• Stars
    star
    1,545
  • Rank 30,273 (Top 0.6 %)
  • Language
    Rust
  • License
    Other
  • Created over 5 years ago
  • Updated 4 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A static verifier for Rust, based on the Viper verification infrastructure.

Prusti

Test Deploy Test coverage Project chat

Prusti is a prototype verifier for Rust, built upon the Viper verification infrastructure.

By default Prusti verifies absence of integer overflows and panics, proving that statements such as unreachable!() and panic!() are unreachable. Overflow checking can be disabled with a configuration flag, treating all integers as unbounded. In Prusti, the functional behaviour of functions and external libraries can be specified by using annotations, among which are preconditions, postconditions, and loop invariants. The tool checks them, reporting error messages when the code does not adhere to the provided specification.

Useful links

  • πŸ’» VSCode extension to use Prusti from your IDE.
  • πŸ“– User guide, containing installation instructions, a guided tutorial and a description of various verification features.
  • 🧰 Developer guide, meant for new contributors.
  • πŸ“š List of publications. To cite Prusti, please use this BibTeX entry.
  • βš–οΈ License of the source code (Mozilla Public License Version 2.0, with exceptions).
  • πŸ’¬ Do you still have questions? Open an issue or contact us on the Zulip chat.

Getting Prusti

The easiest way to try out Prusti is by using the "Prusti Assistant" extension for VS Code. See the requirements and the troubleshooting section in its readme.

Alternatively, if you wish to use Prusti from the command line there are three options:

  • Download the precompiled binaries for Ubuntu, Windows, or macOS x64 from a GitHub release.
  • Compile from the source code, by installing rustup, running ./x.py setup and then ./x.py build --release.
  • (unmaintained) Build a Docker image from this Dockerfile.

All three options provide the prusti-rustc and cargo-prusti programs that can be used analogously to, respectively, rustc and cargo build. For more detailed instructions, refer to the guides linked above.

Quick example

  1. Take the following program:
    /// A monotonically increasing discrete function, with domain [0, domain_size)
    trait Function {
      fn domain_size(&self) -> usize;
      fn eval(&self, x: usize) -> i32;
    }
    
    /// Find the `x` s.t. `f(x) == target`
    fn bisect<T: Function>(f: &T, target: i32) -> Option<usize> {
      let mut low = 0;
      let mut high = f.domain_size();
      while low < high {
        let mid = (low + high) / 2;
        let mid_val = f.eval(mid);
        if mid_val < target {
          low = mid + 1;
        } else if mid_val > target {
          high = mid;
        } else {
          return Some(mid)
        }
      }
      None
    }
  2. Run Prusti. You get the following error:
    error: [Prusti: verification error] assertion might fail with "attempt to add with overflow"
      --> example.rs:12:15
       |
    12 |     let mid = (low + high) / 2;
       |               ^^^^^^^^^^^^
    
    Verification failed
    
  3. Fix the buggy line with let mid = low + ((high - low) / 2);
  4. Run Prusti. Now the bisect function verifies.

Congratulations! You just proved absence of panics and integer overflows in the bisect function. To additionally prove that the result is correct (i.e. such that f(x) == target), see this example.

More Repositories

1

silicon

Symbolic-execution-based verifier for the Viper intermediate verification language.
Scala
78
star
2

silver

Definition of the Viper intermediate verification language.
Scala
77
star
3

2vyper

A static verifer for Ethereum Smart Contracts written in Vyper
Python
50
star
4

gobra

Gobra is an automated, modular verifier for Go programs, based on the Viper verification infrastructure.
Scala
34
star
5

axiom-profiler

The axiom profiler for exploring and visualizing SMT solver quantifier instantiations (made via E-matching).
C#
31
star
6

carbon

Verification-condition-generation-based verifier for the Viper intermediate verification language.
Scala
29
star
7

bitbucket-issue-migration

Scripts for the migration from Bitbucket to GitHub.
Python
23
star
8

prusti-assistant

VS Code extension to verify Rust programs with the Prusti verifier.
TypeScript
22
star
9

viperserver

HTTP server that manages verification requests to different tools from the Viper tool stack.
Scala
10
star
10

viper-ide

This is the main repository for the Viper IDE extension for VS Code.
TypeScript
10
star
11

create-nightly-release

GitHub action to create a new pre-release and delete old pre-releases created by this action
TypeScript
10
star
12

axiom-profiler-2

The axiom profiler for exploring and visualizing SMT solver quantifier instantiations (made via E-matching).
Rust
9
star
13

VerifiedSCION

Verifying the SCION architecture using Gobra
Go
8
star
14

gobra-ide

VSCode Plugin for Gobra
TypeScript
8
star
15

rust-contracts

Rust
7
star
16

rust-life

Simple explanations for some complex Rust lifetime errors.
Rust
7
star
17

check-license-header

GitHub action to check whether all files have a specified copyright license header
TypeScript
6
star
18

mendel-verifier

Capability-based verifier for safe Rust clients of interior mutability
Rust
6
star
19

vs-verification-toolbox

Useful component to build VS Code extensions for verifiers.
TypeScript
5
star
20

jni-gen

Generate Rust wrappers for Java/Scala
Rust
4
star
21

program-proofs-gobra

Examples and exercises from the book Program Proofs translated to Gobra
4
star
22

viper_client

Python
3
star
23

prusti-action

GitHub Action to verify Rust code using the Prusti verifier.
JavaScript
3
star
24

termination-plugin

A Viper plugin for proving termination.
Scala
2
star
25

gobra-libs

Standard library for the Gobra verifier for Go. Contains definitions and lemmas useful for verifying large projects.
Python
2
star
26

gobra-action

Github Action to verify Go code with Gobra directly in a CI workflow
Shell
2
star
27

ouroboros

Scala
2
star
28

lizard

Lizard is the visual verification debugger for Viper IDE
TypeScript
2
star
29

reachability-verification

Heap reachability verification benchmarks (manually encoded in Viper) used in Modular Verification of Heap Reachability Properties in Separation Logic
2
star
30

vpr-mode

Viper mode for emacs
Emacs Lisp
2
star
31

silver-multisets

An alternative encoding of multisets based on Dafny's encoding in Boogie.
1
star
32

viper-runner

Python
1
star
33

voila

Voila is proof outline checker for fine-grained concurrency verification
Scala
1
star
34

viper-linux-dev-docker

Docker image for developing Viper https://github.com/viperproject/ See also https://github.com/viperproject/viper-linux-dev
Dockerfile
1
star
35

viper-linux-dev

Environment for developing Viper under Linux.
Python
1
star
36

gobra-mode

Support for Gobra in emacs
Emacs Lisp
1
star
37

gorac

Go
1
star