Binary Heaps Formally Verified in Why3
نویسندگان
چکیده
The VACID-0 benchmarks is a set of small programs which pose challenges for formal verification of their functional behavior. This paper reports on the formal verification of one of these challenges: binary heaps. The solution given here is performed using the Why3 environment for program verification. The expected behavior of the program is specified in Why3 logic, structured using the constructs for building hierarchies of theories provided by Why3. The proofs are achieved by a significant amount of automation, using SMT solvers for a large majority of the verification conditions generated, whereas the remaining verification conditions are discharged by interactive constructions of proof scripts using the Coq proof assistant. The general aim of this case study is to demonstrate the usability and efficiency of both the Why3 specification language and the accompanying tools, which offer a fairly advanced environment for specification while keeping a significant amount of automation of proofs. Key-words: Formal Specification, Modularity, Abstraction, Theories, Binary Heap, Heapsort, Why3 ∗ Lab. de Recherche en Informatique, Univ Paris-Sud, CNRS, Orsay, F-91405 † INRIA Saclay Île-de-France, F-91893 in ria -0 06 36 08 3, v er si on 1 26 O ct 2 01 1 Vérification formelle des tas binaires en Why3 Résumé : Les benchmarks VACID-0 forment une collection de petits programmes qui posent des défis pour la vérification formelle de leur comportement fonctionnel. Ce rapport présente la vérification formelle de l’un de ces exemples: les tas binaires. La solution présentée utilise l’environnement pour la vérification Why3. Le comportement attendu est spécifié dans la logique de Why3, de façon structurée grâce aux constructions hiérarchiques de théories proposées par Why3. Les preuves sont effectuées de façon largement automatiques, car les prouveurs SMT disponibles en sortie de Why3 résolvent un pourcentage significatif des obligations de preuves engendrées, le reste étant prouvé interactivement avec l’assistant de preuve Coq. La motivation de cette étude de cas est de démontrer l’utilisabilité et l’efficacité à la fois du langage de spécification de Why3 et des outils associés, qui fournissent un langage puissant de spécification tout en permettant une automatisation importante des preuves. Mots-clés : Spécification formelle, Modularité, Abstraction, Théories, Tas binaires, Tri par tas, Why3 in ria -0 06 36 08 3, v er si on 1 26 O ct 2 01 1 Binary Heaps Formally Verified in Why3 3
منابع مشابه
How to Get an Efficient yet Verified Arbitrary-Precision Integer Library
The GNU Multi-Precision library is a widely used, safetycritical, library for arbitrary-precision arithmetic. Its source code is written in C and assembly, and includes intricate state-of-the-art algorithms for the sake of high performance. Formally verifying the functional behavior of such highly optimized code, not designed with verification in mind, is challenging. We present a fully verifie...
متن کاملA Formally Verified Interpreter for a Shell-Like Programming Language
The shell language is widely used for various system administration tasks on UNIX machines, as for instance as part of the installation process of software packages in FOSS distributions. Our mid-term goal is to analyze these scripts as part of an ongoing effort to use formal methods for the quality assurance of software distributions, to prove their correctness, or to pinpoint bugs. However, t...
متن کاملWeakest Precondition Calculus, Revisited using Why3
This report has two objectives. First, we present an original method of proof of soundness of a weakest precondition calculus, based on the notion of blocking semantics. The method mimics, at the level of logic specifications, the classical proof of type soundness. Moreover, the proof is performed formally using the Why3 environment for deductive verification, and we illustrate, along the devel...
متن کاملPalaiseau Weakest Precondition Calculus , Revisited using Why 3
This report has two objectives. First, we present an original method of proof of soundness of a weakest precondition calculus, based on the notion of blocking semantics. The method mimics, at the level of logic specifications, the classical proof of type soundness. Moreover, the proof is performed formally using the Why3 environment for deductive verification, and we illustrate, along the devel...
متن کاملPattern avoidance in k-ary heaps
In this paper, we consider pattern avoidance in k-ary heaps, where the permutation associated with the heap is found by recording the nodes as they are encountered in a breadth-first search. We enumerate heaps that avoid patterns of length 3 and collections of patterns of length 3, first with binary heaps and then more generally with k-ary heaps.
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011