ABSTRACT
We present Low-Level Liquid Types , a refinement type system for C based on Liquid Types . Low-Level Liquid Types combine refinement types with three key elements to automate verification of critical safety properties of low-level programs: First, by associating refinement types with individual heap locations and precisely tracking the locations referenced by pointers, our system is able to reason about complex invariants of in-memory data structures and sophisticated uses of pointer arithmetic. Second, by adding constructs which allow strong updates to the types of heap locations, even in the presence of aliasing, our system is able to verify properties of in-memory data structures in spite of temporary invariant violations. By using this strong update mechanism, our system is able to verify the correct initialization of newly-allocated regions of memory. Third, by using the abstract interpretation framework of Liquid Types, we are able to use refinement type inference to automatically verify important safety properties without imposing an onerous annotation burden. We have implemented our approach in CSOLVE, a tool for Low-Level Liquid Type inference for C programs. We demonstrate through several examples that CSOLVE is able to precisely infer complex invariants required to verify important safety properties, like the absence of array bounds violations and null-dereferences, with a minimal annotation overhead.
- Amal Ahmed, Matthew Fluet, and Greg Morrisett. L3: A linear language with locations. Fundam. Inf., 77(4):397--449, 2007. Google ScholarDigital Library
- Alex Aiken, Jeffrey S. Foster, John Kodumal, and Tachio Terauchi. Checking and inferring local non-aliasing. In PLDI, pages 129--140, New York, NY, USA, 2003. ACM. Google ScholarDigital Library
- T. Ball and S. K. Rajamani. The SLAM project: debugging system software via static analysis. In POPL. ACM, 2002. Google ScholarDigital Library
- J. Bengtson, K. Bhargavan, C. Fournet, A. D. Gordon, and S. Maffeis. Refinement types for secure implementations. In CSF, 2008. Google ScholarDigital Library
- B. Blanchet, P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Mine, D. Monniaux, and X. Rival. A static analyzer for large safety-critical software. In PLDI, pages 196--207. ACM, 2003. Google ScholarDigital Library
- C. Calcagno, D. Distefano, P. W. O'Hearn, and H. Yang. Compositional shape analysis by means of bi-abduction. In POPL, 2009. Google ScholarDigital Library
- S. Chaki, J. Ouaknine, K. Yorav, and E.M. Clarke. Automated compositional abstraction refinement for concurrent C programs: A two-level approach. In SoftMC, 2003.Google ScholarCross Ref
- B. E. Chang and X. Rival. Relational inductive shape analysis. In POPL, pages 247--260, 2008. Google ScholarDigital Library
- J. Condit, B. Hackett, S. Lahiri, and S. Qadeer. Unifying type checking and property checking for low-level code. In POPL, 2009. Google ScholarDigital Library
- J. Condit, M. Harren, Z. Anderson, D. Gay, and G. C. Necula. Dependent types for low-level programming. In ESOP, 2007. Google ScholarDigital Library
- J. Condit, M. Harren, S. McPeak, G. Necula, and W. Weimer. Ccured in the real world. In PLDI, pages 232--244, 2003. Google ScholarDigital Library
- M. Fahndrich and R. DeLine. Adoption and focus: Practical linear types for imperative programming. In PLDI. ACM, 2002. Google ScholarDigital Library
- J-C. Filliâtre and C. Marché. The why/krakatoa/caduceus platform for deductive program verification. In CAV, 2007. Google ScholarDigital Library
- C. Flanagan. Hybrid type checking. In POPL. ACM, 2006. Google ScholarDigital Library
- C. Flanagan, K.R.M. Leino, M. Lillibridge, G. Nelson, J. B. Saxe, and R. Stata. Extended static checking for Java. In PLDI, 2002. Google ScholarDigital Library
- J.S. Foster, T. Terauchi, and A. Aiken. Flow-sensitive type qualifiers. In PLDI, pages 1--12. ACM, 2002. Google ScholarDigital Library
