFb0054170 Google ScholarGoogle ScholarCross RefCross Ref
  49. Grigore Roşu. 2017. Matching logic. Logical Methods in Computer Science, 13, 4 (2017), 1–61. https://doi.org/10.23638/LMCS-13(4:28)2017 Google ScholarGoogle ScholarCross RefCross Ref
  50. Grigore Roşu, Andrei Ştefănescu, Ştefan Ciobâcă, and Brandon M. Moore. 2013. One-path reachability logic. In Proceedings of the 28 th Symposium on Logic in Computer Science (LICS’13). IEEE, New Orleans, USA. 358–367. https://doi.org/10.1109/LICS.2013.42 Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. Grigore Roşu, Andrei Ştefănescu, Ştefan Ciobâcă, and Brandon M. Moore. 2012. Reachability Logic. University of Illinois at Urbana-Champaign. http://hdl.handle.net/2142/32952 Google ScholarGoogle Scholar
  52. Grigore Roşu and Wolfram Schulte. 2009. Matching logic—extended report. University of Illinois at Urbana-Champaign. https://fsl.cs.illinois.edu/publications/rosu-schulte-2009-tr.pdf Google ScholarGoogle Scholar
  53. Joseph R. Shoenfield. 1967. Mathematical logic. Addison-Wesley Pub. Co, Boston, United States. isbn:1-56881-135-7 Google ScholarGoogle Scholar
  54. Konrad Slind and Michael Norrish. 2008. A brief overview of HOL4. In International Conference on Theorem Proving in Higher Order Logics. Springer-Verlag Berlin Heidelberg, Montreal, Canada. 28–32. https://doi.org/10.1007/978-3-540-71067-7_6 Google ScholarGoogle ScholarDigital LibraryDigital Library
  55. Aaron Stump, Duckki Oe, Andrew Reynolds, Liana Hadarean, and Cesare Tinelli. 2013. SMT proof checking using a logical framework. Formal Methods in System Design, 42, 1 (2013), 91–118. https://doi.org/10.1007/s10703-012-0163-3 Google ScholarGoogle ScholarDigital LibraryDigital Library
  56. SV-COMP. 2021. Benchmark for SV-COMP. https://gitlab.com/sosy-lab/benchmarking/sv-benchmarks Google ScholarGoogle Scholar
  57. Alfred Tarski. 1955. A lattice-theoretical fixpoint theorem and its applications. Pacific J. Math., 5, 2 (1955), 285–309. Google ScholarGoogle ScholarCross RefCross Ref
  58. Tukaani Team. 2021. XZ Utils. https://tukaani.org/xz/ Google ScholarGoogle Scholar
  59. John Wang. 2022. Metamath proof checker in Rust. GitHub page. https://github.com/kframework/rust-metamath Google ScholarGoogle Scholar
  60. Stefan Wils and Bart Jacobs. 2021. Certifying C program correctness with respect to CompCert with VeriFast. https://doi.org/10.48550/ARXIV.2110.11034 Google ScholarGoogle Scholar

Index Terms

  1. Generating Proof Certificates for a Language-Agnostic Deductive Program Verifier

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    • Article Metrics

      • Downloads (Last 12 months)96
      • Downloads (Last 6 weeks)23

      Other Metrics

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!