skip to main content
research-article
Open Access

Relatively complete refinement type system for verification of higher-order non-deterministic programs

Published:27 December 2017Publication History
Skip Abstract Section

Abstract

This paper considers verification of non-deterministic higher-order functional programs. Our contribution is a novel type system in which the types are used to express and verify (conditional) safety, termination, non-safety, and non-termination properties in the presence of ∀-∃ branching behavior due to non-determinism. For instance, the judgement ⊢ e:{u: int | φ(u) }∀∀ says that every evaluation of e either diverges or reduces to some integer u satisfying φ(u), whereas ⊢ e:{u: int | ψ(u) }∃∀ says that there exists an evaluation of e that either diverges or reduces to some integer u satisfying ψ(u). Note that the former is a safety property whereas the latter is a counterexample to a (conditional) termination property. Following the recent work on type-based verification methods for deterministic higher-order functional programs, we formalize the idea on the foundation of dependent refinement types, thereby allowing the type system to express and verify rich properties involving program values, branching behaviors, and the combination thereof.

Our type system is able to seamlessly combine deductions of both universal and existential facts within a unified framework, paving the way for an exciting opportunity for new type-based verification methods that combine both universal and existential reasoning. For example, our system can prove the existence of a path violating some safety property from a proof of termination that uses a well-foundedness termination argument. We prove that our type system is sound and relatively complete, and further, thanks to having both modes of non-determinism, we show that our types are closed under complement.

Skip Supplemental Material Section

Supplemental Material

relativelycompleterefinementtypesystem.webm

References

  1. Thomas Ball, Orna Kupferman, and Greta Yorsh. 2005. Abstraction for Falsification. In Computer Aided Verification, 17th International Conference, CAV 2005, Edinburgh, Scotland, UK, July 6-10, 2005, Proceedings (Lecture Notes in Computer Science), Kousha Etessami and Sriram K. Rajamani (Eds.), Vol. 3576. Springer, 67–81. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Jesper Bengtson, Karthikeyan Bhargavan, Cédric Fournet, Andrew D. Gordon, and Sergio Maffeis. 2011. Refinement types for secure implementations. ACM Trans. Program. Lang. Syst. 33, 2 (2011), 8:1–8:45. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Tewodros A. Beyene, Corneliu Popeea, and Andrey Rybalchenko. 2013. Solving Existentially Quantified Horn Clauses. In Computer Aided Verification - 25th International Conference, CAV 2013, Saint Petersburg, Russia, July 13-19, 2013. Proceedings (Lecture Notes in Computer Science), Natasha Sharygina and Helmut Veith (Eds.), Vol. 8044. Springer, 869–882. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Rastislav Bodík and Rupak Majumdar (Eds.). 2016. Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2016, St. Petersburg, FL, USA, January 20 - 22, 2016. ACM. http://dl.acm.org/ citation.cfm?id=2837614Google ScholarGoogle Scholar
  5. Hong Yi Chen, Byron Cook, Carsten Fuhs, Kaustubh Nimkar, and Peter W. O’Hearn. 2014. Proving Nontermination via Safety. In Tools and Algorithms for the Construction and Analysis of Systems - 20th International Conference, TACAS 2014, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2014, Grenoble, France, April 5-13, 2014. Proceedings (Lecture Notes in Computer Science), Erika Ábrahám and Klaus Havelund (Eds.), Vol. 8413. Springer, 156–171. Google ScholarGoogle ScholarCross RefCross Ref
  6. Byron Cook, Alexey Gotsman, Andreas Podelski, Andrey Rybalchenko, and Moshe Y. Vardi. 2007. Proving that programs eventually do something good. In Proceedings of the 34th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2007, Nice, France, January 17-19, 2007, Martin Hofmann and Matthias Felleisen (Eds.). ACM, 265–276. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Byron Cook, Heidy Khlaaf, and Nir Piterman. 2015. On Automation of CTL* Verification for Infinite-State Systems. In Computer Aided Verification - 27th International Conference, CAV 2015, San Francisco, CA, USA, July 18-24, 2015, Proceedings, Part I (Lecture Notes in Computer Science), Daniel Kroening and Corina S. Pasareanu (Eds.), Vol. 9206. Springer, 13–29. Google ScholarGoogle ScholarCross RefCross Ref
  8. Byron Cook and Eric Koskinen. 2013. Reasoning about nondeterminism in programs. In ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI ’13, Seattle, WA, USA, June 16-19, 2013, Hans-Juergen Boehm and Cormac Flanagan (Eds.). ACM, 219–230. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Byron Cook, Andreas Podelski, and Andrey Rybalchenko. 2006. Termination proofs for systems code. In Proceedings of the ACM SIGPLAN 2006 Conference on Programming Language Design and Implementation, Ottawa, Ontario, Canada, June 11-14, 2006, Michael I. Schwartzbach and Thomas Ball (Eds.). ACM, 415–426. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Werner Damm and Bernhard Josko. 1983. A Sound and Relatively * Complete Hoare-Logic for a Language With Higher Type Procedures. Acta Inf. 20 (1983), 59–101. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Dov M. Gabbay and Amir Pnueli. 2008. A Sound and Complete Deductive System for CTL* Verification. Logic Journal of the IGPL 16, 6 (2008), 499–536. Google ScholarGoogle ScholarCross RefCross Ref
  12. Steven M. German, Edmund M. Clarke, and Joseph Y. Halpern. 1983. Reasoning About Procedures as Parameters. In Logics of Programs, Workshop, Carnegie Mellon University, Pittsburgh, PA, USA, June 6-8, 1983, Proceedings (Lecture Notes in Computer Science), Edmund M. Clarke and Dexter Kozen (Eds.), Vol. 164. Springer, 206–220. Google ScholarGoogle ScholarCross RefCross Ref
  13. Steven M. German, Edmund M. Clarke, and Joseph Y. Halpern. 1989. Reasoning about Procedures as Parameters in the Language L4. Inf. Comput. 83, 3 (1989), 265–359. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Patrice Godefroid and Michael Huth. 2005. Model Checking Vs. Generalized Model Checking: Semantic Minimizations for Temporal Logics. In 20th IEEE Symposium on Logic in Computer Science (LICS 2005), 26-29 June 2005, Chicago, IL, USA, Proceedings. IEEE Computer Society, 158–167. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Patrice Godefroid, Michael Huth, and Radha Jagadeesan. 2001. Abstraction-Based Model Checking Using Modal Transition Systems. In CONCUR 2001 - Concurrency Theory, 12th International Conference, Aalborg, Denmark, August 20-25, 2001, Proceedings (Lecture Notes in Computer Science), Kim Guldstrand Larsen and Mogens Nielsen (Eds.), Vol. 2154. Springer, 426–440. Google ScholarGoogle ScholarCross RefCross Ref
  16. Patrice Godefroid, Aditya V. Nori, Sriram K. Rajamani, and SaiDeep Tetali. 2010. Compositional may-must program analysis: unleashing the power of alternation, See [ Hermenegildo and Palsberg 2010 ], 43–56. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Andreas Goerdt. 1985. A Hoare Calculus for Functions Defined by Recursion on Higher Types. In Logics of Programs, Conference, Brooklyn College, June 17-19, 1985, Proceedings (Lecture Notes in Computer Science), Rohit Parikh (Ed.), Vol. 193. Springer, 106–117. Google ScholarGoogle ScholarCross RefCross Ref
  18. Arie Gurfinkel and Marsha Chechik. 2006. Why Waste a Perfectly Good Abstraction?. In Tools and Algorithms for the Construction and Analysis of Systems, 12th International Conference, TACAS 2006 Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2006, Vienna, Austria, March 25 - April 2, 2006, Proceedings (Lecture Notes in Computer Science), Holger Hermanns and Jens Palsberg (Eds.), Vol. 3920. Springer, 212–226. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Arie Gurfinkel, Ou Wei, and Marsha Chechik. 2006. Yasm: A Software Model-Checker for Verification and Refutation. In Computer Aided Verification, 18th International Conference, CAV 2006, Seattle, WA, USA, August 17-20, 2006, Proceedings (Lecture Notes in Computer Science), Thomas Ball and Robert B. Jones (Eds.), Vol. 4144. Springer, 170–174. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Arie Gurfinkel, Ou Wei, and Marsha Chechik. 2008. Model Checking Recursive Programs with Exact Predicate Abstraction. In Automated Technology for Verification and Analysis, 6th International Symposium, ATVA 2008, Seoul, Korea, October 20-23, 2008. Proceedings (Lecture Notes in Computer Science), Sung Deok Cha, Jin-Young Choi, Moonzoo Kim, Insup Lee, and Mahesh Viswanathan (Eds.), Vol. 5311. Springer, 95–110. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Kodai Hashimoto and Hiroshi Unno. 2015. Refinement Type Inference via Horn Constraint Optimization. In Static Analysis - 22nd International Symposium, SAS 2015, Saint-Malo, France, September 9-11, 2015, Proceedings (Lecture Notes in Computer Science), Sandrine Blazy and Thomas Jensen (Eds.), Vol. 9291. Springer, 199–216. Google ScholarGoogle ScholarCross RefCross Ref
  22. Manuel V. Hermenegildo and Jens Palsberg (Eds.). 2010. Proceedings of the 37th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2010, Madrid, Spain, January 17-23, 2010. ACM. http://dl.acm.org/citation. cfm?id=1706299Google ScholarGoogle Scholar
  23. Kohei Honda, Martin Berger, and Nobuko Yoshida. 2006. Descriptive and Relative Completeness of Logics for Higher-Order Functions. In Automata, Languages and Programming, 33rd International Colloquium, ICALP 2006, Venice, Italy, July 10-14, 2006, Proceedings, Part II (Lecture Notes in Computer Science), Michele Bugliesi, Bart Preneel, Vladimiro Sassone, and Ingo Wegener (Eds.), Vol. 4052. Springer, 360–371. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Ranjit Jhala, Rupak Majumdar, and Andrey Rybalchenko. 2011. HMC: Verifying Functional Programs Using Abstract Interpreters. In Computer Aided Verification - 23rd International Conference, CAV 2011, Snowbird, UT, USA, July 14-20, 2011. Proceedings (Lecture Notes in Computer Science), Ganesh Gopalakrishnan and Shaz Qadeer (Eds.), Vol. 6806. Springer, 470–485. Google ScholarGoogle ScholarCross RefCross Ref
  25. Naoki Kobayashi. 2009. Types and higher-order recursion schemes for verification of higher-order programs. In Proceedings of the 36th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2009, Savannah, GA, USA, January 21-23, 2009, Zhong Shao and Benjamin C. Pierce (Eds.). ACM, 416–428. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Naoki Kobayashi and C.-H. Luke Ong. 2009. A Type System Equivalent to the Modal Mu-Calculus Model Checking of Higher-Order Recursion Schemes. In Proceedings of the 24th Annual IEEE Symposium on Logic in Computer Science, LICS 2009, 11-14 August 2009, Los Angeles, CA, USA. IEEE Computer Society, 179–188. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Naoki Kobayashi, Ryosuke Sato, and Hiroshi Unno. 2011. Predicate abstraction and CEGAR for higher-order model checking. In Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2011, San Jose, CA, USA, June 4-8, 2011, Mary W. Hall and David A. Padua (Eds.). ACM, 222–233. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Eric Koskinen and Tachio Terauchi. 2014. Local temporal reasoning. In Joint Meeting of the Twenty-Third EACSL Annual Conference on Computer Science Logic (CSL) and the Twenty-Ninth Annual ACM/IEEE Symposium on Logic in Computer Science (LICS), CSL-LICS ’14, Vienna, Austria, July 14 - 18, 2014, Thomas A. Henzinger and Dale Miller (Eds.). ACM, 59:1–59:10. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Takuya Kuwahara, Ryosuke Sato, Hiroshi Unno, and Naoki Kobayashi. 2015. Predicate Abstraction and CEGAR for Disproving Termination of Higher-Order Functional Programs. In Computer Aided Verification - 27th International Conference, CAV 2015, San Francisco, CA, USA, July 18-24, 2015, Proceedings, Part II (Lecture Notes in Computer Science), Daniel Kroening and Corina S. Pasareanu (Eds.), Vol. 9207. Springer, 287–303. Google ScholarGoogle ScholarCross RefCross Ref
  30. Takuya Kuwahara, Tachio Terauchi, Hiroshi Unno, and Naoki Kobayashi. 2014. Automatic Termination Verification for Higher-Order Functional Programs. In Programming Languages and Systems - 23rd European Symposium on Programming, ESOP 2014, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2014, Grenoble, France, April 5-13, 2014, Proceedings (Lecture Notes in Computer Science), Zhong Shao (Ed.), Vol. 8410. Springer, 392–411. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Akihiro Murase, Tachio Terauchi, Naoki Kobayashi, Ryosuke Sato, and Hiroshi Unno. 2016. Temporal verification of higher-order functional programs, See [ Bodík and Majumdar 2016 ], 57–68. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Ernst-Rüdiger Olderog. 1984. Correctness of Programs with Pascal-Like Procedures without Global Variables. Theor. Comput. Sci. 30 (1984), 49–90. Google ScholarGoogle ScholarCross RefCross Ref
  33. C.-H. Luke Ong. 2006. On Model-Checking Trees Generated by Higher-Order Recursion Schemes. In 21th IEEE Symposium on Logic in Computer Science (LICS 2006), 12-15 August 2006, Seattle, WA, USA, Proceedings. IEEE Computer Society, 81–90. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. C.-H. Luke Ong and Steven J. Ramsay. 2011. Verifying higher-order functional programs with pattern-matching algebraic data types. In Proceedings of the 38th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2011, Austin, TX, USA, January 26-28, 2011, Thomas Ball and Mooly Sagiv (Eds.). ACM, 587–598. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Corneliu Popeea and Andrey Rybalchenko. 2012. Compositional Termination Proofs for Multi-threaded Programs. In Tools and Algorithms for the Construction and Analysis of Systems - 18th International Conference, TACAS 2012, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2012, Tallinn, Estonia, March 24 - April 1, 2012. Proceedings (Lecture Notes in Computer Science), Cormac Flanagan and Barbara König (Eds.), Vol. 7214. Springer, 237–251. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Bernhard Reus and Thomas Streicher. 2011. Relative Completeness for Logics of Functional Programs. In Computer Science Logic, 25th International Workshop / 20th Annual Conference of the EACSL, CSL 2011, September 12-15, 2011, Bergen, Norway, Proceedings (LIPIcs), Marc Bezem (Ed.), Vol. 12. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik, 470–480. Google ScholarGoogle ScholarCross RefCross Ref
  37. Patrick Maxim Rondon, Ming Kawaguchi, and Ranjit Jhala. 2008. Liquid types. In Proceedings of the ACM SIGPLAN 2008 Conference on Programming Language Design and Implementation, Tucson, AZ, USA, June 7-13, 2008, Rajiv Gupta and Saman P. Amarasinghe (Eds.). ACM, 159–169. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Sharon Shoham and Orna Grumberg. 2004. Monotonic Abstraction-Refinement for CTL. In Tools and Algorithms for the Construction and Analysis of Systems, 10th International Conference, TACAS 2004, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2004, Barcelona, Spain, March 29 - April 2, 2004, Proceedings (Lecture Notes in Computer Science), Kurt Jensen and Andreas Podelski (Eds.), Vol. 2988. Springer, 546–560. Google ScholarGoogle ScholarCross RefCross Ref
  39. Sharon Shoham and Orna Grumberg. 2007. A game-based framework for CTL counterexamples and 3-valued abstractionrefinement. ACM Trans. Comput. Log. 9, 1 (2007), 1. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Nikhil Swamy, Juan Chen, Cédric Fournet, Pierre-Yves Strub, Karthikeyan Bhargavan, and Jean Yang. 2011. Secure distributed programming with value-dependent types. In Proceeding of the 16th ACM SIGPLAN international conference on Functional Programming, ICFP 2011, Tokyo, Japan, September 19-21, 2011, Manuel M. T. Chakravarty, Zhenjiang Hu, and Olivier Danvy (Eds.). ACM, 266–278. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Nikhil Swamy, Catalin Hritcu, Chantal Keller, Aseem Rastogi, Antoine Delignat-Lavaud, Simon Forest, Karthikeyan Bhargavan, Cédric Fournet, Pierre-Yves Strub, Markulf Kohlweiss, Jean Karim Zinzindohoue, and Santiago Zanella Béguelin. 2016. Dependent types and multi-monadic effects in F, See [ Bodík and Majumdar 2016 ], 256–270. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Tachio Terauchi. 2010. Dependent types from counterexamples, See [ Hermenegildo and Palsberg 2010 ], 119–130. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Hiroshi Unno and Naoki Kobayashi. 2009. Dependent type inference with interpolants. In Proceedings of the 11th International ACM SIGPLAN Conference on Principles and Practice of Declarative Programming, September 7-9, 2009, Coimbra, Portugal, António Porto and Francisco Javier López-Fraguas (Eds.). ACM, 277–288. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Hiroshi Unno, Yuki Satake, and Tachio Terauchi. 2017. Relatively Complete Refinement Type System for Verification of Higher-Order Non-Deterministic Programs. Extended version, available from http://www.cs.tsukuba.ac.jp/~uhiro/ .Google ScholarGoogle Scholar
  45. Hiroshi Unno, Tachio Terauchi, and Naoki Kobayashi. 2013. Automating relatively complete verification of higher-order functional programs. In The 40th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL ’13, Rome, Italy - January 23 - 25, 2013, Roberto Giacobazzi and Radhia Cousot (Eds.). ACM, 75–86. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Niki Vazou, Eric L. Seidel, Ranjit Jhala, Dimitrios Vytiniotis, and Simon L. Peyton Jones. 2014. Refinement types for Haskell. In Proceedings of the 19th ACM SIGPLAN international conference on Functional programming, Gothenburg, Sweden, September 1-3, 2014, Johan Jeuring and Manuel M. T. Chakravarty (Eds.). ACM, 269–282. Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. Hongwei Xi. 2001. Dependent Types for Program Termination Verification. In 16th Annual IEEE Symposium on Logic in Computer Science, Boston, Massachusetts, USA, June 16-19, 2001, Proceedings. IEEE Computer Society, 231–242. Google ScholarGoogle ScholarCross RefCross Ref
  48. He Zhu and Suresh Jagannathan. 2013. Compositional and Lightweight Dependent Type Inference for ML. In Verification, Model Checking, and Abstract Interpretation, 14th International Conference, VMCAI 2013, Rome, Italy, January 20-22, 2013. Proceedings (Lecture Notes in Computer Science), Roberto Giacobazzi, Josh Berdine, and Isabella Mastroeni (Eds.), Vol. 7737. Springer, 295–314. Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. He Zhu, Aditya V. Nori, and Suresh Jagannathan. 2015. Learning refinement types. In Proceedings of the 20th ACM SIGPLAN International Conference on Functional Programming, ICFP 2015, Vancouver, BC, Canada, September 1-3, 2015, Kathleen Fisher and John H. Reppy (Eds.). ACM, 400–411. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Relatively complete refinement type system for verification of higher-order non-deterministic programs

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!