skip to main content

Scalability and precision by combining expressive type systems and deductive verification

Published:15 October 2021Publication History
Skip Abstract Section

Abstract

Type systems and modern type checkers can be used very successfully to obtain formal correctness guarantees with little specification overhead. However, type systems in practical scenarios have to trade precision for decidability and scalability. Tools for deductive verification, on the other hand, can prove general properties in more cases than a typical type checker can, but they do not scale well. We present a method to complement the scalability of expressive type systems with the precision of deductive program verification approaches. This is achieved by translating the type uses whose correctness the type checker cannot prove into assertions in a specification language, which can be dealt with by a deductive verification tool. Type uses whose correctness the type checker can prove are instead turned into assumptions to aid the verification tool in finding a proof.Our novel approach is introduced both conceptually for a simple imperative language, and practically by a concrete implementation for the Java programming language. The usefulness and power of our approach has been evaluated by discharging known false positives from a real-world program and by a small case study.

Skip Supplemental Material Section

Supplemental Material

Auxiliary Presentation Video

This is the video presentation to our paper "Scalability and Precision by Combining Expressive Type Systems and Deductive Verification", published at OOPSLA 2021 and available at https://doi.org/10.1145/3485520.

References

  1. 2016. Deductive Software Verification - The KeY Book - From Theory to Practice, Wolfgang Ahrendt, Bernhard Beckert, Richard Bubel, Reiner Hähnle, Peter H. Schmitt, and Mattias Ulbrich (Eds.) (Lecture Notes in Computer Science, Vol. 10001). Springer. isbn:978-3-319-49811-9 https://doi.org/10.1007/978-3-319-49812-6 Google ScholarGoogle ScholarCross RefCross Ref
  2. Yves Bertot and Pierre Castéran. 2004. Interactive Theorem Proving and Program Development - Coq’Art: The Calculus of Inductive Constructions. Springer. isbn:978-3-642-05880-6 https://doi.org/10.1007/978-3-662-07964-5 Google ScholarGoogle ScholarCross RefCross Ref
  3. Gilad Bracha. 2004. Pluggable type systems. In OOPSLA’04 Workshop on Revival of Dynamic Languages.Google ScholarGoogle Scholar
  4. Edwin Brady. 2013. Idris, a general-purpose dependently typed programming language: Design and implementation. Journal of Functional Programming, 23 (2013), Sept., 552–593. issn:1469-7653 https://doi.org/10.1017/S095679681300018X Google ScholarGoogle ScholarCross RefCross Ref
  5. Checker Framework developers. 2020. Checker Framework Manual. https://checkerframework.org/manual/ Version 3.3.0.Google ScholarGoogle Scholar
  6. Yoonsik Cheon and Gary T. Leavens. 2002. A Runtime Assertion Checker for the Java Modeling Language (JML). In Proceedings of the International Conference on Software Engineering Research and Practice (SERP ’02). CSREA Press, Las Vegas, Nevada, USA. 322–328.Google ScholarGoogle Scholar
  7. Brian Chin, Shane Markstrum, and Todd Millstein. 2005. Semantic Type Qualifiers. In Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’05). Association for Computing Machinery, New York, NY, USA. 85–95. isbn:1595930566 https://doi.org/10.1145/1065010.1065022 Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Adam Chlipala. 2013. Certified Programming with Dependent Types. isbn:9780262026659 http://adam.chlipala.net/cpdt/Google ScholarGoogle Scholar
  9. Dave Clarke, Johan Östlund, Ilya Sergey, and Tobias Wrigstad. 2012. Ownership Types: A Survey. In Aliasing in Object-Oriented Programming, D. Clarke, J. Noble, and T. Wrigstad (Eds.). Springer. isbn:9783642369452 https://doi.org/10.1007/978-3-642-36946-9_3 Google ScholarGoogle ScholarCross RefCross Ref
  10. David R. Cok. 2011. OpenJML: JML for Java 7 by Extending OpenJDK. In NASA Formal Methods, Mihaela Bobaru, Klaus Havelund, Gerard J. Holzmann, and Rajeev Joshi (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 472–479. isbn:978-3-642-20398-5 https://doi.org/10.1007/978-3-642-20398-5_35 Google ScholarGoogle ScholarCross RefCross Ref
  11. Werner Dietl, Stephanie Dietzel, Michael D. Ernst, Kivanç Muslu, and Todd Schiller. 2011. Building and Using Pluggable Type-Checkers. In Proceedings of the 33rd International Conference on Software Engineering (ICSE 2011). Association for Computing Machinery, 681–690. isbn:978-1-4503-0445-0 https://doi.org/10.1145/1985793.1985889 Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Werner Dietl, Michael D. Ernst, and Peter Müller. 2011. Tunable Static Inference for Generic Universe Types. In European Conference on Object-Oriented Programming (ECOOP), Mira Mezini (Ed.). Springer Berlin Heidelberg, 333–357. isbn:978-3-642-22655-7 https://doi.org/10.1007/978-3-642-22655-7_16 Google ScholarGoogle ScholarCross RefCross Ref
  13. Werner Dietl and Peter Müller. 2004. Universes: Lightweight Ownership for JML. Journal of Object Technology (JOT), Special Issue: ECOOP 2004 Workshop FTfJP, Oct..Google ScholarGoogle Scholar
  14. Werner Dietl and Peter Müller. 2012. Object Ownership in Program Verification. In Aliasing in Object-Oriented Programming, D. Clarke, J. Noble, and T. Wrigstad (Eds.). Springer, 289–318. isbn:9783642369452 https://doi.org/10.1007/978-3-642-36946-9_11 Google ScholarGoogle ScholarCross RefCross Ref
  15. Michael D. Ernst, Jeff H. Perkins, Philip J. Guo, Stephen McCamant, Carlos Pacheco, Matthew S. Tschantz, and Chen Xiao. 2007. The Daikon system for dynamic detection of likely invariants. Science of Computer Programming, 69, 1–3 (2007), Dec., 35–45.Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Tim Freeman and Frank Pfenning. 1991. Refinement Types for ML. In Proceedings of the ACM SIGPLAN 1991 Conference on Programming Language Design and Implementation (PLDI ’91). Association for Computing Machinery, New York, NY, USA. 268–277. isbn:0897914287 https://doi.org/10.1145/113445.113468 Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. William Alvin Howard. 1980. The Formulae-as-Types Notion of Construction. In To H. B. Curry: Essays on Combinatory Logic, Lambda Calculus, and Formalism, Haskell Curry, Hindley B., Seldin J. Roger, and P. Jonathan (Eds.). Academic Press.Google ScholarGoogle Scholar
  18. Wei Huang, Ana Milanova, Werner Dietl, and Michael D. Ernst. 2012. ReIm & ReImInfer: Checking and Inference of Reference Immutability and Method Purity. In Proceedings of the ACM International Conference on Object Oriented Programming Systems Languages and Applications (OOPSLA ’12). Association for Computing Machinery, New York, NY, USA. 879–896. isbn:9781450315616 https://doi.org/10.1145/2384616.2384680 Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Intermetrics, Inc.. 2016. Ada Reference Manual. http://ada-auth.org/arm.htmlGoogle ScholarGoogle Scholar
  20. Ranjit Jhala, Eric Seidel, and Niki Vazou. 2017. Programming with Refinement Types – Introduction to LiquidHaskell. https://ucsd-progsys.github.io/liquidhaskell-blog/Google ScholarGoogle Scholar
  21. Ralf Jung, Jacques-Henri Jourdan, Robbert Krebbers, and Derek Dreyer. 2017. RustBelt: Securing the Foundations of the Rust Programming Language. Proceedings of the ACM on Programming Languages, 2, POPL (2017), Article 66, Dec., 34 pages. https://doi.org/10.1145/3158154 Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Kenneth Knowles and Cormac Flanagan. 2010. Hybrid Type Checking. ACM Transactions on Programming Languages and Systems, 32, 2 (2010), Article 6, Feb., 34 pages. issn:0164-0925 https://doi.org/10.1145/1667048.1667051 Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Florian Lanzinger. 2021. Property Types in Java: Combining Type Systems and Deductive Verification. Karlsruher Institut für Technologie.Google ScholarGoogle Scholar
  24. Florian Lanzinger, Alexander Weigl, Mattias Ulbrich, and Werner Dietl. 2021. Property Checker – Scalability and Precision by Combining Expressive Type Systems and Deductive Verification. https://doi.org/10.5281/zenodo.5483138 Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Gary T. Leavens, Erik Poll, Curtis Clifton, Yoonsik Cheon, Clyde Ruby, David Cok, Peter Müller, Joseph Kiniry, Patrice Chalin, Daniel M. Zimmerman, and Werner Dietl. 2013. JML Reference Manual. http://www.eecs.ucf.edu/~leavens/JML//refman/jmlrefman.pdf Revision 2344.Google ScholarGoogle Scholar
  26. K. Rustan M. Leino. 2017. Accessible Software Verification with Dafny. IEEE Software, 34, 6 (2017), 94–97. https://doi.org/10.1109/MS.2017.4121212 Google ScholarGoogle ScholarCross RefCross Ref
  27. Yitzhak Mandelbaum, David Walker, and Robert Harper. 2003. An Effective Theory of Type Refinements. In Proceedings of the Eighth ACM SIGPLAN International Conference on Functional Programming (ICFP ’03). Association for Computing Machinery, New York, NY, USA. 213–225. isbn:1581137567 https://doi.org/10.1145/944705.944725 Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Shane Markstrum, Daniel Marino, Matthew Esquivel, Todd Millstein, Chris Andreae, and James Noble. 2010. JavaCOP: Declarative Pluggable Types for Java. ACM Transactions on Programming Languages and Systems, 32, 2 (2010), Article 4, Feb., 37 pages. issn:0164-0925 https://doi.org/10.1145/1667048.1667049 Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Gunnar Morling. 2019. Bean Validation specification. https://beanvalidation.org/2.0/spec/ Version 2.0.Google ScholarGoogle Scholar
  30. Chris Okasaki. 1995. Simple and efficient purely functional queues and deques. Journal of Functional Programming, 5, 4 (1995), 583–592.Google ScholarGoogle ScholarCross RefCross Ref
  31. Matthew M. Papi, Mahmood Ali, Telmo Luis Correa Jr., Jeff H. Perkins, and Michael D. Ernst. 2008. Practical pluggable types for Java. In International Symposium on Software Testing and Analysis (ISSTA). Association for Computing Machinery, 201–212. https://doi.org/10.1145/1390630.1390656 Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Alex Potanin, Östlund Johan, Yoav Zibin, and Michael D. Ernst. 2012. Immutability. In Aliasing in Object-Oriented Programming, D. Clarke, J. Noble, and T. Wrigstad (Eds.). Springer. isbn:9783642369452 https://doi.org/10.1007/978-3-642-36946-9_9 Google ScholarGoogle ScholarCross RefCross Ref
  33. Arsenii Rudich, Ádám Darvas, and Peter Müller. 2008. Checking Well-Formedness of Pure-Method Specifications. In FM 2008: Formal Methods, 15th International Symposium on Formal Methods, Turku, Finland, May 26-30, 2008, Proceedings, Jorge Cuéllar, T. S. E. Maibaum, and Kaisa Sere (Eds.) (Lecture Notes in Computer Science, Vol. 5014). Springer, 68–83. https://doi.org/10.1007/978-3-540-68237-0_7Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Michael Sammler, Rodolphe Lepigre, Robbert Krebbers, Kayvan Memarian, Derek Dreyer, and Deepak Garg. 2021. RefinedC: Automating the Foundational Verification of C Code with Refined Ownership Types. In Proceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation (PLDI 2021). Association for Computing Machinery, New York, NY, USA. 158–174. isbn:9781450383912 https://doi.org/10.1145/3453483.3454036 Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Aaron Stump and Ian Wehrman. 2006. Property Types: Semantic Programming for Java. In 13th International Workshop on Foundations and Developments of Object-Oriented Languages (FOOL/WOOD 2006). 9 pages.Google ScholarGoogle Scholar
  36. Alexander J. Summers and Peter Müller. 2011. Freedom before Commitment: A Lightweight Type System for Object Initialisation. In Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications (OOPSLA ’11). Association for Computing Machinery, New York, NY, USA. 1013–1032. isbn:9781450309400 https://doi.org/10.1145/2048066.2048142 Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. John Toman, Ren Siqi, Kohei Suenaga, Atsushi Igarashi, and Naoki Kobayashi. 2020. ConSORT: Context- and Flow-Sensitive Ownership Refinement Types for Imperative Programs. In Programming Languages and Systems, Peter Müller (Ed.). Springer International Publishing, Cham. 684–714. isbn:978-3-030-44914-8 https://doi.org/10.1007/978-3-030-44914-8_25 Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Niki Vazou, Eric L. Seidel, Ranjit Jhala, Dimitrios Vytiniotis, and Simon Peyton Jones. 2014. Refinement Types for Haskell. In Proceedings of the 19th ACM SIGPLAN International Conference on Functional Programming (proceedings of the 19th acm sigplan international conference on functional programming ed.) (ICFP ’14). Association for Computing Machinery, 269–282. isbn:978-1-4503-2873-9 https://doi.org/10.1145/2628136.2628161 Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Tongtong Xiang, Jeff Y. Luo, and Werner Dietl. 2020. Precise inference of expressive units of measurement types. Proceedings of the ACM on Programming Languages, 4, OOPSLA (2020), 142:1–142:28. https://doi.org/10.1145/3428210 Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Scalability and precision by combining expressive type systems and deductive verification

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!