skip to main content
research-article

Efficient software model checking of soundness of type systems

Published:19 October 2008Publication History
Skip Abstract Section

Abstract

This paper presents novel techniques for checking the soundness of a type system automatically using a software model checker. Our idea is to systematically generate every type correct intermediate program state (within some finite bounds), execute the program one step forward if possible using its small step operational semantics, and then check that the resulting intermediate program state is also type correct--but do so efficiently by detecting similarities in this search space and pruning away large portions of the search space. Thus, given only a specification of type correctness and the small step operational semantics for a language, our system automatically checks type soundness by checking that the progress and preservation theorems hold for the language (albeit for program states of at most some finite size). Our preliminary experimental results on several languages--including a language of integer and boolean expressions, a simple imperative programming language, an object-oriented language which is a subset of Java, and a language with ownership types--indicate that our approach is feasible and that our search space pruning techniques do indeed significantly reduce what is otherwise an extremely large search space. Our paper thus makes contributions both in the area of checking soundness of type systems, and in the area of reducing the state space of a software model checker.

References

  1. J. Aldrich, V. Kostadinov, and C. Chambers. Alias annotations for program understanding. In Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), November 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. B. E. Aydemir et al. Mechanized metatheory for the masses: The POPLMARK challenge, May 2005. http://www.cis.upenn.edu/ plclub/wiki-static/poplmark.pdf.Google ScholarGoogle Scholar
  3. T. Ball, R. Majumdar, T. Millstein, and S. K. Rajamani. Automatic predicate abstraction of C programs. In Programming Language Design and Implementation (PLDI), June 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. C. Boyapati, S. Khurshid, and D. Marinov. Korat: Automated testing based on Java predicates. In International Symposium on Software Testing and Analysis (ISSTA), July 2002. Winner of an ACM SIGSOFT distinguished paper award. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. C. Boyapati, R. Lee, and M. Rinard. Ownership types for safe programming: Preventing data races and deadlocks. In Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), November 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. C. Boyapati, B. Liskov, and L. Shrira. Ownership types for object encapsulation. In Principles of Programming Languages (POPL), January 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. C. Boyapati, B. Liskov, L. Shrira, C. Moh, and S. Richman. Lazy modular upgrades in persistent object stores. In Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), October 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. C. Boyapati and M. Rinard. A parameterized type system for race-free Java programs. In Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), October 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. C. Boyapati, A. Salcianu, W. Beebee, Jr., and M. Rinard. Ownership types for safe region-based memory management in Real-Time Java. In Programming Language Design and Implementation (PLDI), June 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. R. E. Bryant. Symbolic boolean manipulation with ordered binary decision diagrams. ACM Computing Surveys 24(3), 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. S. Chaki, E. Clarke, A. Groce, S. Jha, and H. Veith. Modular verification of software components in C. In International Conference on Software Engineering (ICSE), June 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. J. Cheney and A. Momigliano. Mechanized metatheory model-checking. In Principle and Practice of Declarative Programming (PPDP), July 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. D. G. Clarke, J. M. Potter, and J. Noble. Ownership types for flexible alias protection. In Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), October 1998. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. E. M. Clarke, O. Grumberg, and D. A. Peled. Model Checking. MIT Press, 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. J. Corbett, M. Dwyer, J. Hatcliff, C. Pasareanu, Robby, S. Laubach, and H. Zheng. Bandera: Extracting finite-state models from Java source code. In International Conference on Software Engineering (ICSE), June 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. P. Darga and C. Boyapati. Efficient software model checking of data structure properties. In Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), October 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. R. DeLine and M. Fahndrich. Enforcing high-level protocols in low-level software. In Programming Language Design and Implementation (PLDI), June 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. C. DeMartini, R. Iosif, and R. Sisto. A deadlock detection tool for concurrent Java programs. Software-Practice and Experience (SPE) 29(7), June 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. J. Dolby, M. Vaziri, and F. Tip. Checking properties of heap-manipulating procedures using a constraint solver. In European Software Engineering Conference and Foundations of Software Engineering (ESEC/FSE), September 2007.Google ScholarGoogle Scholar
  20. S. Drossopoulou and S. Eisenbach. Java is type safe-probably. In European Conference for Object-Oriented Programming (ECOOP), June 1997.Google ScholarGoogle ScholarCross RefCross Ref
  21. M. Dwyer, J. Hatcliff, M. Hoosier, and Robby. Building your own software model checker using the Bogor extensible model checking framework. In Computer Aided Verification (CAV), January 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. N. Een and A. Biere. Effective preprocessing in SAT through variable and clause elimination. In Theory and Applications of Satisfiability Testing (SAT), June 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. C. Flanagan and P. Godefroid. Dynamic partial-order reduction for model checking software. In Principles of Programming Languages (POPL), January 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. P. Godefroid. Model checking for programming languages using VeriSoft. In Principles of Programming Languages (POPL), January 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. P. Godefroid, N. Klarlund, and K. Sen. DART: Directed automated random testing. In Programming Language Design and Implementation (PLDI), June 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. S. Graf and H. Saidi. Construction of abstract state graphs with PVS. In Computer Aided Verification (CAV), June 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. W. Grieskamp, N. Tillmann, and W. Shulte. XRT-Exploring runtime for .NET: Architecture and applications. In Workshop on Software Model Checking (SoftMC), July 2005.Google ScholarGoogle Scholar
  28. D. Grossman, G. Morrisett, T. Jim, M. Hicks, Y. Wang, and J. Cheney. Region-based memory management in Cyclone. In Programming Language Design and Implementation (PLDI), June 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. T. A. Henzinger, R. Jhala, and R. Majumdar. Lazy abstraction. In Principles of Programming Languages (POPL), January 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. G. Holzmann. The model checker SPIN. Transactions on Software Engineering (TSE) 23(5), May 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. A. Igarashi, B. Pierce, and P. Wadler. Featherweight Java: A minimal core calculus for Java and GJ. In Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), October 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. R. Iosif. Symmetry reduction criteria for software model checking. In SPIN workshop on Model Checking of Software (SPIN), April 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. C. N. Ip and D. Dill. Better verification through symmetry. In Computer Hardware Description Languages, April 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. D. Jackson. Software Abstractions: Logic, Language, and Analysis. MIT Press, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. D. Jackson and C. Damon. Elements of style: Analyzing a software design feature with a counterexample detector. IEEE Transactions on Software Engineering (TSE) 22(7), July 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. S. Khurshid and D. Marinov. TestEra: Specification-based testing of Java programs using SAT. In Automated Software Engineering (ASE), November 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. S. Khurshid, D. Marinov, and D. Jackson. An analyzable annotation language. In Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), November 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. S. Khurshid, C. S. Pasareanu, and W. Visser. Generalized symbolic execution for model checking and testing. In Tools and Algorithms for Construction and Analysis of Systems (TACAS), April 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. J. C. King. Symbolic execution and program testing. In Communications of the ACM (CACM) 19(7), August 1976. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. G. T. Leavens, A. L. Baker, and C. Ruby. Preliminary design of JML: A behavioral interface specification language for Java. Technical Report TR 98-06i, Department of Computer Science, Iowa State University, May 1998.Google ScholarGoogle Scholar
  41. D. Marinov, A. Andoni, D. Daniliuc, S. Khurshid, and M. Rinard. An evaluation of exhaustive testing for data structures. Technical Report TR-921, MIT Laboratory for Computer Science, September 2003.Google ScholarGoogle Scholar
  42. K. McMillan. Symbolic Model Checking. Kluwer Academic Publishers, 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. M. Musuvathi and D. Dill. An incremental heap canonicalization algorithm. In SPIN workshop on Model Checking of Software (SPIN), August 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. M. Musuvathi, D. Y. W. Park, A. Chou, D. R. Engler, and D. Dill. CMC: A pragmatic approach to model checking real code. In Operating System Design and Implementation (OSDI), December 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. A. C. Myers. JFlow: Practical mostly-static information flow control. In Principles of Programming Languages (POPL), January 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. G. C. Necula, S. McPeak, and W. Weimer. CCured: Type-safe retrofitting of legacy code. In Principles of Programming Languages (POPL), January 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. T. Nipkow and D. von Oheimb. Java light is type-safe---definitely. In Principles of Programming Languages (POPL), January 1998. Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. N. Nystrom, M. R. Clarkson, and A. C. Myers. Polyglot: An extensible compiler framework for Java. In Compiler Construction (CC), April 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. J. Offutt and R. Untch. Mutation 2000: Uniting the orthogonal. In Mutation 2000: Mutation Testing in the Twentieth and the Twenty First Centuries, October 2000.Google ScholarGoogle Scholar
  50. B. C. Pierce. Types and Programming Languages. MIT Press, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. P. Sewell, F. Z. Nardelli, S. Owens, G. Peskine, T. Ridge, S. Sarkar, and R. Strnisa. Ott: Effective tool support for the working semanticist. In International Conference on Functional Programming (ICFP), October 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  52. M. Vaziri and D. Jackson. Checking properties of heap-manipulating procedures using a constraint solver. In Tools and Algorithms for Construction and Analysis of Systems (TACAS), April 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. W. Visser, K. Havelund, G. Brat, and S. Park. Model checking programs. In Automated Software Engineering (ASE), September 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  54. D. Walker. A type system for expressive security policies. In Principles of Programming Languages (POPL), January 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  55. G. Winskel. The Formal Semantics of Programming Languages. MIT Press, 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  56. A. K. Wright and M. Felleisen. A syntactic approach to type soundness. In Information and Computation 115(1), November 1994. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Efficient software model checking of soundness of type systems

              Recommendations

              Comments

              Login options

              Check if you have access through your login credentials or your institution to get full access on this article.

              Sign in

              Full Access

              • Published in

                cover image ACM SIGPLAN Notices
                ACM SIGPLAN Notices  Volume 43, Issue 10
                September 2008
                613 pages
                ISSN:0362-1340
                EISSN:1558-1160
                DOI:10.1145/1449955
                Issue’s Table of Contents
                • cover image ACM Conferences
                  OOPSLA '08: Proceedings of the 23rd ACM SIGPLAN conference on Object-oriented programming systems languages and applications
                  October 2008
                  654 pages
                  ISBN:9781605582153
                  DOI:10.1145/1449764

                Copyright © 2008 ACM

                Publisher

                Association for Computing Machinery

                New York, NY, United States

                Publication History

                • Published: 19 October 2008

                Check for updates

                Qualifiers

                • research-article

              PDF Format

              View or Download as a PDF file.

              PDF

              eReader

              View online with eReader.

              eReader
              About Cookies On This Site

              We use cookies to ensure that we give you the best experience on our website.

              Learn more

              Got it!