Abstract
Type systems and modern type checkers can be used very successfully to obtain formal correctness guarantees with little specification overhead. However, type systems in practical scenarios have to trade precision for decidability and scalability. Tools for deductive verification, on the other hand, can prove general properties in more cases than a typical type checker can, but they do not scale well. We present a method to complement the scalability of expressive type systems with the precision of deductive program verification approaches. This is achieved by translating the type uses whose correctness the type checker cannot prove into assertions in a specification language, which can be dealt with by a deductive verification tool. Type uses whose correctness the type checker can prove are instead turned into assumptions to aid the verification tool in finding a proof.Our novel approach is introduced both conceptually for a simple imperative language, and practically by a concrete implementation for the Java programming language. The usefulness and power of our approach has been evaluated by discharging known false positives from a real-world program and by a small case study.
Supplemental Material
Available for Download
These are the appendices to our paper "Scalability and Precision by Combining Expressive Type Systems and Deductive Verification", published at OOPSLA 2021 and available at https://doi.org/10.1145/3485520.
- 2016. Deductive Software Verification - The KeY Book - From Theory to Practice, Wolfgang Ahrendt, Bernhard Beckert, Richard Bubel, Reiner Hähnle, Peter H. Schmitt, and Mattias Ulbrich (Eds.) (Lecture Notes in Computer Science, Vol. 10001). Springer. isbn:978-3-319-49811-9 https://doi.org/10.1007/978-3-319-49812-6 Google Scholar
Cross Ref
- Yves Bertot and Pierre Castéran. 2004. Interactive Theorem Proving and Program Development - Coq’Art: The Calculus of Inductive Constructions. Springer. isbn:978-3-642-05880-6 https://doi.org/10.1007/978-3-662-07964-5 Google Scholar
Cross Ref
- Gilad Bracha. 2004. Pluggable type systems. In OOPSLA’04 Workshop on Revival of Dynamic Languages.Google Scholar
- Edwin Brady. 2013. Idris, a general-purpose dependently typed programming language: Design and implementation. Journal of Functional Programming, 23 (2013), Sept., 552–593. issn:1469-7653 https://doi.org/10.1017/S095679681300018X Google Scholar
Cross Ref
- Checker Framework developers. 2020. Checker Framework Manual. https://checkerframework.org/manual/ Version 3.3.0.Google Scholar
- Yoonsik Cheon and Gary T. Leavens. 2002. A Runtime Assertion Checker for the Java Modeling Language (JML). In Proceedings of the International Conference on Software Engineering Research and Practice (SERP ’02). CSREA Press, Las Vegas, Nevada, USA. 322–328.Google Scholar
- Brian Chin, Shane Markstrum, and Todd Millstein. 2005. Semantic Type Qualifiers. In Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’05). Association for Computing Machinery, New York, NY, USA. 85–95. isbn:1595930566 https://doi.org/10.1145/1065010.1065022 Google Scholar
Digital Library
- Adam Chlipala. 2013. Certified Programming with Dependent Types. isbn:9780262026659 http://adam.chlipala.net/cpdt/Google Scholar
- Dave Clarke, Johan Östlund, Ilya Sergey, and Tobias Wrigstad. 2012. Ownership Types: A Survey. In Aliasing in Object-Oriented Programming, D. Clarke, J. Noble, and T. Wrigstad (Eds.). Springer. isbn:9783642369452 https://doi.org/10.1007/978-3-642-36946-9_3 Google Scholar
Cross Ref
- David R. Cok. 2011. OpenJML: JML for Java 7 by Extending OpenJDK. In NASA Formal Methods, Mihaela Bobaru, Klaus Havelund, Gerard J. Holzmann, and Rajeev Joshi (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 472–479. isbn:978-3-642-20398-5 https://doi.org/10.1007/978-3-642-20398-5_35 Google Scholar
Cross Ref
- Werner Dietl, Stephanie Dietzel, Michael D. Ernst, Kivanç Muslu, and Todd Schiller. 2011. Building and Using Pluggable Type-Checkers. In Proceedings of the 33rd International Conference on Software Engineering (ICSE 2011). Association for Computing Machinery, 681–690. isbn:978-1-4503-0445-0 https://doi.org/10.1145/1985793.1985889 Google Scholar
Digital Library
- Werner Dietl, Michael D. Ernst, and Peter Müller. 2011. Tunable Static Inference for Generic Universe Types. In European Conference on Object-Oriented Programming (ECOOP), Mira Mezini (Ed.). Springer Berlin Heidelberg, 333–357. isbn:978-3-642-22655-7 https://doi.org/10.1007/978-3-642-22655-7_16 Google Scholar
Cross Ref
- Werner Dietl and Peter Müller. 2004. Universes: Lightweight Ownership for JML. Journal of Object Technology (JOT), Special Issue: ECOOP 2004 Workshop FTfJP, Oct..Google Scholar
- Werner Dietl and Peter Müller. 2012. Object Ownership in Program Verification. In Aliasing in Object-Oriented Programming, D. Clarke, J. Noble, and T. Wrigstad (Eds.). Springer, 289–318. isbn:9783642369452 https://doi.org/10.1007/978-3-642-36946-9_11 Google Scholar
Cross Ref
- Michael D. Ernst, Jeff H. Perkins, Philip J. Guo, Stephen McCamant, Carlos Pacheco, Matthew S. Tschantz, and Chen Xiao. 2007. The Daikon system for dynamic detection of likely invariants. Science of Computer Programming, 69, 1–3 (2007), Dec., 35–45.Google Scholar
Digital Library
- Tim Freeman and Frank Pfenning. 1991. Refinement Types for ML. In Proceedings of the ACM SIGPLAN 1991 Conference on Programming Language Design and Implementation (PLDI ’91). Association for Computing Machinery, New York, NY, USA. 268–277. isbn:0897914287 https://doi.org/10.1145/113445.113468 Google Scholar
Digital Library
- William Alvin Howard. 1980. The Formulae-as-Types Notion of Construction. In To H. B. Curry: Essays on Combinatory Logic, Lambda Calculus, and Formalism, Haskell Curry, Hindley B., Seldin J. Roger, and P. Jonathan (Eds.). Academic Press.Google Scholar
- Wei Huang, Ana Milanova, Werner Dietl, and Michael D. Ernst. 2012. ReIm & ReImInfer: Checking and Inference of Reference Immutability and Method Purity. In Proceedings of the ACM International Conference on Object Oriented Programming Systems Languages and Applications (OOPSLA ’12). Association for Computing Machinery, New York, NY, USA. 879–896. isbn:9781450315616 https://doi.org/10.1145/2384616.2384680 Google Scholar
Digital Library
- Intermetrics, Inc.. 2016. Ada Reference Manual. http://ada-auth.org/arm.htmlGoogle Scholar
- Ranjit Jhala, Eric Seidel, and Niki Vazou. 2017. Programming with Refinement Types – Introduction to LiquidHaskell. https://ucsd-progsys.github.io/liquidhaskell-blog/Google Scholar
- Ralf Jung, Jacques-Henri Jourdan, Robbert Krebbers, and Derek Dreyer. 2017. RustBelt: Securing the Foundations of the Rust Programming Language. Proceedings of the ACM on Programming Languages, 2, POPL (2017), Article 66, Dec., 34 pages. https://doi.org/10.1145/3158154 Google Scholar
Digital Library
- Kenneth Knowles and Cormac Flanagan. 2010. Hybrid Type Checking. ACM Transactions on Programming Languages and Systems, 32, 2 (2010), Article 6, Feb., 34 pages. issn:0164-0925 https://doi.org/10.1145/1667048.1667051 Google Scholar
Digital Library
- Florian Lanzinger. 2021. Property Types in Java: Combining Type Systems and Deductive Verification. Karlsruher Institut für Technologie.Google Scholar
- Florian Lanzinger, Alexander Weigl, Mattias Ulbrich, and Werner Dietl. 2021. Property Checker – Scalability and Precision by Combining Expressive Type Systems and Deductive Verification. https://doi.org/10.5281/zenodo.5483138 Google Scholar
Digital Library
- Gary T. Leavens, Erik Poll, Curtis Clifton, Yoonsik Cheon, Clyde Ruby, David Cok, Peter Müller, Joseph Kiniry, Patrice Chalin, Daniel M. Zimmerman, and Werner Dietl. 2013. JML Reference Manual. http://www.eecs.ucf.edu/~leavens/JML//refman/jmlrefman.pdf Revision 2344.Google Scholar
- K. Rustan M. Leino. 2017. Accessible Software Verification with Dafny. IEEE Software, 34, 6 (2017), 94–97. https://doi.org/10.1109/MS.2017.4121212 Google Scholar
Cross Ref
- Yitzhak Mandelbaum, David Walker, and Robert Harper. 2003. An Effective Theory of Type Refinements. In Proceedings of the Eighth ACM SIGPLAN International Conference on Functional Programming (ICFP ’03). Association for Computing Machinery, New York, NY, USA. 213–225. isbn:1581137567 https://doi.org/10.1145/944705.944725 Google Scholar
Digital Library
- Shane Markstrum, Daniel Marino, Matthew Esquivel, Todd Millstein, Chris Andreae, and James Noble. 2010. JavaCOP: Declarative Pluggable Types for Java. ACM Transactions on Programming Languages and Systems, 32, 2 (2010), Article 4, Feb., 37 pages. issn:0164-0925 https://doi.org/10.1145/1667048.1667049 Google Scholar
Digital Library
- Gunnar Morling. 2019. Bean Validation specification. https://beanvalidation.org/2.0/spec/ Version 2.0.Google Scholar
- Chris Okasaki. 1995. Simple and efficient purely functional queues and deques. Journal of Functional Programming, 5, 4 (1995), 583–592.Google Scholar
Cross Ref
- Matthew M. Papi, Mahmood Ali, Telmo Luis Correa Jr., Jeff H. Perkins, and Michael D. Ernst. 2008. Practical pluggable types for Java. In International Symposium on Software Testing and Analysis (ISSTA). Association for Computing Machinery, 201–212. https://doi.org/10.1145/1390630.1390656 Google Scholar
Digital Library
- Alex Potanin, Östlund Johan, Yoav Zibin, and Michael D. Ernst. 2012. Immutability. In Aliasing in Object-Oriented Programming, D. Clarke, J. Noble, and T. Wrigstad (Eds.). Springer. isbn:9783642369452 https://doi.org/10.1007/978-3-642-36946-9_9 Google Scholar
Cross Ref
- Arsenii Rudich, Ádám Darvas, and Peter Müller. 2008. Checking Well-Formedness of Pure-Method Specifications. In FM 2008: Formal Methods, 15th International Symposium on Formal Methods, Turku, Finland, May 26-30, 2008, Proceedings, Jorge Cuéllar, T. S. E. Maibaum, and Kaisa Sere (Eds.) (Lecture Notes in Computer Science, Vol. 5014). Springer, 68–83. https://doi.org/10.1007/978-3-540-68237-0_7Google Scholar
Digital Library
- Michael Sammler, Rodolphe Lepigre, Robbert Krebbers, Kayvan Memarian, Derek Dreyer, and Deepak Garg. 2021. RefinedC: Automating the Foundational Verification of C Code with Refined Ownership Types. In Proceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation (PLDI 2021). Association for Computing Machinery, New York, NY, USA. 158–174. isbn:9781450383912 https://doi.org/10.1145/3453483.3454036 Google Scholar
Digital Library
- Aaron Stump and Ian Wehrman. 2006. Property Types: Semantic Programming for Java. In 13th International Workshop on Foundations and Developments of Object-Oriented Languages (FOOL/WOOD 2006). 9 pages.Google Scholar
- Alexander J. Summers and Peter Müller. 2011. Freedom before Commitment: A Lightweight Type System for Object Initialisation. In Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications (OOPSLA ’11). Association for Computing Machinery, New York, NY, USA. 1013–1032. isbn:9781450309400 https://doi.org/10.1145/2048066.2048142 Google Scholar
Digital Library
- John Toman, Ren Siqi, Kohei Suenaga, Atsushi Igarashi, and Naoki Kobayashi. 2020. ConSORT: Context- and Flow-Sensitive Ownership Refinement Types for Imperative Programs. In Programming Languages and Systems, Peter Müller (Ed.). Springer International Publishing, Cham. 684–714. isbn:978-3-030-44914-8 https://doi.org/10.1007/978-3-030-44914-8_25 Google Scholar
Digital Library
- Niki Vazou, Eric L. Seidel, Ranjit Jhala, Dimitrios Vytiniotis, and Simon Peyton Jones. 2014. Refinement Types for Haskell. In Proceedings of the 19th ACM SIGPLAN International Conference on Functional Programming (proceedings of the 19th acm sigplan international conference on functional programming ed.) (ICFP ’14). Association for Computing Machinery, 269–282. isbn:978-1-4503-2873-9 https://doi.org/10.1145/2628136.2628161 Google Scholar
Digital Library
- Tongtong Xiang, Jeff Y. Luo, and Werner Dietl. 2020. Precise inference of expressive units of measurement types. Proceedings of the ACM on Programming Languages, 4, OOPSLA (2020), 142:1–142:28. https://doi.org/10.1145/3428210 Google Scholar
Digital Library
Index Terms
Scalability and precision by combining expressive type systems and deductive verification
Recommendations
Relatively complete refinement type system for verification of higher-order non-deterministic programs
This paper considers verification of non-deterministic higher-order functional programs. Our contribution is a novel type system in which the types are used to express and verify (conditional) safety, termination, non-safety, and non-termination ...
Symbolic Execution and Deductive Verification Approaches to VerifyThis 2017 Challenges
Leveraging Applications of Formal Methods, Verification and Validation. VerificationAbstractWe present solutions to the VerifyThis 2017 program verification challenges using the symbolic execution tool CIVL. Comparing these to existing solutions using deductive verification tools such as Why3 and KeY, we analyze the advantages and ...






Comments