Prusti
Formal verification of system software is notoriously difficult and requires complex specifications and logics (such as separation logic) to reason about pointers, aliasing, and side effects on mutable state. Although powerful, these formal techniques are typically applicable only by expert researchers.
The external pageRustcall_made programming language includes an ownership type system which guarantees rich memory safety properties: well-typed Rust programs are guaranteed to not exhibit problems such as dangling pointers, data races, and unexpected side effects through aliased references.
In this project, we exploit Rust's type system to greatly simplify the specification and verification of Rust programs. In particular, we lift the ownership and framing-related information required for a separation logic proof from the type-checking of the program performed by the Rust compiler; user specifications are automatically interwoven, and focus on the desired functional guarantees expressed in a syntax similar to that of Rust program expressions.
In particular, although our verification tools construct formal proofs in a sophisticated logic, the user-level interaction with these tools is kept at a suitable level of abstraction which elides these full details. Our underlying tools are based on the Viper verification infrastructure.
The first versions of our tools are under development, and target a small but interesting fragment of Rust without unsafe features; in the future, we plan to extend our work to tackle a large portion of the language, including certain patterns of unsafe Rust code. The project is available on external pageGitHubcall_made and can be used via the external page"Prusti Assistant"call_made extension for Visual Studio Code.
Project Members
Vytautas Astrauskas
Aurel Bílý
Xavier Denis
Jonas Fiala
external pageChristoph Mathejacall_made (DTU Copenhagen)
Peter Müller
Federico Poli
external pageAlex Summerscall_made (UBC)
Links
external pagePrusti User Guidecall_made
external pageGitHub repositorycall_made
external pageZulip channelcall_made
Prusti versions of the examples and exercises from Rustan Leino's book external pageProgram Proofscall_made
Key Publications
- V. Astrauskas, A. Bílý, J. Fiala, Z. Grannan, C. Matheja, P. Müller, F. Poli, and A. J. Summers: The Prusti Project: Formal Verification for Rust (invited)
NASA Formal Methods (14th International Symposium), 2022. [DownloadPDFvertical_align_bottom][BIB][external pagePublishercall_made]
- F. Wolff, A. Bílý, C. Matheja, P. Müller, and A. J. Summers: Modular Specification and Verification of Closures in Rust
Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), 2021 [DownloadPDFvertical_align_bottom][BIB][external pagePublishercall_made][external pageTalkcall_made]
- V. Astrauskas, C. Matheja, P. Müller, F. Poli, and A. J. Summers: How Do Programmers Use Unsafe Rust?
Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), 2020. [DownloadPDFvertical_align_bottom][BIB][external pagePublishercall_made][external pageTalkcall_made] - V. Astrauskas and P. Müller and F. Poli and A. J. Summers: Leveraging Rust Types for Modular Specification and Verification
Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), 2019. [DownloadPDFvertical_align_bottom][BIB][external pagePublishercall_made][external pageTalkcall_made]
- V. Astrauskas and P. Müller and F. Poli and A. J. Summers, Leveraging Rust Types for Modular Specification and Verification
Technical Report, ETH Research Collection, 2019. [DownloadPDFvertical_align_bottom][BIB][external pageETH Collectioncall_made]
Acknowledgments
The Prusti project has been funded by the external pageSwiss National Science Foundationcall_made, external pageFacebookcall_made, and external pageAmazon Web Servicescall_made.