research-article

Open access

RefinedC: automating the foundational verification of C code with refined ownership types

Authors:

Michael Sammler,

Rodolphe Lepigre,

Robbert Krebbers,

Kayvan Memarian,

Deepak GargAuthors Info & Claims

PLDI 2021: Proceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation

Pages 158 - 174

https://doi.org/10.1145/3453483.3454036

Published: 18 June 2021 Publication History

Abstract

Given the central role that C continues to play in systems software, and the difficulty of writing safe and correct C code, it remains a grand challenge to develop effective formal methods for verifying C programs. In this paper, we propose a new approach to this problem: a type system we call RefinedC, which combines ownership types (for modular reasoning about shared state and concurrency) with refinement types (for encoding precise invariants on C data types and Hoare-style specifications for C functions).

RefinedC is both automated (requiring minimal user intervention) and foundational (producing a proof of program correctness in Coq), while at the same time handling a range of low-level programming idioms such as pointer arithmetic. In particular, following the approach of RustBelt, the soundness of the RefinedC type system is justified semantically by interpretation into the Coq-based Iris framework for higher-order concurrent separation logic. However, the typing rules of RefinedC are also designed to be encodable in a new “separation logic programming” language we call Lithium. By restricting to a carefully chosen (yet expressive) fragment of separation logic, Lithium supports predictable, automatic, goal-directed proof search without backtracking. We demonstrate the effectiveness of RefinedC on a range of representative examples of C code.

References

[1]

Jean-Marc Andreoli. 1992. Logic programming with focusing proofs in linear logic. J. Log. Comput., 2, 3 (1992), 297–347. https://doi.org/10.1093/logcom/2.3.297

[2]

Andrew W. Appel. 2014. Program Logics for Certified Compilers. Cambridge University Press. https://www.cambridge.org/de/academic/subjects/computer-science/programming-languages-and-applied-logic/program-logics-certified-compilers

Digital Library

[3]

Pablo A. Armelín and David J. Pym. 2001. Bunched logic programming. In IJCAR (LNCS, Vol. 2083). Springer, 289–304. https://doi.org/10.1007/3-540-45744-5_21

[4]

Alexander Bakst and Ranjit Jhala. 2016. Predicate abstraction for linked data structures. In VMCAI (LNCS, Vol. 9583). Springer, 65–84. https://doi.org/10.1007/978-3-662-49122-5_3

Digital Library

[5]

Mark Batty, Scott Owens, Susmit Sarkar, Peter Sewell, and Tjark Weber. 2011. Mathematizing C++ concurrency. In POPL. ACM, 55–66. https://doi.org/10.1145/1926385.1926394

Digital Library

[6]

Josh Berdine, Cristiano Calcagno, and Peter W. O’Hearn. 2004. A decidable fragment of separation logic. In FSTTCS (LNCS, Vol. 3328). Springer, 97–109. https://doi.org/10.1007/978-3-540-30538-5_9

Digital Library

[7]

Josh Berdine, Cristiano Calcagno, and Peter W. O’Hearn. 2005. Smallfoot: Modular automatic assertion checking with separation logic. In FMCO (LNCS, Vol. 4111). Springer, 115–137. https://doi.org/10.1007/11804192_6

Digital Library

[8]

Sylvie Boldo and Guillaume Melquiond. 2011. Flocq: A unified library for proving floating-point algorithms in Coq. In ARITH. IEEE Computer Society, 243–252. https://doi.org/10.1109/ARITH.2011.40

Digital Library

[9]

Cristiano Calcagno, Dino Distefano, Peter W. O’Hearn, and Hongseok Yang. 2009. Compositional shape analysis by means of bi-abduction. In POPL. ACM, 289–300. https://doi.org/10.1145/1480881.1480917

Digital Library

[10]

Qinxiang Cao, Lennart Beringer, Samuel Gruetter, Josiah Dodds, and Andrew W. Appel. 2018. VST-Floyd: A separation logic tool to verify correctness of C programs. J. Autom. Reason., 61, 1-4 (2018), 367–422. https://doi.org/10.1007/s10817-018-9457-5

Digital Library

[11]

Qinxiang Cao, Shengyi Wang, Aquinas Hobor, and Andrew W. Appel. 2019. Proof pearl: Magic wand as frame. CoRR, abs/1909.08789 (2019), arxiv:1909.08789

[12]

Arthur Charguéraud. 2016. Higher-order representation predicates in separation logic. In CPP. ACM, 3–14. https://doi.org/10.1145/2854065.2854068

Digital Library

[13]

