Simple verification of Rust programs via functional purification in Lean 2(!)

Sebastian Ullrich

Last update: Dec 11, 2022

Related tags

Security tools electrolysis

Overview

electrolysis

About

A tool for formally verifying Rust programs by transpiling them into definitions in the Lean theorem prover.

Masters thesis: Simple Verification of Rust Programs via Functional Purification - thesis|presentation
Official reference and coverage
Blog post: A Formal Verification of Rust's Binary Search Implementation

Installation

Because electrolysis uses rustc's unstable private API, you need a nightly compiler. Because the API is highly unstable, you need a very specific nightly version, for which you should use rustup.rs. After installing rustup, you can build this project by executing

electrolysis$ rustup override add $(cat rust-nightly-version)
electrolysis$ rustup component add rust-src
electrolysis$ cargo run core

This will build the project and export all code from the core crate necessary for binary_search (see also thys/core/config.toml) into thys/core/generated.lean (this file already exists in case you just want to examine the correctness proof).

You might also like...

A simple menu to keep all your most used one-liners and scripts in one place

Dama Desktop Agnostic Menu Aggregate This program aims to be a hackable, easy to use menu that can be paired to lightweight window managers in order t

47 Jul 23, 2022

A simple scanner that loops through ips and checks if a minecraft server is running on port 25565

scanolotl Scanolotl is a simple scanner that loops through ips and checks if a minecraft server is running on port 25565. Scanolotl can also preform a

3 Jul 28, 2022

A simple port sniffer(scanner) implementation with 🦀

A simple port sniffer(scanner) implementation with 🦀 Install from crates.io crago install ports-sniffer From aur: yay -S ports-sniffer Arguments Argu

8 Oct 10, 2022

A simple command line tool which quickly audits the Disallow entries of a site's robots.txt.

Domo Arigato A simple command line tool which quickly audits the Disallow entries of a site's robots.txt. Disallow entries can be used to stop search

20 Apr 17, 2023

Detects usage of unsafe Rust in a Rust crate and its dependencies.

cargo-geiger ☢️ Looking for maintainer: https://github.com/rust-secure-code/cargo-geiger/issues/210 A program that lists statistics related to the usa

1.1k Jan 4, 2023

An esoteric language/compiler written with Rust and Rust LLVM bindings

MeidoLang (メイドラング) A not so useful and esoteric language. The goal of this project was to contain some quirky or novel syntax in a stack-style program

0 Dec 24, 2021

Rust bindings for libinjection

libinjection-rs Rust bindings for libinjection. How to use Add libinjection to dependencies of Cargo.toml: libinjection = "0.2" Import crate: extern c

35 Sep 24, 2022

tcp connection hijacker, rust rewrite of shijack

rshijack tcp connection hijacker, rust rewrite of shijack from 2001. This was written for TAMUctf 2018, brick house 100. The target was a telnet serve

377 Jan 1, 2023

link is a command and control framework written in rust

link link is a command and control framework written in rust. Currently in alpha. Table of Contents Introduction Features Feedback Build Process Ackno

427 Dec 24, 2022

Comments

License?

Hey,

I wanted to add electrolysis to awesome-static-analysis, but I can't the license of electrolysis. Maybe it might make sense to add a LICENSE file to the repo to clarify that. Some suggestions at http://choosealicense.com/ :smiley:

opened by mre 1
Add a Gitter chat badge to README.md

Kha/electrolysis now has a Chat Room on Gitter

@Kha has just created a chat room. You can visit it here: https://gitter.im/Kha/electrolysis.

This pull-request adds this badge to your README.md:

If my aim is a little off, please let me know.

Happy chatting.

PS: Click here if you would prefer not to receive automatic pull-requests from Gitter in future.

opened by gitter-badger 0
Functional purification for `Cell` and other types with interior mutability
Could you elaborate on whether functional purification can still hold when using types with interior mutability, like 'Cell'?

In the following example, c2 is mutated through c1. Is there any rule that can be used to transform this into a purely functional equivalent (without having to track all the aliases to c1, which might be difficult for non-trivial cases)?

let c1: &Cell<i32> = &Cell::new(0); let c2: &Cell<i32> = c1; c1.set(2); println!("{:?}", c2.get()); // Prints 2

What about RefCell, Mutex, ... ?
opened by tyrbentsen 1
Lean Version

I am using Lean version 3.2.1, but can't seem to sort out the imports and opens.

For example, inside core/generated.lean, at the first line, I get the error "file 'core/pre' not found in the LEAN_PATH. I can fix this particular error by changing the import to read import ..core.pre. Is there another way to fix this that doesn't involve editing the files?

In sem.lean, at line 3, open eq.ops, I get the error "invalid namespace name 'eq.ops'". Is replacing that line with open eq OK?

Finally, anywhere where there is an command of the form open [.+] .+ I get the error "invalid 'open/export' command, identifier expected". I am not sure how to fix those either.

I suspect that this could all be fixed by switching to the correct Lean version. What version of Lean does electrolysis depend on? Is there a fix that doesn't involve switching versions of Lean?

Thanks!

opened by FedericoAureliano 1