- T.A. Henzinger, R. Jhala, R. Majumdar, and K.L. McMillan. Abstractions from proofs. In POPL 04. ACM, 2004. Google ScholarDigital Library
- H. Jain, F. Ivancic, A. Gupta, I. Shlyakhter, and C. Wang. Using statically computed invariants inside the predicate abstraction and refinement loop. In CAV, pages 137--151, 2006. Google ScholarDigital Library
- JOS. Jos: An operating system kernel. http://pdos.csail.mit.edu/6.828/2005/overview.html.Google Scholar
- M. Kawaguchi, P. Rondon, and R. Jhala. Type-based data structure verification. In PLDI, pages 304--315, 2009. Google ScholarDigital Library
- C. Lee, M. Potkonjak, and W. H. Mangione-Smith. Mediabench: A tool for evaluating and synthesizing multimedia and communicatons systems. In MICRO, 1997. Google ScholarDigital Library
- T. Lev-Ami and S. Sagiv. TVLA: A system for implementing static analyses. In SAS, LNCS 1824, pages 280--301. Springer, 2000. Google ScholarDigital Library
- A. Nanevski, G. Morrisett, A. Shinnar, P. Govereau, and L. Birkedal. Ynot: Reasoning with the awkward squad. In ICFP, 2008.Google ScholarDigital Library
- H. H. Nguyen, C. David, S. Qin, and W-N. Chin. Automated verification of shape and size properties via separation logic. In VMCAI, 2007. Google ScholarDigital Library
- X. Ou, G. Tan, Y. Mandelbaum, and D. Walker. Dynamic typing with dependent types. In IFIP TCS, pages 437--450, 2004.Google ScholarCross Ref
- The GNU Project. GNU coreutils. http://www.gnu.org/.Google Scholar
- Z. Rakamaric, J. D. Bingham, and A. J. Hu. An inference-rule-based decision procedure for verification of heap-manipulating programs with mutable data and cyclic data structures. In VMCAI, 2007. Google ScholarDigital Library
- P. Rondon, M. Kawaguchi, and R. Jhala. Low-level liquid types: Technical report. http://pho.ucsd.edu/liquid.Google Scholar
- P. Rondon, M. Kawaguchi, and R. Jhala. Liquid types. In PLDI, 2008. Google ScholarDigital Library
- D. Walker and J.G. Morrisett. Alias types for recursive data structures. In Types in Compilation 2000, pages 177--206. Springer-Verlag, 2000. Google ScholarDigital Library
- R. P. Wilson and M. S. Lam. Efficient context-sensitive pointer analysis for c programs. In PLDI, 1995. Google ScholarDigital Library
- H. Xi and F. Pfenning. Dependent types in practical programming. In POPL, pages 214--227, 1999. Google ScholarDigital Library
- Y. Xie and A. Aiken. Scalable error detection using boolean satisfiability. In POPL, pages 351--363, 2005. Google ScholarDigital Library
- K. Zee, V. Kuncak, and M. C. Rinard. Full functional verification of linked data structures. In PLDI, pages 349--361, 2008. Google ScholarDigital Library
- D. Zhu and H. Xi. Safe programming with pointers through stateful views. In PADL, pages 83--97. Springer, 2005. Google ScholarDigital Library
Index Terms
- Low-level liquid types
Recommendations
Liquid types
PLDI '08: Proceedings of the 29th ACM SIGPLAN Conference on Programming Language Design and ImplementationWe present Logically Qualified Data Types, abbreviated to Liquid Types, a system that combines Hindley-Milner type inference with Predicate Abstraction to automatically infer dependent types precise enough to prove a variety of safety properties. Liquid ...
Low-level liquid types
POPL '10We present Low-Level Liquid Types , a refinement type system for C based on Liquid Types . Low-Level Liquid Types combine refinement types with three key elements to automate verification of critical safety properties of low-level programs: First, by ...
Liquid types
PLDI '08We present Logically Qualified Data Types, abbreviated to Liquid Types, a system that combines Hindley-Milner type inference with Predicate Abstraction to automatically infer dependent types precise enough to prove a variety of safety properties. Liquid ...
Comments