skip to main content

Verification-Preserving Inlining in Automatic Separation Logic Verifiers

Published:06 April 2023Publication History
Skip Abstract Section

Abstract

Bounded verification has proved useful to detect bugs and to increase confidence in the correctness of a program. In contrast to unbounded verification, reasoning about calls via (bounded) inlining and about loops via (bounded) unrolling does not require method specifications and loop invariants and, therefore, reduces the annotation overhead to the bare minimum, namely specifications of the properties to be verified. For verifiers based on traditional program logics, verification is preserved by inlining (and unrolling): successful unbounded verification of a program w.r.t. some annotation implies successful verification of the inlined program. That is, any error detected in the inlined program reveals a true error in the original program. However, this essential property might not hold for automatic separation logic verifiers such as Caper, GRASShopper, RefinedC, Steel, VeriFast, and verifiers based on Viper. In this setting, inlining generally changes the resources owned by method executions, which may affect automatic proof search algorithms and introduce spurious errors. In this paper, we present the first technique for verification-preserving inlining in automatic separation logic verifiers. We identify a semantic condition on programs and prove in Isabelle/HOL that it ensures verification-preserving inlining for state-of-the-art automatic separation logic verifiers. We also prove a dual result: successful verification of the inlined program ensures that there are method and loop annotations that enable the verification of the original program for bounded executions. To check our semantic condition automatically, we present two approximations that can be checked syntactically and with a program verifier, respectively. We implement these checks in Viper and demonstrate that they are effective for non-trivial examples from different verifiers.

References

  1. Pieter Agten, Bart Jacobs, and Frank Piessens. 2015. Sound Modular Verification of C Code Executing in an Unverified Context. In Principles of Programming Languages (POPL), Sriram K. Rajamani and David Walker (Eds.). https://doi.org/10.1145/2676726.2676972 Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Vytautas Astrauskas, Peter Müller, Federico Poli, and Alexander J. Summers. 2019. Leveraging Rust Types for Modular Specification and Verification. Proc. ACM Program. Lang., 3, OOPSLA, Article 147, 30 pages. https://doi.org/10.1145/3360573 Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Gilles Barthe, Pedro R. D’Argenio, and Tamara Rezk. 2011. Secure Information Flow by Self-Composition. Mathematical Structures in Computer Science (MSCS), 21, 6 (2011), 1207–1252. https://doi.org/10.1017/S0960129511000193 Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Bernhard Beckert, Michael Kirsten, Jonas Klamroth, and Mattias Ulbrich. 2020. Modular Verification of JML Contracts Using Bounded Model Checking. In International Symposium on Leveraging Applications of Formal Methods (ISoLA), Tiziana Margaria and Bernhard Steffen (Eds.). 12476, 60–80. https://doi.org/10.1007/978-3-030-61362-4_4 Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Stefan Blom, Saeed Darabi, Marieke Huisman, and Wytse Oortwijn. 2017. The VerCors Tool Set: Verification of Parallel and Concurrent Software. In Integrated Formal Methods, Nadia Polikarpova and Steve Schneider (Eds.). Springer International Publishing, Cham. 102–110. isbn:978-3-319-66845-1 https://doi.org/10.1007/978-3-319-66845-1_7 Google ScholarGoogle ScholarCross RefCross Ref
  6. John Boyland. 2003. Checking Interference with Fractional Permissions. In Static Analysis (SAS), Radhia Cousot (Ed.). 55–72. https://doi.org/10.1007/3-540-44898-5_4 Google ScholarGoogle ScholarCross RefCross Ref
  7. James Brotherston, Nikos Gorogiannis, Max I. Kanovich, and Reuben Rowe. 2016. Model Checking for Symbolic-Heap Separation Logic with Inductive Predicates. In Principles of Programming Languages, POPL, Rastislav Bodík and Rupak Majumdar (Eds.). 84–96. https://doi.org/10.1145/2837614.2837621 Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Cristiano Calcagno, Peter W. O’Hearn, and Hongseok Yang. 2007. Local Action and Abstract Separation Logic. In Logic in Computer Science (LICS). 366–375. https://doi.org/10.1109/LICS.2007.30 Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Edmund Clarke, Daniel Kroening, and Flavio Lerda. 2004. A Tool for Checking ANSI-C Programs. In Tools and Algorithms for the Construction and Analysis of Systems (TACAS), Kurt Jensen and Andreas Podelski (Eds.). 168–176. https://doi.org/10.1007/978-3-540-24730-2_15 Google ScholarGoogle ScholarCross RefCross Ref
  10. Michael R. Clarkson and Fred B. Schneider. 2008. Hyperproperties. In 2008 21st IEEE Computer Security Foundations Symposium. 51–65. https://doi.org/10.1109/CSF.2008.7 Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Lucas Cordeiro, Pascal Kesseli, Daniel Kroening, Peter Schrammel, and Marek Trtik. 2018. JBMC: A Bounded Model Checking Tool for Verifying Java Bytecode. In Computer Aided Verification (CAV), Hana Chockler and Georg Weissenbacher (Eds.). https://doi.org/10.1007/978-3-319-96145-3_10 Google ScholarGoogle ScholarCross RefCross Ref
  12. Thibault Dardinier, Peter Müller, and Alexander J. Summers. 2022. Fractional Resources in Unbounded Separation Logic. Proc. ACM Program. Lang., 6, OOPSLA2 (2022), Article 163, 27 pages. https://doi.org/10.1145/3563326 Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Thibault Dardinier, Gaurav Parthasarathy, and Peter Müller. 2022. Verification-Preserving Inlining in Automatic Separation Logic Verifiers (extended version). https://doi.org/10.48550/ARXIV.2208.10456 Google ScholarGoogle Scholar
  14. Thibault Dardinier, Gaurav Parthasarathy, and Peter Müller. 2023. Verification-Preserving Inlining in Automatic Separation Logic Verifiers – Artifact. https://doi.org/10.5281/zenodo.7711788 Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Thibault Dardinier, Gaurav Parthasarathy, Noé Weeks, Peter Müller, and Alexander J. Summers. 2022. Sound Automation of Magic Wands. In Computer Aided Verification, Sharon Shoham and Yakir Vizel (Eds.). Springer International Publishing, Cham. 130–151. isbn:978-3-031-13188-2 https://doi.org/10.1007/978-3-031-13188-2_7 Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Thomas Dinsdale-Young, Pedro da Rocha Pinto, Kristoffer Just Andersen, and Lars Birkedal. 2017. Caper - Automatic Verification for Fine-Grained Concurrency. In European Symposium on Programming (ESOP), Hongseok Yang (Ed.). https://doi.org/10.1007/978-3-662-54434-1_16 Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Robert Dockins, Aquinas Hobor, and Andrew W. Appel. 2009. A Fresh Look at Separation Algebras and Share Accounting. In Asian Symposium on Programming Languages and Systems (APLAS), Zhenjiang Hu (Ed.). 161–177. https://doi.org/10.1007/978-3-642-10672-9_13 Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Marko Doko and Viktor Vafeiadis. 2017. Tackling Real-Life Relaxed Concurrency with FSL++. In European Symposium on Programming (ESOP), Hongseok Yang (Ed.). 448–475. https://doi.org/10.1007/978-3-662-54434-1_17 Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Marco Eilers and Peter Müller. 2018. Nagini: A Static Verifier for Python. In Computer Aided Verification (CAV), Hana Chockler and Georg Weissenbacher (Eds.). 596–603. https://doi.org/10.1007/978-3-319-96145-3_33 Google ScholarGoogle ScholarCross RefCross Ref
  20. Aymeric Fromherz, Aseem Rastogi, Nikhil Swamy, Sydney Gibson, Guido Martínez, Denis Merigoux, and Tahina Ramananandro. 2021. Steel: Proof-Oriented Programming in a Dependently Typed Concurrent Separation Logic. Proc. ACM Program. Lang., 5, ICFP (2021), 1–30. https://doi.org/10.1145/3473590 Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Bart Jacobs, Jan Smans, Pieter Philippaerts, Frédéric Vogels, Willem Penninckx, and Frank Piessens. 2011. VeriFast: A Powerful, Sound, Predictable, Fast Verifier for C and Java. In NASA Formal Methods (NFM). 41–55. https://doi.org/10.1007/978-3-642-20398-5_4 Google ScholarGoogle ScholarCross RefCross Ref
