research-article

Soft contract verification

Authors:

Phúc C. Nguyen,

Sam Tobin-Hochstadt,

David Van HornAuthors Info & Claims

ICFP '14: Proceedings of the 19th ACM SIGPLAN international conference on Functional programming

Pages 139 - 152

https://doi.org/10.1145/2628136.2628156

Published: 19 August 2014 Publication History

Abstract

Behavioral software contracts are a widely used mechanism for governing the flow of values between components. However, run-time monitoring and enforcement of contracts imposes significant overhead and delays discovery of faulty components to run-time.

To overcome these issues, we present soft contract verification, which aims to statically prove either complete or partial contract correctness of components, written in an untyped, higher-order language with first-class contracts. Our approach uses higher-order symbolic execution, leveraging contracts as a source of symbolic values including unknown behavioral values, and employs an updatable heap of contract invariants to reason about flow-sensitive facts. We prove the symbolic execution soundly approximates the dynamic semantics and that verified programs can't be blamed.

The approach is able to analyze first-class contracts, recursive data structures, unknown functions, and control-flow-sensitive refinements of values, which are all idiomatic in dynamic languages. It makes effective use of an off-the-shelf solver to decide problems without heavy encodings. The approach is competitive with a wide range of existing tools - including type systems, flow analyzers, and model checkers - on their own benchmarks.

References

[1]

A. Aiken, E. L. Wimmers, and T. K. Lakshman. Soft typing with conditional types. POPL, 1994.

Digital Library

[2]

T. H. Austin, T. Disney, and C. Flanagan. Virtual values for language extension. OOPSLA, 2011.

Digital Library

[3]

C. Barrett, C. Conway, M. Deters, L. Hadarean, D. Jovanović, T. King, A. Reynolds, and C. Tinelli. CVC4. CAV. 2011.

[4]

R. Cartwright and M. Fagan. Soft typing. PLDI, 1991.

Digital Library

[5]

R. Cartwright and M. Felleisen. Program verification through soft typing. ACM Comput. Surv., 1996.

Digital Library

[6]

R. Chugh, D. Herman, and R. Jhala. Dependent types for JavaScript. In OOPSLA, 2012a.

Digital Library

[7]

R. Chugh, P. M. Rondon, and R. Jhala. Nested refinements: A logic for duck typing. In POPL, 2012b.

Digital Library

[8]

L. De Moura and N. Bjørner. Z3: an efficient SMT solver. TACAS, 2008.

Digital Library

[9]

C. Dimoulas, R. B. Findler, C. Flanagan, and M. Felleisen. Correct blame for contracts: no more scapegoating. POPL, 2011.

Digital Library

[10]

T. Disney. contracts.coffee, July 2013. URL http://disnetdev.com/contracts.coffee/.

[11]

T. Disney, C. Flanagan, and J. McCarthy. Temporal higher-order contracts. ICFP, 2011.

Digital Library

[12]

M. Fähndrich and F. Logozzo. Static contract checking with abstract interpretation. FoVeOOS, 2011.

Digital Library

[13]

R. B. Findler and M. Felleisen. Contracts for higher-order functions. ICFP, 2002.

Digital Library

[14]

C. Flanagan and M. Felleisen. Componential set-based analysis. ACM Trans. Program. Lang. Syst., 1999.

Digital Library

[15]

C. Flanagan, M. Flatt, S. Krishnamurthi, S. Weirich, and M. Felleisen. Catching bugs in the web of program invariants. PLDI, 1996.

Digital Library

[16]

T. Freeman and F. Pfenning. Refinement types for ML. PLDI, 1991.

Digital Library

[17]

F. Henglein. Dynamic typing: syntax and proof theory. Science of Computer Programming, 1994.

Digital Library

[18]

R. Hickey, M. Fogus, and contributors. core.contracts, July 2013. URL https://github.com/clojure/core.contracts.

[19]

J. I. Johnson and D. Van Horn. Abstracting abstract control. CoRR, 2014. URL http://arxiv.org/abs/1305.3163.

Digital Library

[20]

K. Knowles and C. Flanagan. Hybrid type checking. ACM Trans. Program. Lang. Syst., 2010.

Digital Library

[21]

N. Kobayashi. Model-checking higher-order functions. PPDP, 2009a.

Digital Library

[22]

N. Kobayashi. Types and higher-order recursion schemes for verification of higher-order programs. POPL, 2009b.

Digital Library

[23]

N. Kobayashi and A. Igarashi. Model-Checking Higher-Order programs with recursive types. ESOP, 2013.

Digital Library

[24]

N. Kobayashi and C. H. L. Ong. A type system equivalent to the modal Mu-Calculus model checking of Higher-Order recursion schemes. LICS, 2009.

