skip to main content
10.1145/2628136.2628156acmconferencesArticle/Chapter ViewAbstractPublication PagesicfpConference Proceedingsconference-collections
research-article

Soft contract verification

Published: 19 August 2014 Publication History

Abstract

Behavioral software contracts are a widely used mechanism for governing the flow of values between components. However, run-time monitoring and enforcement of contracts imposes significant overhead and delays discovery of faulty components to run-time.
To overcome these issues, we present soft contract verification, which aims to statically prove either complete or partial contract correctness of components, written in an untyped, higher-order language with first-class contracts. Our approach uses higher-order symbolic execution, leveraging contracts as a source of symbolic values including unknown behavioral values, and employs an updatable heap of contract invariants to reason about flow-sensitive facts. We prove the symbolic execution soundly approximates the dynamic semantics and that verified programs can't be blamed.
The approach is able to analyze first-class contracts, recursive data structures, unknown functions, and control-flow-sensitive refinements of values, which are all idiomatic in dynamic languages. It makes effective use of an off-the-shelf solver to decide problems without heavy encodings. The approach is competitive with a wide range of existing tools - including type systems, flow analyzers, and model checkers - on their own benchmarks.

References

[1]
A. Aiken, E. L. Wimmers, and T. K. Lakshman. Soft typing with conditional types. POPL, 1994.
[2]
T. H. Austin, T. Disney, and C. Flanagan. Virtual values for language extension. OOPSLA, 2011.
[3]
C. Barrett, C. Conway, M. Deters, L. Hadarean, D. Jovanović, T. King, A. Reynolds, and C. Tinelli. CVC4. CAV. 2011.
[4]
R. Cartwright and M. Fagan. Soft typing. PLDI, 1991.
[5]
R. Cartwright and M. Felleisen. Program verification through soft typing. ACM Comput. Surv., 1996.
[6]
R. Chugh, D. Herman, and R. Jhala. Dependent types for JavaScript. In OOPSLA, 2012a.
[7]
R. Chugh, P. M. Rondon, and R. Jhala. Nested refinements: A logic for duck typing. In POPL, 2012b.
[8]
L. De Moura and N. Bjørner. Z3: an efficient SMT solver. TACAS, 2008.
[9]
C. Dimoulas, R. B. Findler, C. Flanagan, and M. Felleisen. Correct blame for contracts: no more scapegoating. POPL, 2011.
[10]
T. Disney. contracts.coffee, July 2013. URL http://disnetdev.com/contracts.coffee/.
[11]
T. Disney, C. Flanagan, and J. McCarthy. Temporal higher-order contracts. ICFP, 2011.
[12]
M. Fähndrich and F. Logozzo. Static contract checking with abstract interpretation. FoVeOOS, 2011.
[13]
R. B. Findler and M. Felleisen. Contracts for higher-order functions. ICFP, 2002.
[14]
C. Flanagan and M. Felleisen. Componential set-based analysis. ACM Trans. Program. Lang. Syst., 1999.
[15]
C. Flanagan, M. Flatt, S. Krishnamurthi, S. Weirich, and M. Felleisen. Catching bugs in the web of program invariants. PLDI, 1996.
[16]
T. Freeman and F. Pfenning. Refinement types for ML. PLDI, 1991.
[17]
F. Henglein. Dynamic typing: syntax and proof theory. Science of Computer Programming, 1994.
[18]
R. Hickey, M. Fogus, and contributors. core.contracts, July 2013. URL https://github.com/clojure/core.contracts.
[19]
J. I. Johnson and D. Van Horn. Abstracting abstract control. CoRR, 2014. URL http://arxiv.org/abs/1305.3163.
[20]
K. Knowles and C. Flanagan. Hybrid type checking. ACM Trans. Program. Lang. Syst., 2010.
[21]
N. Kobayashi. Model-checking higher-order functions. PPDP, 2009a.
[22]
N. Kobayashi. Types and higher-order recursion schemes for verification of higher-order programs. POPL, 2009b.
[23]
N. Kobayashi and A. Igarashi. Model-Checking Higher-Order programs with recursive types. ESOP, 2013.
[24]
N. Kobayashi and C. H. L. Ong. A type system equivalent to the modal Mu-Calculus model checking of Higher-Order recursion schemes. LICS, 2009.
[25]
N. Kobayashi, N. Tabuchi, and H. Unno. Higher-order multi-parameter tree transducers and recursion schemes for program verification. POPL, 2010.
[26]
N. Kobayashi, R. Sato, and H. Unno. Predicate abstraction and CEGAR for higher-order model checking. PLDI, 2011.
[27]
E. Larson and T. Austin. High coverage detection of input-related security faults. USENIX Security, 2003.
[28]
P. Meunier, R. B. Findler, and M. Felleisen. Modular set-based analysis from contracts. In POPL '06, POPL, 2006.
[29]
B. Meyer. Eiffel : The Language. 1991.
[30]
P. C. Nguyen, S. Tobin-Hochstadt, and D. Van Horn. Soft contract verification. CoRR, 2014. URL http://arxiv.org/abs/1307.6239.
[31]
C. H. L. Ong. On Model-Checking trees generated by Higher-Order recursion schemes. LICS, 2006.
[32]
R. Plosch. Design by contract for Python. 1997. APSEC/ICSC'97.
[33]
P. M. Rondon, M. Kawaguci, and R. Jhala. Liquid types. PLDI, 2008.
[34]
O. Shivers. Control flow analysis in Scheme. PLDI, 1988.
[35]
T. S. Strickland, S. Tobin-Hochstadt, R. B. Findler, and M. Flatt. Chaperones and impersonators: run-time support for reasonable interposition. OOPSLA, 2012.
[36]
T. Terauchi. Dependent types from counterexamples. POPL, 2010.
[37]
S. Tobin-Hochstadt and M. Felleisen. Logical types for untyped languages. ICFP, 2010.
[38]
S. Tobin-Hochstadt and D. Van Horn. Higher-order symbolic execution via contracts. OOPSLA, 2012.
[39]
S. Tobin-Hochstadt, V. St-Amour, R. Culpepper, M. Flatt, and M. Felleisen. Languages as libraries. PLDI, 2011.
[40]
T. Tsukada and N. Kobayashi. Untyped recursion schemes and infinite intersection types. FoSSaCS, 2010.
[41]
D. Van Horn and M. Might. Abstracting abstract machines. ICFP, 2010.
[42]
D. Van Horn and M. Might. Systematic abstraction of abstract machines. Journal of Functional Programming, 2012.
[43]
N. Vazou, P. Rondon, and R. Jhala. Abstract refinement types. ESOP, 2013.
[44]
N. Vazou, E. L. Seidel, R. Jhala, D. Vytiniotis, and S. Peyton-Jones. Refinement types for haskell. ICFP, 2014.
[45]
D. Vytiniotis, S. Peyton Jones, K. Claessen, and D. Rosén. HALO: Haskell to logic through denotational semantics. POPL, 2013.
[46]
A. K. Wright and R. Cartwright. A practical soft type system for Scheme. ACM Trans. Program. Lang. Syst., 1997.
[47]
D. N. Xu. Hybrid contract checking via symbolic simplification. PEPM, 2012.
[48]
D. N. Xu, S. Peyton Jones, and S. Claessen. Static contract checking for Haskell. POPL, 2009.
[49]
H. Zhu and S. Jagannathan. Compositional and lightweight dependent type inference for ML. 2013.

Cited By

View all
  • (2024)Type-Based Gradual Typing Performance OptimizationProceedings of the ACM on Programming Languages10.1145/36329318:POPL(2667-2699)Online publication date: 5-Jan-2024
  • (2024)Securing Verified IO Programs Against Unverified Code in F*Proceedings of the ACM on Programming Languages10.1145/36329168:POPL(2226-2259)Online publication date: 5-Jan-2024
  • (2023)Types, Modes and so Much More – The Prolog WayProlog: The Next 50 Years10.1007/978-3-031-35254-6_2(23-37)Online publication date: 17-Jun-2023
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ICFP '14: Proceedings of the 19th ACM SIGPLAN international conference on Functional programming
August 2014
390 pages
ISBN:9781450328739
DOI:10.1145/2628136
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 19 August 2014

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. higher-order contracts
  2. symbolic execution

Qualifiers

  • Research-article

Conference

ICFP'14
Sponsor:

Acceptance Rates

ICFP '14 Paper Acceptance Rate 28 of 85 submissions, 33%;
Overall Acceptance Rate 333 of 1,064 submissions, 31%

Upcoming Conference

ICFP '25
ACM SIGPLAN International Conference on Functional Programming
October 12 - 18, 2025
Singapore , Singapore

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)30
  • Downloads (Last 6 weeks)5
Reflects downloads up to 13 Dec 2024

Other Metrics

Citations

Cited By

View all
  • (2024)Type-Based Gradual Typing Performance OptimizationProceedings of the ACM on Programming Languages10.1145/36329318:POPL(2667-2699)Online publication date: 5-Jan-2024
  • (2024)Securing Verified IO Programs Against Unverified Code in F*Proceedings of the ACM on Programming Languages10.1145/36329168:POPL(2226-2259)Online publication date: 5-Jan-2024
  • (2023)Types, Modes and so Much More – The Prolog WayProlog: The Next 50 Years10.1007/978-3-031-35254-6_2(23-37)Online publication date: 17-Jun-2023
  • (2022)Summary-Based Compositional Analysis for Soft Contract Verification2022 IEEE 22nd International Working Conference on Source Code Analysis and Manipulation (SCAM)10.1109/SCAM55253.2022.00028(186-196)Online publication date: Oct-2022
  • (2021)Intensional datatype refinement: with application to scalable verification of pattern-match safetyProceedings of the ACM on Programming Languages10.1145/34343365:POPL(1-29)Online publication date: 4-Jan-2021
  • (2021)Corpse reviver: sound and efficient gradual typing via contract verificationProceedings of the ACM on Programming Languages10.1145/34343345:POPL(1-28)Online publication date: 4-Jan-2021
  • (2020)Taming type annotations in gradual typingProceedings of the ACM on Programming Languages10.1145/34282594:OOPSLA(1-30)Online publication date: 13-Nov-2020
  • (2020)Compiling symbolic execution with staging and algebraic effectsProceedings of the ACM on Programming Languages10.1145/34282324:OOPSLA(1-33)Online publication date: 13-Nov-2020
  • (2019)Automatic and scalable detection of logical errors in functional programming assignmentsProceedings of the ACM on Programming Languages10.1145/33606143:OOPSLA(1-30)Online publication date: 10-Oct-2019
  • (2018)Gradual liquid type inferenceProceedings of the ACM on Programming Languages10.1145/32765022:OOPSLA(1-25)Online publication date: 24-Oct-2018
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media