  22. Bart Jacobs, Jan Smans, and Frank Piessens. 2014. Solving the VerifyThis 2012 Challenges with VeriFast. International Journal on Software Tools for Technology Transfer (STTT), 17 (2014), 03, https://doi.org/10.1007/s10009-014-0310-9 Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Ralf Jung, Robbert Krebbers, Jacques Henri Jourdan, Aleš Bizjak, Lars Birkedal, and Derek Dreyer. 2018. Iris from the Ground up: A Modular Foundation for Higher-Order Concurrent Separation Logic. Journal of Functional Programming (JFP), https://doi.org/10.1017/S0956796818000151 Google ScholarGoogle ScholarCross RefCross Ref
  24. Akash Lal and Shaz Qadeer. 2014. Powering the Static Driver Verifier Using Corral. In International Symposium on Foundations of Software Engineering (FSE). 202–212. https://doi.org/10.1145/2635868.2635894 Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Akash Lal, Shaz Qadeer, and Shuvendu K. Lahiri. 2012. A Solver for Reachability Modulo Theories. In Computer Aided Verification (CAV), P. Madhusudan and Sanjit A. Seshia (Eds.). 7358, 427–443. https://doi.org/10.1007/978-3-642-31424-7_32 Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Gary T. Leavens, Albert L. Baker, and Clyde Ruby. 2006. Preliminary Design of JML: A Behavioral Interface Specification Language for Java. SIGSOFT Software Engineering Notes, 31, 3 (2006), may, 1–38. https://doi.org/10.1145/1127878.1127884 Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. K. Rustan M. Leino. 2008. This is Boogie 2. https://www.microsoft.com/en-us/research/publication/this-is-boogie-2-2/ Google ScholarGoogle Scholar
  28. K. Rustan M. Leino and Valentin Wüstholz. 2015. Fine-Grained Caching of Verification Results. In Computer Aided Verification (CAV), Daniel Kroening and Corina S. Pasareanu (Eds.). 9206, Springer, 380–397. https://doi.org/10.1007/978-3-319-21690-4_22 Google ScholarGoogle ScholarCross RefCross Ref
  29. Cláudio Belo Lourenço, Maria João Frade, and Jorge Sousa Pinto. 2019. A Generalized Program Verification Workflow Based on Loop Elimination and SA Form. In International Conference on Formal Methods in Software Engineering (FormaliSE). 75–84. https://doi.org/10.1109/FormaliSE.2019.00017 Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Peter Müller, Malte Schwerhoff, and Alexander J. Summers. 2016. Viper: A Verification Infrastructure for Permission-Based Reasoning. In VMCAI, B. Jobstmann and K. R. M. Leino (Eds.). 9583, Springer-Verlag, 41–62. https://doi.org/10.1007/978-3-662-49122-5_2 Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Huu Hai Nguyen, Viktor Kuncak, and Wei-Ngan Chin. 2008. Runtime Checking for Separation Logic. In Verification, Model Checking, and Abstract Interpretation (VMCAI), Francesco Logozzo, Doron A. Peled, and Lenore D. Zuck (Eds.). https://doi.org/10.1007/978-3-540-78163-9_19 Google ScholarGoogle ScholarCross RefCross Ref
  32. Matthew J. Parkinson and Alexander J. Summers. 2012. The Relationship Between Separation Logic and Implicit Dynamic Frames. Logical Methods in Computer Science, 8, 3:01 (2012), 1–54. https://doi.org/10.2168/LMCS-8(3:1)2012 Google ScholarGoogle ScholarCross RefCross Ref
  33. Ruzica Piskac, Thomas Wies, and Damien Zufferey. 2014. GRASShopper. In Tools and Algorithms for the Construction and Analysis of Systems (TACAS), Erika Ábrahám and Klaus Havelund (Eds.). 124–139. https://doi.org/10.1007/978-3-642-54862-8_9 Google ScholarGoogle ScholarCross RefCross Ref
  34. John C. Reynolds. 2002. Separation Logic: A Logic for Shared Mutable Data Structures. Logic in Computer Science (LICS), 55–74. https://doi.org/10.1109/LICS.2002.1029817 Google ScholarGoogle ScholarCross RefCross Ref
  35. Michael Sammler, Rodolphe Lepigre, Robbert Krebbers, Kayvan Memarian, Derek Dreyer, and Deepak Garg. 2021. RefinedC: Automating the Foundational Verification of C Code with Refined Ownership Types. In Programming Language Design and Implementation (PLDI). 158–174. isbn:9781450383912 https://doi.org/10.1145/3453483.3454036 Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Malte Schwerhoff and Alexander J. Summers. 2015. Lightweight Support for Magic Wands in an Automatic Verifier. In European Conference on Object-Oriented Programming (ECOOP), John Tang Boyland (Ed.) (LIPIcs, Vol. 37). 614–638. https://doi.org/10.4230/LIPIcs.ECOOP.2015.614 Google ScholarGoogle ScholarCross RefCross Ref
  37. Alexander J. Summers and Peter Müller. 2018. Automating Deductive Verification for Weak-Memory Programs. In Tools and Algorithms for the Construction and Analysis of Systems (TACAS), D. Beyer and M. Huisman (Eds.). Springer-Verlag, 190–209. https://doi.org/10.1007/978-3-319-89960-2_11 Google ScholarGoogle ScholarCross RefCross Ref
  38. Nikhil Swamy, Cătălin Hriţcu, Chantal Keller, Aseem Rastogi, Antoine Delignat-Lavaud, Simon Forest, Karthikeyan Bhargavan, Cédric Fournet, Pierre-Yves Strub, Markulf Kohlweiss, Jean-Karim Zinzindohoue, and Santiago Zanella-Béguelin. 2016. Dependent Types and Multi-Monadic Effects in F*. In Principles of Programming Languages (POPL). 256–270. https://doi.org/10.1145/2837614.2837655 Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Viktor Vafeiadis and Chinmay Narayan. 2013. Relaxed Separation Logic: A Program Logic for C11 Concurrency. In Object Oriented Programming Systems Languages & Applications (OOPSLA), Antony L. Hosking, Patrick Th. Eugster, and Cristina V. Lopes (Eds.). ACM, 867–884. https://doi.org/10.1145/2544173.2509532 Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Hongseok Yang and Peter O’Hearn. 2002. A Semantic Basis for Local Reasoning. In Foundations of Software Science and Computation Structures (FoSSaCS). 402–416. https://doi.org/10.1007/3-540-45931-6_28 Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. Verification-Preserving Inlining in Automatic Separation Logic Verifiers

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Article Metrics

          • Downloads (Last 12 months)100
          • Downloads (Last 6 weeks)21

          Other Metrics

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!