Binary Heaps Formally Verified in Why3

The VACID-0 benchmarks is a set of small programs which pose challenges for formal verification of their functional behavior. This paper reports on the formal verification of one of these challenges: binary heaps. The solution given here is performed using the Why3 environment for program verification. The expected behavior of the program is specified in Why3 logic, structured using the constructs for building hierarchies of theories provided by Why3. The proofs are achieved by a significant amount of automation, using SMT solvers for a large majority of the verification conditions generated, whereas the remaining verification conditions are discharged by interactive constructions of proof scripts using the Coq proof assistant. The general aim of this case study is to demonstrate the usability and efficiency of both the Why3 specification language and the accompanying tools, which offer a fairly advanced environment for specification while keeping a significant amount of automation of proofs.

[1]  Jean-Christophe Filliâtre,et al.  Verification of non-functional programs using interpretations in type theory , 2003, J. Funct. Program..

[2]  Richard Bornat,et al.  Proving Pointer Programs in Hoare Logic , 2000, MPC.

[3]  David R. Cok,et al.  ESC/Java2: Uniting ESC/Java and JML , 2004, CASSIS.

[4]  Robert W. Floyd,et al.  Assigning Meanings to Programs , 1993 .

[5]  K. Rustan M. Leino,et al.  Dafny: An Automatic Program Verifier for Functional Correctness , 2010, LPAR.

[6]  Pierre Castéran,et al.  Interactive Theorem Proving and Program Development , 2004, Texts in Theoretical Computer Science An EATCS Series.

[7]  Wolfram Schulte,et al.  VCC: Contract-based modular verification of concurrent C , 2009, 2009 31st International Conference on Software Engineering - Companion Volume.

[8]  Bernhard Beckert,et al.  Verification of Object-Oriented Software. The KeY Approach - Foreword by K. Rustan M. Leino , 2007, The KeY Approach.

[9]  Claude Marché,et al.  A Refinement Methodology for Object-Oriented Programs , 2010, FoVeOOS.

[10]  Claude Marché,et al.  The Why/Krakatoa/Caduceus Platform for Deductive Program Verification , 2007, CAV.

[11]  Edsger W. Dijkstra,et al.  A Discipline of Programming , 1976 .

[12]  Gary T. Leavens,et al.  Specification and verification challenges for sequential object-oriented programs , 2007, Formal Aspects of Computing.

[13]  Yannick Moy Automatic modular static safety checking for C programs , 2009 .

[14]  J. Filliâtre,et al.  ACSL: ANSI/ISO C Specification Language , 2008 .

[15]  Bernhard Beckert,et al.  Formal Verification of Object-Oriented Software, Papers Presented at the International Conference , 2010 .

[16]  Lauretta O. Osho,et al.  Axiomatic Basis for Computer Programming , 2013 .

[17]  François Bobot,et al.  Why3: Shepherd Your Herd of Provers , 2011 .

[18]  K. Rustan M. Leino,et al.  The Spec# Programming System: An Overview , 2004, CASSIS.