Adam Chlipala. 2011. Mostly-automated verification of low-level programs in computational separation logic. In PLDI. ACM, 234–245. https://doi.org/10.1145/1993498.1993526

Digital Library

[14]

Adam Chlipala. 2013. The Bedrock structured programming system: Combining generative metaprogramming and Hoare logic in an extensible program verifier. In ICFP. ACM, 391–402. https://doi.org/10.1145/2500365.2500592

Digital Library

[15]

Adam Chlipala. 2015. From network interface to multithreaded web applications: A case study in modular program verification. In POPL. ACM, 609–622. https://doi.org/10.1145/2676726.2677003

Digital Library

[16]

Duc-Hiep Chu, Joxan Jaffar, and Minh-Thai Trinh. 2015. Automatic induction proofs of data-structures in imperative programs. In PLDI. ACM, 457–466. https://doi.org/10.1145/2737924.2737984

Digital Library

[17]

Ernie Cohen, Markus Dahlweid, Mark A. Hillebrand, Dirk Leinenbach, Michal Moskal, Thomas Santen, Wolfram Schulte, and Stephan Tobies. 2009. VCC: A practical system for verifying concurrent C. In TPHOLs (LNCS, Vol. 5674). Springer, 23–42. https://doi.org/10.1007/978-3-642-03359-9_2

Digital Library

[18]

Ernie Cohen, Mark A. Hillebrand, Stephan Tobies, Michał Moskal, and Wolfram Schulte. 2012. Verifying C programs: A VCC tutorial. https://archive.codeplex.com/projects/VCC/fda99f81-18b5-45ae-8f49-5b28c747dcc3

[19]

Jeremy Condit, Brian Hackett, Shuvendu K. Lahiri, and Shaz Qadeer. 2009. Unifying type checking and property checking for low-level code. In POPL. ACM, 302–314. https://doi.org/10.1145/1480881.1480921

Digital Library

[20]

Jeremy Condit, Matthew Harren, Zachary R. Anderson, David Gay, and George C. Necula. 2007. Dependent types for low-level programming. In ESOP (LNCS, Vol. 4421). Springer, 520–535. https://doi.org/10.1007/978-3-540-71316-6_35

[21]

Pascal Cuoq, Florent Kirchner, Nikolai Kosmatov, Virgile Prevosto, Julien Signoles, and Boris Yakobowski. 2012. Frama-C: A software analysis perspective. In SEFM (LNCS, Vol. 7504). Springer, 233–247. https://doi.org/10.1007/978-3-642-33826-7_16

Digital Library

[22]

Hoang-Hai Dang, Jacques-Henri Jourdan, Jan-Oliver Kaiser, and Derek Dreyer. 2020. RustBelt meets relaxed memory. Proc. ACM Program. Lang., 4, POPL (2020), 34:1–34:29. https://doi.org/10.1145/3371102

Digital Library

[23]

David Delahaye. 2000. A tactic language for the system Coq. In LPAR (LNCS, Vol. 1955). Springer, 85–95. https://doi.org/10.1007/3-540-44404-1_7

[24]

Robert DeLine and Manuel Fähndrich. 2001. Enforcing high-level protocols in low-level software. In PLDI. ACM, 59–69. https://doi.org/10.1145/378795.378811

Digital Library

[25]

Archibald Samuel Elliott, Andrew Ruef, Michael Hicks, and David Tarditi. 2018. Checked C: making C safe by extension. In SecDev. IEEE Computer Society, 53–60. https://doi.org/10.1109/SecDev.2018.00015

[26]

Andres Erbsen, Jade Philipoom, Jason Gross, Robert Sloan, and Adam Chlipala. 2019. Simple high-level code for cryptographic arithmetic - with proofs, without compromises. In IEEE Symposium on Security and Privacy. IEEE, 1202–1219. https://doi.org/10.1109/SP.2019.00005

[27]

Xinyu Feng, Zhong Shao, Yu Guo, and Yuan Dong. 2008. Combining domain-specific and foundational logics to verify complete software systems. In VSTTE (LNCS, Vol. 5295). Springer, 54–69. https://doi.org/10.1007/978-3-540-87873-5_8

Digital Library

[28]

Timothy S. Freeman and Frank Pfenning. 1991. Refinement types for ML. In PLDI. ACM, 268–277. https://doi.org/10.1145/113445.113468

Digital Library

[29]

Dan Frumin, Léon Gondelman, and Robbert Krebbers. 2019. Semi-automated reasoning about non-determinism in C expressions. In ESOP (LNCS, Vol. 11423). Springer, 60–87. https://doi.org/10.1007/978-3-030-17184-1_3