Digital Library

[25]

N. Kobayashi, N. Tabuchi, and H. Unno. Higher-order multi-parameter tree transducers and recursion schemes for program verification. POPL, 2010.

Digital Library

[26]

N. Kobayashi, R. Sato, and H. Unno. Predicate abstraction and CEGAR for higher-order model checking. PLDI, 2011.

Digital Library

[27]

E. Larson and T. Austin. High coverage detection of input-related security faults. USENIX Security, 2003.

Digital Library

[28]

P. Meunier, R. B. Findler, and M. Felleisen. Modular set-based analysis from contracts. In POPL '06, POPL, 2006.

Digital Library

[29]

B. Meyer. Eiffel : The Language. 1991.

Digital Library

[30]

P. C. Nguyen, S. Tobin-Hochstadt, and D. Van Horn. Soft contract verification. CoRR, 2014. URL http://arxiv.org/abs/1307.6239.

Digital Library

[31]

C. H. L. Ong. On Model-Checking trees generated by Higher-Order recursion schemes. LICS, 2006.

Digital Library

[32]

R. Plosch. Design by contract for Python. 1997. APSEC/ICSC'97.

Digital Library

[33]

P. M. Rondon, M. Kawaguci, and R. Jhala. Liquid types. PLDI, 2008.

Digital Library

[34]

O. Shivers. Control flow analysis in Scheme. PLDI, 1988.

Digital Library

[35]

T. S. Strickland, S. Tobin-Hochstadt, R. B. Findler, and M. Flatt. Chaperones and impersonators: run-time support for reasonable interposition. OOPSLA, 2012.

Digital Library

[36]

T. Terauchi. Dependent types from counterexamples. POPL, 2010.

Digital Library

[37]

S. Tobin-Hochstadt and M. Felleisen. Logical types for untyped languages. ICFP, 2010.

Digital Library

[38]

S. Tobin-Hochstadt and D. Van Horn. Higher-order symbolic execution via contracts. OOPSLA, 2012.

Digital Library

[39]

S. Tobin-Hochstadt, V. St-Amour, R. Culpepper, M. Flatt, and M. Felleisen. Languages as libraries. PLDI, 2011.

Digital Library

[40]

T. Tsukada and N. Kobayashi. Untyped recursion schemes and infinite intersection types. FoSSaCS, 2010.

Digital Library

[41]

D. Van Horn and M. Might. Abstracting abstract machines. ICFP, 2010.

Digital Library

[42]

D. Van Horn and M. Might. Systematic abstraction of abstract machines. Journal of Functional Programming, 2012.

Digital Library

[43]

N. Vazou, P. Rondon, and R. Jhala. Abstract refinement types. ESOP, 2013.

Digital Library

[44]

N. Vazou, E. L. Seidel, R. Jhala, D. Vytiniotis, and S. Peyton-Jones. Refinement types for haskell. ICFP, 2014.

Digital Library

[45]

D. Vytiniotis, S. Peyton Jones, K. Claessen, and D. Rosén. HALO: Haskell to logic through denotational semantics. POPL, 2013.

Digital Library

[46]

A. K. Wright and R. Cartwright. A practical soft type system for Scheme. ACM Trans. Program. Lang. Syst., 1997.

Digital Library

[47]

D. N. Xu. Hybrid contract checking via symbolic simplification. PEPM, 2012.

Digital Library

[48]

D. N. Xu, S. Peyton Jones, and S. Claessen. Static contract checking for Haskell. POPL, 2009.

Digital Library

[49]

H. Zhu and S. Jagannathan. Compositional and lightweight dependent type inference for ML. 2013.

Cited By

Campora JKhan MChen S(2024)Type-Based Gradual Typing Performance OptimizationProceedings of the ACM on Programming Languages10.1145/36329318:POPL(2667-2699)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632931
Andrici CCiobâcă ȘHriţcu CMartínez GRivas ETanter ÉWinterhalter T(2024)Securing Verified IO Programs Against Unverified Code in F*Proceedings of the ACM on Programming Languages10.1145/36329168:POPL(2226-2259)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632916
Hermenegildo MMorales JLopez-Garcia PCarro M(2023)Types, Modes and so Much More – The Prolog WayProlog: The Next 50 Years10.1007/978-3-031-35254-6_2(23-37)Online publication date: 17-Jun-2023
https://doi.org/10.1007/978-3-031-35254-6_2
Show More Cited By

Index Terms

Soft contract verification

Recommendations

Soft contract verification
ICFP '14

Behavioral software contracts are a widely used mechanism for governing the flow of values between components. However, run-time monitoring and enforcement of contracts imposes significant overhead and delays discovery of faulty components to run-time.

...
Soft contract verification for higher-order stateful programs

Software contracts allow programmers to state rich program properties using the full expressive power of an object language. However, since they are enforced at runtime, monitoring contracts imposes significant overhead and delays error discovery. So ...
Higher-order symbolic execution via contracts
OOPSLA '12

We present a new approach to automated reasoning about higher-order programs by extending symbolic execution to use behavioral contracts as symbolic values, thus enabling symbolic approximation of higher-order behavior.

Our approach is based on the idea ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ICFP '14: Proceedings of the 19th ACM SIGPLAN international conference on Functional programming

August 2014

390 pages

ISBN:9781450328739

DOI:10.1145/2628136

General Chair:
Johan Jeuring
Universiteit Utrecht, The Netherlands
,
Program Chair:
Manuel M.T. Chakravarty
University of New South Wales, Australia

ACM SIGPLAN Notices Volume 49, Issue 9
ICFP '14
September 2014
361 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/2692915
Editors:
Mark W. Bailey
Hamilton College, Clinton, NY
,
Rajeev Balasubramonian
University of Utah
,
Al Davis
University of Utah
,
Sarita Adve
University of Illinois at Urbana-Champ
Issue’s Table of Contents

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGPLAN: ACM Special Interest Group on Programming Languages

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 19 August 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ICFP'14

Sponsor:

SIGPLAN

ICFP'14: ACM SIGPLAN International Conference on Functional Programming

September 1 - 6, 2014

Gothenburg, Sweden

Acceptance Rates

ICFP '14 Paper Acceptance Rate 28 of 85 submissions, 33%;

Overall Acceptance Rate 333 of 1,064 submissions, 31%

Upcoming Conference

ICFP '25

Sponsor:
sigplan

ACM SIGPLAN International Conference on Functional Programming

October 12 - 18, 2025

Singapore , Singapore

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

42
Total Citations
View Citations
497
Total Downloads

Downloads (Last 12 months)30
Downloads (Last 6 weeks)5

Reflects downloads up to 13 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Campora JKhan MChen S(2024)Type-Based Gradual Typing Performance OptimizationProceedings of the ACM on Programming Languages10.1145/36329318:POPL(2667-2699)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632931
Andrici CCiobâcă ȘHriţcu CMartínez GRivas ETanter ÉWinterhalter T(2024)Securing Verified IO Programs Against Unverified Code in F*Proceedings of the ACM on Programming Languages10.1145/36329168:POPL(2226-2259)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632916
Hermenegildo MMorales JLopez-Garcia PCarro M(2023)Types, Modes and so Much More – The Prolog WayProlog: The Next 50 Years10.1007/978-3-031-35254-6_2(23-37)Online publication date: 17-Jun-2023
https://doi.org/10.1007/978-3-031-35254-6_2
Vandenbogaerde BStievenart QDe Roover C(2022)Summary-Based Compositional Analysis for Soft Contract Verification2022 IEEE 22nd International Working Conference on Source Code Analysis and Manipulation (SCAM)10.1109/SCAM55253.2022.00028(186-196)Online publication date: Oct-2022
https://doi.org/10.1109/SCAM55253.2022.00028
Jones ERamsay S(2021)Intensional datatype refinement: with application to scalable verification of pattern-match safetyProceedings of the ACM on Programming Languages10.1145/34343365:POPL(1-29)Online publication date: 4-Jan-2021
https://dl.acm.org/doi/10.1145/3434336
Moy CNguyễn PTobin-Hochstadt SVan Horn D(2021)Corpse reviver: sound and efficient gradual typing via contract verificationProceedings of the ACM on Programming Languages10.1145/34343345:POPL(1-28)Online publication date: 4-Jan-2021
https://dl.acm.org/doi/10.1145/3434334
Campora JChen S(2020)Taming type annotations in gradual typingProceedings of the ACM on Programming Languages10.1145/34282594:OOPSLA(1-30)Online publication date: 13-Nov-2020
https://dl.acm.org/doi/10.1145/3428259
Wei GBračevac OTan SRompf T(2020)Compiling symbolic execution with staging and algebraic effectsProceedings of the ACM on Programming Languages10.1145/34282324:OOPSLA(1-33)Online publication date: 13-Nov-2020
https://dl.acm.org/doi/10.1145/3428232
Song DLee MOh H(2019)Automatic and scalable detection of logical errors in functional programming assignmentsProceedings of the ACM on Programming Languages10.1145/33606143:OOPSLA(1-30)Online publication date: 10-Oct-2019
https://dl.acm.org/doi/10.1145/3360614
Vazou NTanter ÉVan Horn D(2018)Gradual liquid type inferenceProceedings of the ACM on Programming Languages10.1145/32765022:OOPSLA(1-25)Online publication date: 24-Oct-2018
https://dl.acm.org/doi/10.1145/3276502
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents