add loop-invariants and harnesses #16
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…verify-rust-std into memchrinvariant
…verify-rust-std into memchrinvariant
thanhnguyen-aws
force-pushed
the
memchrinvariant
branch
from
dfcc7cc to
e411051
Compare
…#467) This is an automated PR to merge library subtree updates from 2025-08-07 (rust-lang/rust@7d82b83) to 2025-08-18 (rust-lang/rust@425a9c0) (inclusive) into main. `git merge` resulted in conflicts, which require manual resolution. Files were commited with merge conflict markers. **Do not remove or edit the following annotations:** git-subtree-dir: library git-subtree-split: 85cbfac --------- Signed-off-by: Ayush Singh <ayush@beagleboard.org> Signed-off-by: Jonathan Brouwer <jonathantbrouwer@gmail.com> Signed-off-by: Sacha Ayoun <sachaayoun@gmail.com> Signed-off-by: Eval EXEC <execvy@gmail.com> Signed-off-by: Jens Reidel <adrian@travitia.xyz> Co-authored-by: Scott McMurray <scottmcm@users.noreply.github.com> Co-authored-by: github-actions <github-actions@github.com> Co-authored-by: Trevor Gross <tmgross@umich.edu> Co-authored-by: Jacob Pratt <jacob@jhpratt.dev> Co-authored-by: quaternic <57393910+quaternic@users.noreply.github.com> Co-authored-by: Madhav Madhusoodanan <madhavmadhusoodanan@gmail.com> Co-authored-by: Ralf Jung <post@ralfj.de> Co-authored-by: Folkert de Vries <folkert@folkertdev.nl> Co-authored-by: bors <bors@rust-lang.org> Co-authored-by: Matthias Krüger <476013+matthiaskrgr@users.noreply.github.com> Co-authored-by: xonx <119700621+xonx4l@users.noreply.github.com> Co-authored-by: Yosh <github@yosh.is> Co-authored-by: usamoi <usamoi@outlook.com> Co-authored-by: joboet <jonasboettiger@icloud.com> Co-authored-by: Stuart Cook <Zalathar@users.noreply.github.com> Co-authored-by: gewitternacht <60887951+gewitternacht@users.noreply.github.com> Co-authored-by: Jakub Beránek <berykubik@gmail.com> Co-authored-by: Connor Tsui <connor.tsui20@gmail.com> Co-authored-by: Aandreba <aandreba@gmail.com> Co-authored-by: Lucas Werkmeister <mail@lucaswerkmeister.de> Co-authored-by: WANG Rui <wangrui@loongson.cn> Co-authored-by: Orson Peters <orsonpeters@gmail.com> Co-authored-by: Balt <59123926+balt-dev@users.noreply.github.com> Co-authored-by: Nurzhan Sakén <nurzhan.sakenov@gmail.com> Co-authored-by: Tsukasa OI <floss_rust@irq.a4lg.com> Co-authored-by: Guillaume Gomez <guillaume1.gomez@gmail.com> Co-authored-by: Samuel Tardieu <sam@rfc1149.net> Co-authored-by: Evgenii Zheltonozhskii <zheltonozhskiy@gmail.com> Co-authored-by: Nico Lehmann <nico.lehmannm@gmail.com> Co-authored-by: stifskere <esteve@memw.es> Co-authored-by: Christopher Hotchkiss <christopher.hotchkiss@gmail.com> Co-authored-by: Folkert de Vries <flokkievids@gmail.com> Co-authored-by: Kivooeo <Kivooeo123@gmail.com> Co-authored-by: Ayush Singh <ayush@beagleboard.org> Co-authored-by: Jonathan Brouwer <jonathantbrouwer@gmail.com> Co-authored-by: Ross MacArthur <ross@macarthur.io> Co-authored-by: Paul Murphy <murp@redhat.com> Co-authored-by: Michael Tautschnig <tautschn@amazon.com> Co-authored-by: Chai T. Rex <ChaiTRex@users.noreply.github.com> Co-authored-by: okaneco <47607823+okaneco@users.noreply.github.com> Co-authored-by: The 8472 <git@infinite-source.de> Co-authored-by: Josh Triplett <josh@joshtriplett.org> Co-authored-by: Eric Huss <eric@huss.org> Co-authored-by: Boxy <rust@boxyuwu.dev> Co-authored-by: LorrensP-2158466 <lorrens.pantelis@student.uhasselt.be> Co-authored-by: Karl Meakin <karl.meakin@arm.com> Co-authored-by: Ivan Enderlin <ivan@mnt.io> Co-authored-by: Ulrich Stark <github@ustark.de> Co-authored-by: Shoyu Vanilla <modulo641@gmail.com> Co-authored-by: Trevor Gross <t.gross35@gmail.com> Co-authored-by: Roger Curley <rocurley@gmail.com> Co-authored-by: Spxg <unsafe@outlook.es> Co-authored-by: Chris Denton <chris@chrisdenton.dev> Co-authored-by: Ada Alakbarova <ada.alakbarova@proton.me> Co-authored-by: ltdk <usr@ltdk.xyz> Co-authored-by: Esteban Küber <esteban@kuber.com.ar> Co-authored-by: SabrinaJewson <sejewson@gmail.com> Co-authored-by: Ed Page <eopage@gmail.com> Co-authored-by: Ada Alakbarova <58857108+ada4a@users.noreply.github.com> Co-authored-by: Mara Bos <m-ou.se@m-ou.se> Co-authored-by: Sacha Ayoun <sachaayoun@gmail.com> Co-authored-by: Tim (Theemathas) Chirananthavat <theemathas@gmail.com> Co-authored-by: Eval EXEC <execvy@gmail.com> Co-authored-by: sayantn <sayantn05@gmail.com> Co-authored-by: Nicholas Nethercote <n.nethercote@gmail.com> Co-authored-by: Marcelo Domínguez <dmmarcelo27@gmail.com> Co-authored-by: Jens Reidel <adrian@travitia.xyz> Co-authored-by: gitbot <git@bot>
…#471) This is an automated PR to merge library subtree updates from 2025-08-18 (rust-lang/rust@425a9c0) to 2025-08-19 (rust-lang/rust@9eb4a26), inclusive. This is a clean merge, no conflicts were detected. **Do not remove or edit the following annotations:** git-subtree-dir: library git-subtree-split: b4e28fd --------- Signed-off-by: Ayush Singh <ayush@beagleboard.org> Signed-off-by: Jonathan Brouwer <jonathantbrouwer@gmail.com> Signed-off-by: Sacha Ayoun <sachaayoun@gmail.com> Signed-off-by: Eval EXEC <execvy@gmail.com> Signed-off-by: Jens Reidel <adrian@travitia.xyz> Co-authored-by: Scott McMurray <scottmcm@users.noreply.github.com> Co-authored-by: github-actions <github-actions@github.com> Co-authored-by: Trevor Gross <tmgross@umich.edu> Co-authored-by: Jacob Pratt <jacob@jhpratt.dev> Co-authored-by: quaternic <57393910+quaternic@users.noreply.github.com> Co-authored-by: Madhav Madhusoodanan <madhavmadhusoodanan@gmail.com> Co-authored-by: Ralf Jung <post@ralfj.de> Co-authored-by: Folkert de Vries <folkert@folkertdev.nl> Co-authored-by: bors <bors@rust-lang.org> Co-authored-by: Matthias Krüger <476013+matthiaskrgr@users.noreply.github.com> Co-authored-by: xonx <119700621+xonx4l@users.noreply.github.com> Co-authored-by: Yosh <github@yosh.is> Co-authored-by: usamoi <usamoi@outlook.com> Co-authored-by: joboet <jonasboettiger@icloud.com> Co-authored-by: Stuart Cook <Zalathar@users.noreply.github.com> Co-authored-by: gewitternacht <60887951+gewitternacht@users.noreply.github.com> Co-authored-by: Jakub Beránek <berykubik@gmail.com> Co-authored-by: Connor Tsui <connor.tsui20@gmail.com> Co-authored-by: Aandreba <aandreba@gmail.com> Co-authored-by: Lucas Werkmeister <mail@lucaswerkmeister.de> Co-authored-by: WANG Rui <wangrui@loongson.cn> Co-authored-by: Orson Peters <orsonpeters@gmail.com> Co-authored-by: Balt <59123926+balt-dev@users.noreply.github.com> Co-authored-by: Nurzhan Sakén <nurzhan.sakenov@gmail.com> Co-authored-by: Tsukasa OI <floss_rust@irq.a4lg.com> Co-authored-by: Guillaume Gomez <guillaume1.gomez@gmail.com> Co-authored-by: Samuel Tardieu <sam@rfc1149.net> Co-authored-by: Evgenii Zheltonozhskii <zheltonozhskiy@gmail.com> Co-authored-by: Nico Lehmann <nico.lehmannm@gmail.com> Co-authored-by: stifskere <esteve@memw.es> Co-authored-by: Christopher Hotchkiss <christopher.hotchkiss@gmail.com> Co-authored-by: Folkert de Vries <flokkievids@gmail.com> Co-authored-by: Kivooeo <Kivooeo123@gmail.com> Co-authored-by: Ayush Singh <ayush@beagleboard.org> Co-authored-by: Jonathan Brouwer <jonathantbrouwer@gmail.com> Co-authored-by: Ross MacArthur <ross@macarthur.io> Co-authored-by: Paul Murphy <murp@redhat.com> Co-authored-by: Michael Tautschnig <tautschn@amazon.com> Co-authored-by: Chai T. Rex <ChaiTRex@users.noreply.github.com> Co-authored-by: okaneco <47607823+okaneco@users.noreply.github.com> Co-authored-by: The 8472 <git@infinite-source.de> Co-authored-by: Josh Triplett <josh@joshtriplett.org> Co-authored-by: Eric Huss <eric@huss.org> Co-authored-by: Boxy <rust@boxyuwu.dev> Co-authored-by: LorrensP-2158466 <lorrens.pantelis@student.uhasselt.be> Co-authored-by: Karl Meakin <karl.meakin@arm.com> Co-authored-by: Ivan Enderlin <ivan@mnt.io> Co-authored-by: Ulrich Stark <github@ustark.de> Co-authored-by: Shoyu Vanilla <modulo641@gmail.com> Co-authored-by: Trevor Gross <t.gross35@gmail.com> Co-authored-by: Roger Curley <rocurley@gmail.com> Co-authored-by: Spxg <unsafe@outlook.es> Co-authored-by: Chris Denton <chris@chrisdenton.dev> Co-authored-by: Ada Alakbarova <ada.alakbarova@proton.me> Co-authored-by: ltdk <usr@ltdk.xyz> Co-authored-by: Esteban Küber <esteban@kuber.com.ar> Co-authored-by: SabrinaJewson <sejewson@gmail.com> Co-authored-by: Ed Page <eopage@gmail.com> Co-authored-by: Ada Alakbarova <58857108+ada4a@users.noreply.github.com> Co-authored-by: Mara Bos <m-ou.se@m-ou.se> Co-authored-by: Sacha Ayoun <sachaayoun@gmail.com> Co-authored-by: Tim (Theemathas) Chirananthavat <theemathas@gmail.com> Co-authored-by: Eval EXEC <execvy@gmail.com> Co-authored-by: sayantn <sayantn05@gmail.com> Co-authored-by: Nicholas Nethercote <n.nethercote@gmail.com> Co-authored-by: Marcelo Domínguez <dmmarcelo27@gmail.com> Co-authored-by: Jens Reidel <adrian@travitia.xyz> Co-authored-by: Alan Urmancheev <108410815+alurm@users.noreply.github.com> Co-authored-by: gitbot <git@bot>
This is an automated PR to update Kani metrics. The metrics have been updated by running `./scripts/run-kani.sh --run metrics`. Co-authored-by: tautschnig <1144736+tautschnig@users.noreply.github.com>
…verify-rust-std into memchrinvariant
This PR adds a VeriFast proof that the LinkedList APIs enumerated in Challenge 5 have the properties enumerated in the Challenge. Note that VeriFast has some [known unsoundnesses](https://github.com/verifast/verifast/blob/master/tests/rust/README.md) and may also have unknown unsoundnesses, since it is a non-foundational tool (unlike e.g. [RefinedRust](https://plv.mpi-sws.org/refinedrust/).) *Addendum, 2025-01-23*: Note, in particular, that VeriFast 24.12 ignores unwind paths, and, if the `-ignore_unwind_paths` flag is specified on the command line, so does VeriFast 25.01. The 25.01 version of the proof specifies `-ignore_unwind_paths`. So neither version of the proof verifies unwind paths. Note also that I made some minor changes to the code of linked_list.rs. A diff is at `verifast-proofs/alloc/collections/linked_list.code-changes.diff`. Note, furthermore, that this proof uses a few `assume` statements. Incorrect use of `assume` statements can of course lead to unsoundness. This PR is based on the solution that I announced originally in the model-checking#29 thread; since then, I have resolved some VeriFast unsoundnesses and made some other improvements (such as bringing down the verification time for linked_list.rs significantly). I will be happy to produce a new VeriFast release and either update this PR or submit a new one to use the new VeriFast release if that is desired. See some more details in the model-checking#29 thread. Note: the VeriFast tool application issue (model-checking#213) is still open; it should probably be resolved before this PR is accepted. I'm submitting this PR at this point to inform the creation of the tool PR. Resolves model-checking#29. By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.
…#476) This is an automated PR to merge library subtree updates from 2025-08-19 (rust-lang/rust@9eb4a26) to 2025-08-20 (rust-lang/rust@05f5a58), inclusive. This is a clean merge, no conflicts were detected. **Do not remove or edit the following annotations:** git-subtree-dir: library git-subtree-split: 71d8d81 --------- Signed-off-by: Ayush Singh <ayush@beagleboard.org> Signed-off-by: Jonathan Brouwer <jonathantbrouwer@gmail.com> Signed-off-by: Sacha Ayoun <sachaayoun@gmail.com> Signed-off-by: Eval EXEC <execvy@gmail.com> Signed-off-by: Jens Reidel <adrian@travitia.xyz> Co-authored-by: Jakub Beránek <berykubik@gmail.com> Co-authored-by: Connor Tsui <connor.tsui20@gmail.com> Co-authored-by: Aandreba <aandreba@gmail.com> Co-authored-by: Trevor Gross <tmgross@umich.edu> Co-authored-by: Stuart Cook <Zalathar@users.noreply.github.com> Co-authored-by: Lucas Werkmeister <mail@lucaswerkmeister.de> Co-authored-by: WANG Rui <wangrui@loongson.cn> Co-authored-by: Orson Peters <orsonpeters@gmail.com> Co-authored-by: bors <bors@rust-lang.org> Co-authored-by: Jacob Pratt <jacob@jhpratt.dev> Co-authored-by: Ralf Jung <post@ralfj.de> Co-authored-by: Scott McMurray <scottmcm@users.noreply.github.com> Co-authored-by: Balt <59123926+balt-dev@users.noreply.github.com> Co-authored-by: Nurzhan Sakén <nurzhan.sakenov@gmail.com> Co-authored-by: The rustc-josh-sync Cronjob Bot <github-actions@github.com> Co-authored-by: Tsukasa OI <floss_rust@irq.a4lg.com> Co-authored-by: Guillaume Gomez <guillaume1.gomez@gmail.com> Co-authored-by: Samuel Tardieu <sam@rfc1149.net> Co-authored-by: Evgenii Zheltonozhskii <zheltonozhskiy@gmail.com> Co-authored-by: Nico Lehmann <nico.lehmannm@gmail.com> Co-authored-by: stifskere <esteve@memw.es> Co-authored-by: Pascal S. de Kloe <pascal@quies.net> Co-authored-by: Folkert de Vries <folkert@folkertdev.nl> Co-authored-by: Christopher Hotchkiss <christopher.hotchkiss@gmail.com> Co-authored-by: Madhav Madhusoodanan <madhavmadhusoodanan@gmail.com> Co-authored-by: Folkert de Vries <flokkievids@gmail.com> Co-authored-by: Kivooeo <Kivooeo123@gmail.com> Co-authored-by: Ayush Singh <ayush@beagleboard.org> Co-authored-by: Jonathan Brouwer <jonathantbrouwer@gmail.com> Co-authored-by: Raoul Strackx <raoul.strackx@fortanix.com> Co-authored-by: Ross MacArthur <ross@macarthur.io> Co-authored-by: Paul Murphy <murp@redhat.com> Co-authored-by: Michael Tautschnig <tautschn@amazon.com> Co-authored-by: Chai T. Rex <ChaiTRex@users.noreply.github.com> Co-authored-by: okaneco <47607823+okaneco@users.noreply.github.com> Co-authored-by: The 8472 <git@infinite-source.de> Co-authored-by: Josh Triplett <josh@joshtriplett.org> Co-authored-by: Eric Huss <eric@huss.org> Co-authored-by: Boxy <rust@boxyuwu.dev> Co-authored-by: LorrensP-2158466 <lorrens.pantelis@student.uhasselt.be> Co-authored-by: Karl Meakin <karl.meakin@arm.com> Co-authored-by: Ivan Enderlin <ivan@mnt.io> Co-authored-by: Ulrich Stark <github@ustark.de> Co-authored-by: Shoyu Vanilla <modulo641@gmail.com> Co-authored-by: Trevor Gross <t.gross35@gmail.com> Co-authored-by: Roger Curley <rocurley@gmail.com> Co-authored-by: Spxg <unsafe@outlook.es> Co-authored-by: Chris Denton <chris@chrisdenton.dev> Co-authored-by: Ada Alakbarova <ada.alakbarova@proton.me> Co-authored-by: ltdk <usr@ltdk.xyz> Co-authored-by: Esteban Küber <esteban@kuber.com.ar> Co-authored-by: gewitternacht <60887951+gewitternacht@users.noreply.github.com> Co-authored-by: Jakub Stasiak <jakub@stasiak.at> Co-authored-by: SabrinaJewson <sejewson@gmail.com> Co-authored-by: Ed Page <eopage@gmail.com> Co-authored-by: Ada Alakbarova <58857108+ada4a@users.noreply.github.com> Co-authored-by: Mara Bos <m-ou.se@m-ou.se> Co-authored-by: Sacha Ayoun <sachaayoun@gmail.com> Co-authored-by: Tim (Theemathas) Chirananthavat <theemathas@gmail.com> Co-authored-by: Eval EXEC <execvy@gmail.com> Co-authored-by: sayantn <sayantn05@gmail.com> Co-authored-by: Nicholas Nethercote <n.nethercote@gmail.com> Co-authored-by: Marcelo Domínguez <dmmarcelo27@gmail.com> Co-authored-by: Jens Reidel <adrian@travitia.xyz> Co-authored-by: Alan Urmancheev <108410815+alurm@users.noreply.github.com> Co-authored-by: binarycat <binarycat@envs.net> Co-authored-by: Sebastien Marie <semarie@kapouay.eu.org> Co-authored-by: 许杰友 Jieyou Xu (Joe) <39484203+jieyouxu@users.noreply.github.com> Co-authored-by: gitbot <git@bot>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Resolves #ISSUE-NUMBER
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.