[30]

David Greenaway, June Andronick, and Gerwin Klein. 2012. Bridging the gap: Automatic verified abstraction of C. In ITP (LNCS, Vol. 7406). Springer, 99–115. https://doi.org/10.1007/978-3-642-32347-8_8

[31]

David Greenaway, Japheth Lim, June Andronick, and Gerwin Klein. 2014. Don’t sweat the small stuff: formal verification of C code without the pain. In PLDI. ACM, 429–439. https://doi.org/10.1145/2594291.2594296

Digital Library

[32]

Ronghui Gu, Jérémie Koenig, Tahina Ramananandro, Zhong Shao, Xiongnan (Newman) Wu, Shu-Chun Weng, Haozhong Zhang, and Yu Guo. 2015. Deep specifications and certified abstraction layers. In POPL. ACM, 595–608. https://doi.org/10.1145/2676726.2676975

Digital Library

[33]

Ronghui Gu, Zhong Shao, Hao Chen, Jieung Kim, Jérémie Koenig, Xiongnan (Newman) Wu, Vilhelm Sjöberg, and David Costanzo. 2019. Building certified concurrent OS kernels. Commun. ACM, 62, 10 (2019), 89–99. https://doi.org/10.1145/3356903

Digital Library

[34]

Ronghui Gu, Zhong Shao, Jieung Kim, Xiongnan (Newman) Wu, Jérémie Koenig, Vilhelm Sjöberg, Hao Chen, David Costanzo, and Tahina Ramananandro. 2018. Certified concurrent abstraction layers. In PLDI. ACM, 646–661. https://doi.org/10.1145/3192366.3192381

Digital Library

[35]

Hafnium. 2020. Hafnium. https://review.trustedfirmware.org/plugins/gitiles/hafnium/hafnium/+/HEAD/README.md

[36]

James Harland, David J. Pym, and Michael Winikoff. 1996. Programming in Lygon: An overview. In AMAST (LNCS, Vol. 1101). Springer, 391–405. https://doi.org/10.1007/BFb0014329

[37]

Chris Hathhorn, Chucky Ellison, and Grigore Rosu. 2015. Defining the undefinedness of C. In PLDI. ACM, 336–345. https://doi.org/10.1145/2737924.2737979

Digital Library

[38]

Aquinas Hobor, Andrew W. Appel, and Francesco Zappa Nardelli. 2008. Oracle semantics for concurrent separation logic. In ESOP (LNCS, Vol. 4960). Springer, 353–367. https://doi.org/10.1007/978-3-540-78739-6_27

[39]

Joshua S. Hodas and Dale Miller. 1991. Logic programming in a fragment of intuitionistic linear logic. In LICS. IEEE Computer Society, 32–42. https://doi.org/10.1109/LICS.1991.151628

[40]

Bart Jacobs, Jan Smans, Pieter Philippaerts, Frédéric Vogels, Willem Penninckx, and Frank Piessens. 2011. VeriFast: A powerful, sound, predictable, fast verifier for C and Java. In NASA Formal Methods (LNCS, Vol. 6617). Springer, 41–55. https://doi.org/10.1007/978-3-642-20398-5_4

[41]

Trevor Jim, Greg Morrisett, Dan Grossman, Michael W. Hicks, James Cheney, and Yanling Wang. 2002. Cyclone: A safe dialect of C. In USENIX. 275–288. http://www.usenix.org/publications/library/proceedings/usenix02/jim.html

[42]

Ralf Jung, Jacques-Henri Jourdan, Robbert Krebbers, and Derek Dreyer. 2018. RustBelt: Securing the foundations of the Rust programming language. Proc. ACM Program. Lang., 2, POPL (2018), 66:1–66:34. https://doi.org/10.1145/3158154

Digital Library

[43]

Ralf Jung, Jacques-Henri Jourdan, Robbert Krebbers, and Derek Dreyer. 2021. Safe systems programming in Rust. Commun. ACM, 64, 4 (2021), April, 144–152. https://cacm.acm.org/magazines/2021/4/251364-safe-systems-programming-in-rust/fulltext

Digital Library

[44]

Ralf Jung, Robbert Krebbers, Lars Birkedal, and Derek Dreyer. 2016. Higher-order ghost state. In ICFP. ACM, 256–269. https://doi.org/10.1145/2951913.2951943

Digital Library

[45]

Ralf Jung, Robbert Krebbers, Jacques-Henri Jourdan, Ales Bizjak, Lars Birkedal, and Derek Dreyer. 2018. Iris from the ground up: A modular foundation for higher-order concurrent separation logic. J. Funct. Program., 28 (2018), e20. https://doi.org/10.1017/S0956796818000151

[46]

Ralf Jung, Rodolphe Lepigre, Gaurav Parthasarathy, Marianna Rapoport, Amin Timany, Derek Dreyer, and Bart Jacobs. 2020. The future is ours: Prophecy variables in separation logic. Proc. ACM Program. Lang., 4, POPL (2020), 45:1–45:32. https://doi.org/10.1145/3371113

Digital Library

[47]

Ralf Jung, David Swasey, Filip Sieczkowski, Kasper Svendsen, Aaron Turon, Lars Birkedal, and Derek Dreyer. 2015. Iris: Monoids and invariants as an orthogonal basis for concurrent reasoning. In POPL. ACM, 637–650. https://doi.org/10.1145/2676726.2676980

Digital Library

[48]

Jan-Oliver Kaiser, Hoang-Hai Dang, Derek Dreyer, Ori Lahav, and Viktor Vafeiadis. 2017. Strong logic for weak memory: Reasoning about release-acquire consistency in iris. In ECOOP (LIPIcs, Vol. 74). Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 17:1–17:29. https://doi.org/10.4230/LIPIcs.ECOOP.2017.17

[49]

Jeehoon Kang, Chung-Kil Hur, William Mansky, Dmitri Garbuzov, Steve Zdancewic, and Viktor Vafeiadis. 2015. A formal C memory model supporting integer-pointer casts. In PLDI. ACM, 326–335. https://doi.org/10.1145/2737924.2738005

Digital Library

[50]

Gerwin Klein, June Andronick, Kevin Elphinstone, Toby C. Murray, Thomas Sewell, Rafal Kolanski, and Gernot Heiser. 2014. Comprehensive formal verification of an OS microkernel. ACM Trans. Comput. Syst., 32, 1 (2014), 2:1–2:70. https://doi.org/10.1145/2560537

Digital Library

[51]

Gerwin Klein, Kevin Elphinstone, Gernot Heiser, June Andronick, David Cock, Philip Derrin, Dhammika Elkaduwe, Kai Engelhardt, Rafal Kolanski, Michael Norrish, Thomas Sewell, Harvey Tuch, and Simon Winwood. 2009. seL4: Formal verification of an OS kernel. In SOSP. ACM, 207–220. https://doi.org/10.1145/1629575.1629596

Digital Library

[52]

Robbert Krebbers. 2014. An operational and axiomatic semantics for non-determinism and sequence points in C. In POPL. ACM, 101–112. https://doi.org/10.1145/2535838.2535878

Digital Library

[53]

Robbert Krebbers. 2015. The C standard formalized in Coq. Ph.D. Dissertation. Radboud University Nijmegen. https://robbertkrebbers.nl/thesis.html

[54]

Robbert Krebbers, Jacques-Henri Jourdan, Ralf Jung, Joseph Tassarotti, Jan-Oliver Kaiser, Amin Timany, Arthur Charguéraud, and Derek Dreyer. 2018. MoSeL: A general, extensible modal framework for interactive proofs in separation logic. Proc. ACM Program. Lang., 2, ICFP (2018), 77:1–77:30. https://doi.org/10.1145/3236772

Digital Library

[55]

Robbert Krebbers, Ralf Jung, Ales Bizjak, Jacques-Henri Jourdan, Derek Dreyer, and Lars Birkedal. 2017. The essence of higher-order concurrent separation logic. In ESOP (LNCS, Vol. 10201). Springer, 696–723. https://doi.org/10.1007/978-3-662-54434-1_26

Digital Library

[56]

Robbert Krebbers, Amin Timany, and Lars Birkedal. 2017. Interactive proofs in higher-order concurrent separation logic. In POPL. ACM, 205–217. http://dl.acm.org/citation.cfm?id=3009855

[57]

Robbert Krebbers and Freek Wiedijk. 2013. Separation logic for non-local control flow and block scope variables. In FoSSaCS (LNCS, Vol. 7794). Springer, 257–272. https://doi.org/10.1007/978-3-642-37075-5_17

Digital Library

[58]

Quang Loc Le, Jun Sun, and Shengchao Qin. 2018. Frame inference for inductive entailment proofs in separation logic. In TACAS (1) (LNCS, Vol. 10805). Springer, 41–60. https://doi.org/10.1007/978-3-319-89960-2_3

[59]

Juneyoung Lee, Yoonseung Kim, Youngju Song, Chung-Kil Hur, Sanjoy Das, David Majnemer, John Regehr, and Nuno P. Lopes. 2017. Taming undefined behavior in LLVM. In PLDI. ACM, 633–647. https://doi.org/10.1145/3062341.3062343

Digital Library

[60]

Wonyeol Lee and Sungwoo Park. 2014. A proof system for separation logic with magic wand. In POPL. ACM, 477–490. https://doi.org/10.1145/2535838.2535871

Digital Library

[61]

Xavier Leroy, Andrew Appel, Sandrine Blazy, and Gordon Stewart. 2012. The CompCert memory model, version 2. Inria. https://hal.inria.fr/hal-00703441

[62]

Xavier Leroy and Sandrine Blazy. 2008. Formal verification of a C-like memory model and its uses for verifying program transformations. J. Autom. Reason., 41, 1 (2008), 1–31. https://doi.org/10.1007/s10817-008-9099-0

Digital Library

[63]

Jacob R. Lorch, Yixuan Chen, Manos Kapritsos, Bryan Parno, Shaz Qadeer, Upamanyu Sharma, James R. Wilcox, and Xueyuan Zhao. 2020. Armada: Low-effort verification of high-performance concurrent programs. In PLDI. ACM, 197–210. https://doi.org/10.1145/3385412.3385971

Digital Library

[64]

Gregory Malecha, Adam Chlipala, and Thomas Braibant. 2014. Compositional computational reflection. In ITP (LNCS, Vol. 8558). Springer, 374–389. https://doi.org/10.1007/978-3-319-08970-6_24

[65]

William Mansky, Andrew W. Appel, and Aleksey Nogin. 2017. A verified messaging system. Proc. ACM Program. Lang., 1, OOPSLA (2017), 87:1–87:28. https://doi.org/10.1145/3133911

Digital Library

[66]

Kayvan Memarian, Victor B. F. Gomes, Brooks Davis, Stephen Kell, Alexander Richardson, Robert N. M. Watson, and Peter Sewell. 2019. Exploring C semantics and pointer provenance. Proc. ACM Program. Lang., 3, POPL (2019), 67:1–67:32. https://doi.org/10.1145/3290380

Digital Library

[67]

Kayvan Memarian, Justus Matthiesen, James Lingard, Kyndylan Nienhuis, David Chisnall, Robert N. M. Watson, and Peter Sewell. 2016. Into the depths of C: elaborating the de facto standards. In PLDI. ACM, 1–15. https://doi.org/10.1145/2908080.2908081

Digital Library

[68]

Magnus Oskar Myreen. 2009. Formal verification of machine-code programs. Ph.D. Dissertation. University of Cambridge, UK. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.611450

[69]

George C. Necula, Scott McPeak, and Westley Weimer. 2002. CCured: Type-safe retrofitting of legacy code. In POPL. ACM, 128–139. https://doi.org/10.1145/503272.503286

Digital Library

[70]

Ruzica Piskac, Thomas Wies, and Damien Zufferey. 2014. Automating separation logic with trees and data. In CAV (LNCS, Vol. 8559). Springer, 711–728. https://doi.org/10.1007/978-3-319-08867-9_47

Digital Library

[71]

François Pottier and Jonathan Protzenko. 2013. Programming with permissions in Mezzo. In ICFP. ACM, 173–184. https://doi.org/10.1145/2500365.2500598

Digital Library

[72]

Jonathan Protzenko, Jean Karim Zinzindohoué, Aseem Rastogi, Tahina Ramananandro, Peng Wang, Santiago Zanella Béguelin, Antoine Delignat-Lavaud, Catalin Hritcu, Karthikeyan Bhargavan, Cédric Fournet, and Nikhil Swamy. 2017. Verified low-level programming embedded in F*. Proc. ACM Program. Lang., 1, ICFP (2017), 17:1–17:29. https://doi.org/10.1145/3110261

Digital Library

[73]

Andrew Reynolds, Radu Iosif, Cristina Serban, and Tim King. 2016. A decision procedure for separation logic in SMT. In ATVA (LNCS, Vol. 9938). 244–261. https://doi.org/10.1007/978-3-319-46520-3_16

[74]

Patrick Maxim Rondon, Ming Kawaguchi, and Ranjit Jhala. 2008. Liquid types. In PLDI. ACM, 159–169. https://doi.org/10.1145/1375581.1375602

Digital Library

[75]

Patrick Maxim Rondon, Ming Kawaguchi, and Ranjit Jhala. 2010. Low-level liquid types. In POPL. ACM, 131–144. https://doi.org/10.1145/1706299.1706316

Digital Library

[76]

Grigore Rosu, Chucky Ellison, and Wolfram Schulte. 2010. Matching logic: An alternative to Hoare/Floyd logic. In AMAST (LNCS, Vol. 6486). Springer, 142–162. https://doi.org/10.1007/978-3-642-17796-5_9

[77]

Grigore Rosu and Traian-Florin Serbanuta. 2010. An overview of the K semantic framework. J. Log. Algebraic Methods Program., 79, 6 (2010), 397–434. https://doi.org/10.1016/j.jlap.2010.03.012

[78]

Grigore Rosu and Andrei Stefanescu. 2012. Checking reachability using matching logic. In OOPSLA. ACM, 555–574. https://doi.org/10.1145/2384616.2384656

Digital Library

[79]

Michael Sammler, Rodolphe Lepigre, Robbert Krebbers, Kayvan Memarian, Derek Dreyer, and Deepak Garg. 2021. RefinedC: Automating the foundational verification of C code with refined ownership types (Artifact and Appendix). https://doi.org/10.5281/zenodo.4646747 Project webpage:

[80]

Ilya Sergey, Aleksandar Nanevski, and Anindya Banerjee. 2015. Mechanized verification of fine-grained concurrent programs. In PLDI. ACM, 77–87. https://doi.org/10.1145/2737924.2737964

Digital Library

[81]

Thomas Arthur Leck Sewell, Magnus O. Myreen, and Gerwin Klein. 2013. Translation validation for a verified OS kernel. In PLDI. ACM, 471–482. https://doi.org/10.1145/2491956.2462183

Digital Library

[82]

Zhong Shao, Valery Trifonov, Bratin Saha, and Nikolaos Papaspyrou. 2005. A type system for certified binaries. ACM Trans. Program. Lang. Syst., 27, 1 (2005), 1–45. https://doi.org/10.1145/1053468.1053469

Digital Library

[83]

Frederick Smith, David Walker, and J. Gregory Morrisett. 2000. Alias types. In ESOP (LNCS, Vol. 1782). Springer, 366–381. https://doi.org/10.1007/3-540-46425-5_24

[84]

Matthieu Sozeau and Nicolas Oury. 2008. First-class type classes. In TPHOLs (LNCS, Vol. 5170). Springer, 278–293. https://doi.org/10.1007/978-3-540-71067-7_23

Digital Library

[85]

Simon Spies, Lennard Gäher, Daniel Gratzer, Joseph Tassarotti, Robbert Krebbers, Derek Dreyer, and Lars Birkedal. 2021. Transfinite Iris: Resolving an existential dilemma of step-indexed separation logic. In PLDI. ACM. https://doi.org/10.1145/3453483.3454031

[86]

Andrei Stefanescu. 2014. MatchC: A matching logic reachability verifier using the K framework. Electron. Notes Theor. Comput. Sci., 304 (2014), 183–198. https://doi.org/10.1016/j.entcs.2014.05.010

[87]

Kasper Svendsen and Lars Birkedal. 2014. Impredicative concurrent abstract predicates. In ESOP (LNCS, Vol. 8410). Springer, 149–168. https://doi.org/10.1007/978-3-642-54833-8_9

Digital Library

[88]

Nikhil Swamy, Juan Chen, Cédric Fournet, Pierre-Yves Strub, Karthikeyan Bhargavan, and Jean Yang. 2011. Secure distributed programming with value-dependent types. In ICFP. ACM, 266–278. https://doi.org/10.1145/2034773.2034811

Digital Library

[89]

Nikhil Swamy, Michael W. Hicks, Greg Morrisett, Dan Grossman, and Trevor Jim. 2006. Safe manual memory management in Cyclone. Sci. Comput. Program., 62, 2 (2006), 122–144. https://doi.org/10.1016/j.scico.2006.02.003

Digital Library

[90]

Quang-Trung Ta, Ton Chanh Le, Siau-Cheng Khoo, and Wei-Ngan Chin. 2018. Automated lemma synthesis in symbolic-heap separation logic. Proc. ACM Program. Lang., 2, POPL (2018), 9:1–9:29. https://doi.org/10.1145/3158097

Digital Library

[91]

The Bedrock Team. 2015. Verification of a singly linked list. https://github.com/mit-plv/bedrock/blob/e3ff3c2cba9976ac4351caaabb4bf/Bedrock/Examples/SinglyLinkedList.v

[92]

The Coq-std++ Team. 2020. An extended “standard library” for Coq. https://gitlab.mpi-sws.org/iris/stdpp

[93]

The Rust Team. 2020. The Rust programming language. https://rust-lang.org

[94]

The Tokei Team. 2020. Tokei. https://github.com/XAMPPRocky/tokei

[95]

The VCC Team. 2016. Verification of a singly linked list. https://github.com/microsoft/vcc/blob/47f3f33d459f5fd9233203ec3d5d2fc803/vcc/Docs/Tutorial/c/7.2.list.c

[96]

The Verifast Team. 2019. Verification of a binary search tree. https://github.com/verifast/verifast/blob/8bc966726de829749eaf916ec3863bf294/examples/sorted_bintree.c

[97]

The VST Team. 2020. Verification of Binary Search Tree. https://github.com/PrincetonUniversity/VST/blob/14e6b3a79a9685a478786436c6f0a45dc44c3d52/progs/verif_bst.v

[98]

John Toman, Ren Siqi, Kohei Suenaga, Atsushi Igarashi, and Naoki Kobayashi. 2020. ConSORT: Context- and flow-sensitive ownership refinement types for imperative programs. In ESOP (LNCS, Vol. 12075). Springer, 684–714. https://doi.org/10.1007/978-3-030-44914-8_25

Digital Library

[99]

Frédéric Vogels, Bart Jacobs, and Frank Piessens. 2015. Featherweight VeriFast. Log. Methods Comput. Sci., 11, 3 (2015), https://doi.org/10.2168/LMCS-11(3:19)2015

[100]

Frédéric Vogels, Bart Jacobs, Frank Piessens, and Jan Smans. 2011. Annotation inference for separation logic based verifiers. In FMOODS/FORTE (LNCS, Vol. 6722). Springer, 319–333. https://doi.org/10.1007/978-3-642-21461-5_21

[101]

David Walker and J. Gregory Morrisett. 2000. Alias types for recursive data structures. In TIC (LNCS, Vol. 2071). Springer, 177–206. https://doi.org/10.1007/3-540-45332-6_7

[102]

Qinshi Wang and Qinxiang Cao. 2019. VST-A: A foundationally sound annotation verifier. CoRR, abs/1909.00097 (2019), arxiv:1909.00097

[103]

Xi Wang, Haogang Chen, Alvin Cheung, Zhihao Jia, Nickolai Zeldovich, and M. Frans Kaashoek. 2012. Undefined behavior: What happened to my code? In APSys. ACM, 9. https://doi.org/10.1145/2349896.2349905

Digital Library

[104]

Simon Winwood, Gerwin Klein, Thomas Sewell, June Andronick, David Cock, and Michael Norrish. 2009. Mind the gap. In TPHOLs (LNCS, Vol. 5674). Springer, 500–515. https://doi.org/10.1007/978-3-642-03359-9_34

Digital Library

[105]

Hongwei Xi. 2007. Dependent ML: An approach to practical programming with dependent types. J. Funct. Program., 17, 2 (2007), 215–286. https://doi.org/10.1017/S0956796806006216

Digital Library

[106]

Hongseok Yang, Oukseh Lee, Josh Berdine, Cristiano Calcagno, Byron Cook, Dino Distefano, and Peter W. O’Hearn. 2008. Scalable shape analysis for systems code. In CAV (LNCS, Vol. 5123). Springer, 385–398. https://doi.org/10.1007/978-3-540-70545-1_36

Digital Library

[107]

Jean Karim Zinzindohoué, Karthikeyan Bhargavan, Jonathan Protzenko, and Benjamin Beurdouche. 2017. HACL*: A verified modern cryptographic library. In CCS. ACM, 1789–1806. https://doi.org/10.1145/3133956.3134043

Digital Library

Cited By

Xu QSanan DHou ZLuan XWatt CLiu Y(2025)Generically Automating Separation Logic by Functors, Homomorphisms, and ModulesProceedings of the ACM on Programming Languages10.1145/37049039:POPL(1992-2024)Online publication date: 9-Jan-2025
https://dl.acm.org/doi/10.1145/3704903
Kim YCho MLee JKim JYoon TSong YHur C(2025)Archmage and CompCertCast: End-to-End Verification Supporting Integer-Pointer CastingProceedings of the ACM on Programming Languages10.1145/37048819:POPL(1326-1354)Online publication date: 9-Jan-2025
https://dl.acm.org/doi/10.1145/3704881
Banerjee RMemarian KMakwana DPulte CKrishnaswami NSewell P(2025)Fulminate: Testing CN Separation-Logic Specifications in CProceedings of the ACM on Programming Languages10.1145/37048799:POPL(1260-1292)Online publication date: 9-Jan-2025
https://dl.acm.org/doi/10.1145/3704879
Show More Cited By

Index Terms

RefinedC: automating the foundational verification of C code with refined ownership types
1. Theory of computation
  1. Logic

Recommendations

Beyond Backtracking: Connections in Fine-Grained Concurrent Separation Logic

Concurrent separation logic has been responsible for major advances in the formal verification of fine-grained concurrent algorithms and data structures such as locks, barriers, queues, and reference counters. The key ingredient of the verification of ...
Proof Automation for Linearizability in Separation Logic

Recent advances in concurrent separation logic enabled the formal verification of increasingly sophisticated fine-grained (i.e., lock-free) concurrent programs. For such programs, the golden standard of correctness is linearizability, which expresses ...
Practical Proof Search for Coq by Type Inhabitation
Automated Reasoning
Abstract
We present a practical proof search procedure for Coq based on a direct search for type inhabitants in an appropriate normal form. The procedure is more general than any of the automation tactics natively available in Coq. It aims to handle as ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

PLDI 2021: Proceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation

June 2021

1341 pages

ISBN:9781450383912

DOI:10.1145/3453483

General Chair:
Stephen N. Freund
Williams College, USA
,
Program Chair:
Eran Yahav
Technion, Israel

Copyright © 2021 Owner/Author.

This work is licensed under a Creative Commons Attribution International 4.0 License.

Sponsors

SIGPLAN: ACM Special Interest Group on Programming Languages

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 June 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

PLDI '21

Sponsor:

SIGPLAN

PLDI '21: 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation

June 20 - 25, 2021

Virtual, Canada

Acceptance Rates

Overall Acceptance Rate 406 of 2,067 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

46
Total Citations
View Citations
1,639
Total Downloads

Downloads (Last 12 months)607
Downloads (Last 6 weeks)74

Reflects downloads up to 12 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Xu QSanan DHou ZLuan XWatt CLiu Y(2025)Generically Automating Separation Logic by Functors, Homomorphisms, and ModulesProceedings of the ACM on Programming Languages10.1145/37049039:POPL(1992-2024)Online publication date: 9-Jan-2025
https://dl.acm.org/doi/10.1145/3704903
Kim YCho MLee JKim JYoon TSong YHur C(2025)Archmage and CompCertCast: End-to-End Verification Supporting Integer-Pointer CastingProceedings of the ACM on Programming Languages10.1145/37048819:POPL(1326-1354)Online publication date: 9-Jan-2025
https://dl.acm.org/doi/10.1145/3704881
Banerjee RMemarian KMakwana DPulte CKrishnaswami NSewell P(2025)Fulminate: Testing CN Separation-Logic Specifications in CProceedings of the ACM on Programming Languages10.1145/37048799:POPL(1260-1292)Online publication date: 9-Jan-2025
https://dl.acm.org/doi/10.1145/3704879
Dardinier TSammler MParthasarathy GSummers AMüller P(2025)Formal Foundations for Translational Separation Logic VerifiersProceedings of the ACM on Programming Languages10.1145/37048569:POPL(569-599)Online publication date: 9-Jan-2025
https://dl.acm.org/doi/10.1145/3704856
Vistrup MSammler MJung R(2025)Program Logics à la CarteProceedings of the ACM on Programming Languages10.1145/37048479:POPL(300-331)Online publication date: 9-Jan-2025
https://dl.acm.org/doi/10.1145/3704847
Reitz AFromherz AProtzenko J(2024)StarMalloc: Verifying a Modern, Hardened Memory AllocatorProceedings of the ACM on Programming Languages10.1145/36897738:OOPSLA2(1757-1786)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689773
Simonnet JLemerre MSighireanu M(2024)A Dependent Nominal Physical Type System for Static Analysis of Memory in Low Level CodeProceedings of the ACM on Programming Languages10.1145/36897128:OOPSLA2(30-59)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689712
Timany AKrebbers RDreyer DBirkedal L(2024)A Logical Approach to Type SoundnessJournal of the ACM10.1145/367695471:6(1-75)Online publication date: 11-Nov-2024
https://dl.acm.org/doi/10.1145/3676954
Gäher LSammler MJung RKrebbers RDreyer D(2024)RefinedRust: A Type System for High-Assurance Verification of Rust ProgramsProceedings of the ACM on Programming Languages10.1145/36564228:PLDI(1115-1139)Online publication date: 20-Jun-2024
https://dl.acm.org/doi/10.1145/3656422
Spies SGäher LSammler MDreyer D(2024)Quiver: Guided Abductive Inference of Separation Logic Specifications in CoqProceedings of the ACM on Programming Languages10.1145/36564138:PLDI(889-913)Online publication date: 20-Jun-2024
https://dl.acm.org/doi/10.1145/3656413
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents