Skip to main content
SpringerLink
Log in

Auto-Active Proof of Red-Black Trees in SPARK

  • Conference paper
  • First Online:
NASA Formal Methods (NFM 2017)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 10227))

Included in the following conference series:

Abstract

Formal program verification can guarantee that a program is free from broad classes of errors (like reads of uninitialized data and run-time errors) and that it complies with its specification. Tools such as SPARK make it cost effective to target the former in an industrial context, but the latter is much less common in industry, owing to the cost of specifying the behavior of programs and even more the cost of achieving proof of such specifications. We have chosen in SPARK to rely on the techniques of auto-active verification for providing cost effective formal verification of functional properties. These techniques consist in providing annotations in the source code that will be used by automatic provers to complete the proof. To demonstrate the potential of this approach, we have chosen to formally specify a library of red-black trees in SPARK, and to prove its functionality using auto-active verification. To the best of our knowledge, this is the most complex use of auto-active verification so far.

Work partly supported by the Joint Laboratory ProofInUse (ANR-13-LAB3-0007, http://www.spark-2014.org/proofinuse) and project VECOLIB (ANR-14-CE28-0018) of the French national research organization.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://github.com/AdaCore/spark2014/tree/master/testsuite/gnatprove/tests/red_black_trees.

  2. 2.

    http://frama-c.com/.

  3. 3.

    http://www.adacore.com/sparkpro/.

References

  1. Appel, A.W.: Efficient verified red-black trees (2011). https://www.cs.princeton.edu/~appel/papers/redblack.pdf

  2. Bruns, D.: Specification of red-black trees: showcasing dynamic frames, model fields and sequences. In: Wolfgang, A., Richard, B. (eds.) 10th KeY Symposium (2011)

    Google Scholar 

  3. Charguéraud, A.: Program verification through characteristic formulae. ACM Sigplan Not. 45(9), 321–332 (2010)

    Article  MATH  Google Scholar 

  4. Cormen, T.H., Leiserson, C.E., Rivest, R.L., Stein, C.: Introduction to Algorithms, 3rd edn. The MIT Press, Cambridege (2009)

    MATH  Google Scholar 

  5. Dross, C., Moy, Y.: Abstract software specifications and automatic proof of refinement. In: Lecomte, T., Pinger, R., Romanovsky, A. (eds.) RSSRail 2016. LNCS, vol. 9707, pp. 215–230. Springer, Cham (2016). doi:10.1007/978-3-319-33951-1_16

    Google Scholar 

  6. Enea, C., Sighireanu, M., Wu, Z.: On automated lemma generation for separation logic with inductive definitions. In: Finkbeiner, B., Pu, G., Zhang, L. (eds.) ATVA 2015. LNCS, vol. 9364, pp. 80–96. Springer, Cham (2015). doi:10.1007/978-3-319-24953-7_7

    Chapter  Google Scholar 

  7. Filliâtre, J.-C., Letouzey, P.: Functors for proofs and programs. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, pp. 370–384. Springer, Heidelberg (2004). doi:10.1007/978-3-540-24725-8_26

    Chapter  Google Scholar 

  8. Filliâtre, J.-C., Paskevich, A.: Why3 — where programs meet provers. In: Felleisen, M., Gardner, P. (eds.) ESOP 2013. LNCS, vol. 7792, pp. 125–128. Springer, Heidelberg (2013). doi:10.1007/978-3-642-37036-6_8. https://hal.inria.fr/hal-00789533

    Chapter  Google Scholar 

  9. Furia, C.A., Nordio, M., Polikarpova, N., Tschannen, J.: AutoProof: auto-active functional verification of object-oriented programs. Int. J. Softw. Tools Technol. Transfer 1–20 (2016). http://dx.doi.org/10.1007/s10009-016-0419-0

  10. Hawblitzel, C., Howell, J., Kapritsos, M., Lorch, J.R., Parno, B., Roberts, M.L., Setty, S., Zill, B.: IronFleet: proving practical distributed systems correct. In: Proceedings of the 25th Symposium on Operating Systems Principles, SOSP 2015, pp. 1–17. ACM, New York (2015). http://doi.acm.org/10.1145/2815400.2815428

  11. Hawblitzel, C., Howell, J., Lorch, J.R., Narayan, A., Parno, B., Zhang, D., Zill, B.: Ironclad apps: end-to-end security via automated full-system verification. In: Proceedings of the 11th USENIX Conference on Operating Systems Design and Implementation, OSDI 2014, pp. 165–181. USENIX Association, Berkeley (2014). http://dl.acm.org/citation.cfm?id=2685048.2685062

  12. Kosmatov, N., Marché, C., Moy, Y., Signoles, J.: Static versus dynamic verification in Why3, Frama-C and SPARK 2014. In: Margaria, T., Steffen, B. (eds.) ISoLA 2016. LNCS, vol. 9952, pp. 461–478. Springer, Cham (2016). doi:10.1007/978-3-319-47166-2_32. https://hal.inria.fr/hal-01344110

    Chapter  Google Scholar 

  13. Lammich, P., Lochbihler, A.: The isabelle collections framework. In: Kaufmann, M., Paulson, L.C. (eds.) ITP 2010. LNCS, vol. 6172, pp. 339–354. Springer, Heidelberg (2010). doi:10.1007/978-3-642-14052-5_24

    Chapter  Google Scholar 

  14. Leino, K.R.M.: Dafny: an automatic program verifier for functional correctness. In: Clarke, E.M., Voronkov, A. (eds.) LPAR 2010. LNCS (LNAI), vol. 6355, pp. 348–370. Springer, Heidelberg (2010). doi:10.1007/978-3-642-17511-4_20. http://dl.acm.org/citation.cfm?id=1939141.1939161

    Chapter  Google Scholar 

  15. Leino, K.R.M., Moskal, M.: Usable auto-active verification. In: Usable Verification Workshop (2010). http://fm.csl.sri.com/UV10/

  16. Leino, K.R.M., Moskal, M.: VACID-0: verification of ample correctness of invariants of data-structures, edition 0 (2010)

    Google Scholar 

  17. McCormick, J.W., Chapin, P.C.: Building High Integrity Applications with SPARK. Cambridge University Press, Cambridge (2015)

    Book  MATH  Google Scholar 

  18. O’Neill, I.: SPARK - a language and tool-set for high-integrity software development. In: Boulanger, J.L. (ed.) Industrial Use of Formal Methods: Formal Verification. Wiley, Hoboken (2012)

    Google Scholar 

  19. Polikarpova, N., Tschannen, J., Furia, C.A.: A fully verified container library. In: Bjørner, N., de Boer, F. (eds.) FM 2015. LNCS, vol. 9109, pp. 414–434. Springer, Cham (2015). doi:10.1007/978-3-319-19249-9_26

    Chapter  Google Scholar 

  20. Stefănescu, A., Park, D., Yuwen, S., Li, Y., Roşu, G.: Semantics-based program verifiers for all languages. In: Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, pp. 74–91. ACM (2016)

    Google Scholar 

  21. Tafat, A., Marché, C.: Binary heaps formally verified in Why3. Research report 7780, INRIA, October 2011. http://hal.inria.fr/inria-00636083/en/

Download references

Acknowledgements

We would like to thank our colleague Ben Brosgol and the anonymous reviewers for their useful comments.

Author information

Authors and Affiliations

  1. AdaCore, 75009, Paris, France

    Claire Dross & Yannick Moy

Authors
  1. Claire Dross
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yannick Moy
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Claire Dross .

Editor information

Editors and Affiliations

  1. Stanford University, Palo Alto, California, USA

    Clark Barrett

  2. NASA Ames Research Center, Moffett Field, California, USA

    Misty Davies

  3. NASA Ames Research Center, Moffett Field, California, USA

    Temesghen Kahsai

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Dross, C., Moy, Y. (2017). Auto-Active Proof of Red-Black Trees in SPARK. In: Barrett, C., Davies, M., Kahsai, T. (eds) NASA Formal Methods. NFM 2017. Lecture Notes in Computer Science(), vol 10227. Springer, Cham. https://doi.org/10.1007/978-3-319-57288-8_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-57288-8_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-57287-1

  • Online ISBN: 978-3-319-57288-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation