Skip to main content
SpringerLink
Log in

Generalized Arrays for Stainless Frames

  • Conference paper
  • First Online:
Verification, Model Checking, and Abstract Interpretation (VMCAI 2022)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 13182))

  • 901 Accesses

Abstract

We present an approach for verification of programs with shared mutable references against specifications such as assertions, preconditions, postconditions, and read/write effects. We implement our tool in the Stainless verification system for Scala.

A novelty of our approach is to translate imperative function contracts (including frame conditions) using quantifier-free formulas in first-order logic, instead of quantifiers or separation logic. Our quantifier-free encoding enables SMT solvers to both prove safety and to report counterexamples relative to the semantics of procedure contracts. Our encoding is possible thanks to the expressive power of the extended array theory of de Moura and Bjørner, implemented in the SMT solver Z3, whose map operators allow us to project heaps before and after the call onto the declared reads and modifies clauses.

To support inductive proofs about the preservation of invariants, our approach permits capturing a projection of heap state as a history variable and evaluating imperative ghost code in the specified captured heap.

We also retain the efficiency of reasoning about purely functional layers of data structures, which need not be represented using heap references but often map directly to SMT-LIB algebraic data types and arrays. We thus obtain a combination of expressiveness for shared mutable data where needed, while retaining automation for purely functional program aspects. We illustrate our approach by proving detailed correctness properties of examples manipulating mutable linked structures.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Our implementation is part of Stainless (https://github.com/epfl-lara/stainless/) and can be tested on examples in frontends/benchmarks/full-imperative via the –full-imperative flag. Artifact available at https://zenodo.org/record/5683321.

References

  1. Abadi, M., Lamport, L.: The existence of refinement mappings. Theor. Comput. Sci. 82(2), 253–284 (1991). https://doi.org/10.1016/0304-3975(91)90224-P

    Article  MathSciNet  MATH  Google Scholar 

  2. Ahman, D., et al.: Dijkstra monads for free. In: Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages, pp. 515–529 (2017)

    Google Scholar 

  3. Barnett, M., Chang, B.-Y.E., DeLine, R., Jacobs, B., Leino, K.R.M.: Boogie: a modular reusable verifier for object-oriented programs. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2005. LNCS, vol. 4111, pp. 364–387. Springer, Heidelberg (2006). https://doi.org/10.1007/11804192_17

    Chapter  Google Scholar 

  4. Barthe, G., Crespo, J.M., Kunz, C.: Relational verification using product programs. In: Butler, M., Schulte, W. (eds.) FM 2011. LNCS, vol. 6664, pp. 200–214. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-21437-0_17

    Chapter  Google Scholar 

  5. Berdine, J., Calcagno, C., O’Hearn, P.W.: Symbolic execution with separation logic. In: Yi, K. (ed.) APLAS 2005. LNCS, vol. 3780, pp. 52–68. Springer, Heidelberg (2005). https://doi.org/10.1007/11575467_5 Kindly provide complete details for Ref. [6]

    Chapter  Google Scholar 

  6. Bertot, Y., Castéran, P.: Interactive Theorem Proving and Program Development-Coq’Art: The Calculus of Inductive Constructions. Springer (2004). https://doi.org/10.1007/978-3-662-07964-5

  7. Blanc, R.W.: Verification by Reduction to Functional Programs. Ph.D. Thesis, EPFL, Lausanne (2017). https://doi.org/10.5075/epfl-thesis-7636, http://infoscience.epfl.ch/record/230242

  8. Bradley, A.R., Manna, Z., Sipma, H.B.: What’s decidable about arrays? In: Emerson, E.A., Namjoshi, K.S. (eds.) VMCAI 2006. LNCS, vol. 3855, pp. 427–442. Springer, Heidelberg (2005). https://doi.org/10.1007/11609773_28

    Chapter  Google Scholar 

  9. Calcagno, C., Distefano, D., O’Hearn, P.W., Yang, H.: Compositional shape analysis by means of bi-abduction. J. ACM 58(6), 26:1-26:66 (2011). https://doi.org/10.1145/2049697.2049700

    Article  MathSciNet  MATH  Google Scholar 

  10. Clarkson, M.R., Schneider, F.B.: Hyperproperties. J. Comput. Secur. 18(6), 1157–1210 (2010). https://doi.org/10.3233/JCS-2009-0393

    Article  Google Scholar 

  11. Daca, P., Henzinger, T.A., Kupriyanov, A.: Array folds logic. In: Chaudhuri, S., Farzan, A. (eds.) CAV 2016. LNCS, vol. 9780, pp. 230–248. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-41540-6_13

    Chapter  Google Scholar 

  12. Distefano, D., Fähndrich, M., Logozzo, F., O’Hearn, P.W.: Scaling static analyses at Facebook. Commun. ACM 62(8), 62–70 (2019). https://doi.org/10.1145/3338112

    Article  Google Scholar 

  13. Distefano, D., Parkinson J, M.J.: jStar: Towards practical verification for java. ACM Sigplan Not. 43(10), 213–226 (2008). https://doi.org/10.1145/1449955.1449782

  14. Eilers, M., Müller, P., Hitz, S.: Modular product programs. ACM Trans. Program. Lang. Syst. (TOPLAS) 42(1), 1–37 (2019). https://doi.org/10.1145/3324783

    Article  MATH  Google Scholar 

  15. Filliâtre, J.C.: Verification of non-functional programs using interpretations in type theory. J. Funct. Program. 13(4), 709–745 (2003). https://doi.org/10.1017/S095679680200446X

    Article  MathSciNet  MATH  Google Scholar 

  16. Finkbeiner, B.: Model checking algorithms for hyperproperties (invited paper). In: Henglein, F., Shoham, S., Vizel, Y. (eds.) VMCAI 2021. LNCS, vol. 12597, pp. 3–16. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-67067-2_1

    Chapter  MATH  Google Scholar 

  17. Hamza, J., Voirol, N., Kunčak, V.: System FR: formalized foundations for the stainless verifier. Proc. ACM Program. Lang. OOPSLA (2019). https://doi.org/10.1145/3360592

    Article  Google Scholar 

  18. Hawblitzel, C., et al.: IronFleet: proving practical distributed systems correct. In: Miller, E.L., Hand, S. (eds.) Proceedings of the 25th Symposium on Operating Systems Principles, SOSP 2015, Monterey, CA, USA, 4–7 October 2015, pp. 1–17. ACM (2015). https://doi.org/10.1145/2815400.2815428

  19. Jacobs, B., Smans, J., Philippaerts, P., Vogels, F., Penninckx, W., Piessens, F.: VeriFast: a powerful, sound, predictable, fast verifier for C and Java. In: Bobaru, M., Havelund, K., Holzmann, G.J., Joshi, R. (eds.) NFM 2011. LNCS, vol. 6617, pp. 41–55. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20398-5_4

    Chapter  Google Scholar 

  20. Jung, R., Krebbers, R., Jourdan, J., Bizjak, A., Birkedal, L., Dreyer, D.: Iris from the ground up: a modular foundation for higher-order concurrent separation logic. J. Funct. Program. 28, e20 (2018). https://doi.org/10.1017/S0956796818000151

    Article  MathSciNet  MATH  Google Scholar 

  21. Kassios, I.T.: Dynamic frames: support for framing, dependencies and sharing without restrictions. In: Misra, J., Nipkow, T., Sekerinski, E. (eds.) FM 2006. LNCS, vol. 4085, pp. 268–283. Springer, Heidelberg (2006). https://doi.org/10.1007/11813040_19

    Chapter  Google Scholar 

  22. Kovács, M., Seidl, H., Finkbeiner, B.: Relational abstract interpretation for the verification of 2-hypersafety properties. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security. CCS 2013, pp. 211–222. Association for Computing Machinery, New York (2013). https://doi.org/10.1145/2508859.2516721

  23. Kuncak, V., Prokopec, A.: Parallel programming (Lecture 1.4: Running computations in parallel). EPFL Courseware, February 2018. https://courseware.epfl.ch/courses/course-v1:EPFL+parprog1+2018_T1/about and https://www.youtube.com/watch?v=DbVt8C0-Oe0

  24. Leino, K.R.M.: This is Boogie 2. Manuscript KRML 178(131), 9 (2008)

    Google Scholar 

  25. Leino, K.R.M.: Dafny: an automatic program verifier for functional correctness. In: Clarke, E.M., Voronkov, A. (eds.) LPAR 2010. LNCS (LNAI), vol. 6355, pp. 348–370. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17511-4_20

    Chapter  MATH  Google Scholar 

  26. Moggi, E.: Notions of computation and monads. Inf. Comput. 93(1), 55–92 (1991). https://doi.org/10.1016/0890-5401(91)90052-4

    Article  MathSciNet  MATH  Google Scholar 

  27. de Moura, L.M., Bjørner, N.: Model-based theory combination. Electron. Notes Theor. Comput. Sci. 198(2), 37–49 (2008). https://doi.org/10.1016/j.entcs.2008.04.079

    Article  MathSciNet  MATH  Google Scholar 

  28. de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78800-3_24

    Chapter  Google Scholar 

  29. de Moura, L.M., Bjørner, N.: Generalized, efficient array decision procedures. In: Proceedings of 9th International Conference on Formal Methods in Computer-Aided Design, FMCAD 2009, 15–18 November 2009, Austin, Texas, USA, pp. 45–52. IEEE (2009). https://doi.org/10.1109/FMCAD.2009.5351142

  30. Müller, P., Schwerhoff, M., Summers, A.J.: Automatic verification of iterated separating conjunctions using symbolic execution. In: Chaudhuri, S., Farzan, A. (eds.) CAV 2016. LNCS, vol. 9779, pp. 405–425. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-41528-4_22

    Chapter  MATH  Google Scholar 

  31. Nipkow, T., Wenzel, M., Paulson, Lawrence C.. (eds.): Isabelle/HOL: A Proof Assistant for Higher-Order Logic. LNCS, vol. 2283. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45949-9

    Book  MATH  Google Scholar 

  32. Odersky, M., Spoon, L., Venners, B.: Programming in Scala, Fourth Edition (A comprehensive step-by-step guide). Artima (2019). https://www.artima.com/shop/programming_in_scala_4ed

  33. O’Hearn, P., Reynolds, J., Yang, H.: Local reasoning about programs that alter data structures. In: Fribourg, L. (ed.) CSL 2001. LNCS, vol. 2142, pp. 1–19. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44802-0_1

    Chapter  Google Scholar 

  34. Parkinson, M.J., Summers, A.J.: The relationship between separation logic and implicit dynamic frames. In: Barthe, G. (ed.) ESOP 2011. LNCS, vol. 6602, pp. 439–458. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19718-5_23

    Chapter  MATH  Google Scholar 

  35. Reynolds, A., Kuncak, V.: Induction for SMT solvers. In: D’Souza, D., Lal, A., Larsen, K.G. (eds.) VMCAI 2015. LNCS, vol. 8931, pp. 80–98. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46081-8_5

    Chapter  Google Scholar 

  36. Sighireanu, M., et al.: SL-COMP: competition of solvers for separation logic. In: Beyer, D., Huisman, M., Kordon, F., Steffen, B. (eds.) TACAS 2019. LNCS, vol. 11429, pp. 116–132. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17502-3_8

    Chapter  Google Scholar 

  37. Smans, J., Jacobs, B., Piessens, F.: Implicit dynamic frames. ACM Trans. Program. Lang. Syst. 34(1), 2:1–2:58 (2012). https://doi.org/10.1145/2160910.2160911

  38. Stump, A., Barrett, C., Dill, D., Levitt, J.: A decision procedure for an extensional theory of arrays. In: Proceedings 16th Annual IEEE Symposium on Logic in Computer Science, pp. 29–37. IEEE Computer Society, Boston (2001). https://doi.org/10.1109/LICS.2001.932480

  39. Ta, Q.-T., Le, T.C., Khoo, S.-C., Chin, W.-N.: Automated mutual induction proof in separation logic. Formal Aspects Comput. 31(2), 207–230 (2018). https://doi.org/10.1007/s00165-018-0471-5

    Article  MathSciNet  MATH  Google Scholar 

  40. Voirol, N.C.Y.: Verified Functional Programming. Ph.D. Thesis, EPFL, Lausanne (2019). https://doi.org/10.5075/epfl-thesis-9479, http://infoscience.epfl.ch/record/268824

  41. Wadler, P.: Comprehending monads. In: Proceedings of the 1990 ACM Conference on LISP and Functional Programming, pp. 61–78 (1990). https://doi.org/10.1145/91556.91592

Download references

Acknowledgments

We thank Antoine Brunner for helping implement a first prototype in Stainless, and the anonymous reviewers for their valuable feedback. This work is supported by the Swiss National Science Foundation project number 200021_175676.

Author information

Authors and Affiliations

  1. Ecole Polytechnique Fédérale de Lausanne (EPFL), Laboratory for Automated Reasoning and Analysis (LARA), 1015, Lausanne, Switzerland

    Georg Stefan Schmid & Viktor Kunčak

Authors
  1. Georg Stefan Schmid
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Viktor Kunčak
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Georg Stefan Schmid .

Editor information

Editors and Affiliations

  1. Helmholtz Center for Information Security, Saarbrücken, Germany

    Bernd Finkbeiner

  2. New York University, New York, NY, USA

    Thomas Wies

Rights and permissions

Reprints and permissions

Copyright information

© 2022 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Schmid, G.S., Kunčak, V. (2022). Generalized Arrays for Stainless Frames. In: Finkbeiner, B., Wies, T. (eds) Verification, Model Checking, and Abstract Interpretation. VMCAI 2022. Lecture Notes in Computer Science(), vol 13182. Springer, Cham. https://doi.org/10.1007/978-3-030-94583-1_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-94583-1_17

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-94582-4

  • Online ISBN: 978-3-030-94583-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation