skip to main content
research-article

LiquidHaskell: experience with refinement types in the real world

Published:03 September 2014Publication History
Skip Abstract Section

Abstract

Haskell has many delightful features. Perhaps the one most beloved by its users is its type system that allows developers to specify and verify a variety of program properties at compile time. However, many properties, typically those that depend on relationships between program values are impossible, or at the very least, cumbersome to encode within the existing type system. Many such properties can be verified using a combination of Refinement Types and external SMT solvers. We describe the refinement type checker liquidHaskell, which we have used to specify and verify a variety of properties of over 10,000 lines of Haskell code from various popular libraries, including containers, hscolour, bytestring, text, vector-algorithms and xmonad. First, we present a high-level overview of liquidHaskell, through a tour of its features. Second, we present a qualitative discussion of the kinds of properties that can be checked -- ranging from generic application independent criteria like totality and termination, to application specific concerns like memory safety and data structure correctness invariants. Finally, we present a quantitative evaluation of the approach, with a view towards measuring the efficiency and programmer effort required for verification, and discuss the limitations of the approach.

References

  1. C. Barrett, C. Conway, M. Deters, L. Hadarean, D. Jovanović, T. King, A. Reynolds, and C. Tinelli. CVC4. In CAV, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. C. Barrett, A. Stump, and C. Tinelli. The SMT-LIB Standard: Version 2.0. 2010.Google ScholarGoogle Scholar
  3. G. Barthe, M. J. Frade, E. Giménez, L. Pinto, and T. Uustalu. Typebased termination of recursive definitions. In MSCS, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. J. Bengtson, K. Bhargavan, C. Fournet, A. D. Gordon, and S. Maffeis. Refinement types for secure implementations. ACM TOPLAS, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Y. Bertot and P. Castéran. Coq-Art: The Calculus of Inductive Constructions. Springer Verlag, 2004.Google ScholarGoogle Scholar
  6. M. Bozzano, R. Bruttomesso, A. Cimatti, T. Junttila, P. Rossum, S. Schulz, and R. Sebastiani. MathSAT: Tight integration of SAT and mathematical decision procedures. J. Autom. Reason., 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. E. Brady. Idris: general purpose programming with dependent types. In PLPV, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. M. T. Chakravarty, G. Keller, and S. L. Peyton-Jones. Associated type synonyms. In ICFP, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. D. Coutts, R. Leshchinskiy, and D. Stewart. Stream fusion: from lists to streams to nothing at all. In ICFP, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. L. de Moura and N. Bjørner. Z3: An efficient SMT solver. 2008.Google ScholarGoogle Scholar
  11. J. Dunfield. Refined typechecking with Stardust. In PLPV, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. R. A. Eisenberg and S.Weirich. Dependently typed programming with singletons. In Haskell, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. C. Flanagan. Hybrid type checking. In POPL, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. C. Flanagan, K.R.M. Leino, M. Lillibridge, G. Nelson, J. B. Saxe, and R. Stata. Extended static checking for Java. In PLDI, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. J. Giesl, M. Raffelsieper, P. Schneider-Kamp, S. Swiderski, and R. Thiemann. Automated termination proofs for Haskell by term rewriting. In TPLS, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. G. P. Huet. The Zipper. J. Funct. Program., 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. J. Hughes, L. Pareto, and A. Sabry. Proving the correctness of reactive systems using sized types. In POPL, 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. N. D. Jones and N. Bohr. Termination analysis of the untyped lambacalculus. In RTA, 2004.Google ScholarGoogle Scholar
  19. S. Kahrs. Red-black trees with types. J. Funct. Program., 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. M. Kawaguchi, P. Rondon, and R. Jhala. Type-based data structure verification. In PLDI, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. S. Lindley and C. McBride. Hasochism: the pleasure and pain of dependently typed Haskell programming. In Haskell, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. A. Löh, C. McBride, and W. Swierstra. A tutorial implementation of a dependently typed lambda calculus. Fundam. Inform., 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. C. McBride. Faking it: Simulating dependent types in Haskell. J. Funct. Program., 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. N. Mitchell and C. Runciman. Not all patterns, but enough - an automatic verifier for partial but sufficient pattern matching. In Haskell, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. G. Nelson. Techniques for program verification. Technical Report CSL81-10, Xerox Palo Alto Research Center, 1981.Google ScholarGoogle Scholar
  26. U. Norell. Towards a practical programming language based on dependent type theory. PhD thesis, Chalmers, 2007.Google ScholarGoogle Scholar
  27. S. Owre, J.M. Rushby, and N. Shankar. PVS: A prototype verification system. In CADE, 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. S. L. Peyton-Jones, D. Vytiniotis, S. Weirich, and G. Washburn. Simple unification-based type inference for GADTs. In ICFP, 2006.Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. P. Rondon, M. Kawaguchi, and R. Jhala. Liquid types. In PLDI, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. J. Rushby, S. Owre, and N. Shankar. Subtypes for specifications: Predicate subtyping in pvs. IEEE TSE, 1998. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. T. Schrijvers, S. L. Peyton-Jones, M. Sulzmann, and D. Vytiniotis. Complete and decidable type inference for GADTs. In ICFP, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. D. Sereni and N.D. Jones. Termination analysis of higher-order functional programs. In APLAS, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. T. Sheard. Type-level computation using narrowing in omega. In PLPV, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. W. Sonnex, S. Drossopoulou, and S. Eisenbach. Zeno: An automated prover for properties of recursive data structures. In TACAS, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. M. Sulzmann, M. M. T. Chakravarty, S. L. Peyton-Jones, and K. Donnelly. System F with type equality coercions. In TLDI, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. N. Swamy, J. Chen, C. Fournet, P-Y. Strub, K. Bhargavan, and J. Yang. Secure distributed programming with value-dependent types. In ICFP, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. W. Swierstra. Xmonad in Coq (experience report): Programming a window manager in a proof assistant. In Haskell Symposium, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. N. Vazou, P. Rondon, and R. Jhala. Abstract refinement types. In ESOP, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. N. Vazou, E. L. Seidel, R. Jhala, D. Vytiniotis, and S. Peyton-Jones. Refinement types for Haskell. In ICFP, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. D. Vytiniotis, S.L. Peyton-Jones, K. Claessen, and D. Rosén. Halo: Haskell to logic through denotational semantics. In POPL, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. H. Xi. Dependent types for program termination verification. In LICS, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. H. Xi and F. Pfenning. Eliminating array bound checking through dependent types. In PLDI, 1998. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. D. N. Xu, S. L. Peyton-Jones, and K. Claessen. Static contract checking for Haskell. In POPL, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. C. Zenger. Indexed types. TCS, 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. LiquidHaskell: experience with refinement types in the real world

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Published in

        cover image ACM SIGPLAN Notices
        ACM SIGPLAN Notices  Volume 49, Issue 12
        Haskell '14
        December 2014
        141 pages
        ISSN:0362-1340
        EISSN:1558-1160
        DOI:10.1145/2775050
        • Editor:
        • Andy Gill
        Issue’s Table of Contents
        • cover image ACM Conferences
          Haskell '14: Proceedings of the 2014 ACM SIGPLAN symposium on Haskell
          September 2014
          154 pages
          ISBN:9781450330411
          DOI:10.1145/2633357

        Copyright © 2014 ACM

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 3 September 2014

        Check for updates

        Qualifiers

        • research-article

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!