Type-based data structure verification

Kawaguchi, Ming; Rondon, Patrick M.; Jhala, Ranjit

doi:10.1145/1542476.1542510

Cited by 68 publications

(37 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Liquid Type Inference Finally, we use liquid type inference to infer refinement types and thus automatically discover data structure invariants. This step is similar to previous work [29,20]; we give a brief outline here. As before, we observe that our type checking rules encode an algorithm for type inference and so we perform type inference by attempting to produce a type derivation.…”

Section: Type Inferencementioning

confidence: 77%

“…ATS [35] combines linear types with stateful views and explicit programmer-provided proof terms to specify and verify safety properties of an imperative language. In contrast to the above, we have previously demonstrated [29,20] that for high-level languages the abstract interpretation enabled by Liquid Types can drastically reduce the annotations and automate verification. Our work brings those benefits to the low-level, imperative setting.…”

Section: Related Workmentioning

confidence: 92%

“…Type inference occurs in three phases: the first infers Basic types for the program; the second inserts location fold and unfold operations where necessary; and the third infers refinement types using liquid type inference. Basic Type Inference In previous work [29,20], we based our type inference techniques on the rich type information provided by ML's type system. Because C programs are essentially untyped, We first use the declared C types of all functions in the program to generate corresponding Basic type schemas.…”

Section: Type Inferencementioning

confidence: 99%

“…We demonstrated that this symbiotic combination enables the highly automated verification of complex data-sensitive properties of highlevel, functional programs [20]. Unfortunately, the very nature of low-level, imperative code, typically written in C, makes the translation of type-based mechanisms to the setting of systems software verification extremely challenging.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Low-level liquid types

2010

Self Cite

View full text Add to dashboard Cite

We present Low-Level Liquid Types, a refinement type system for C based on Liquid Types. Low-Level Liquid Types combine refinement types with three key elements to automate verification of critical safety properties of low-level programs: First, by associating refinement types with individual heap locations and precisely tracking the locations referenced by pointers, our system is able to reason about complex invariants of in-memory data structures and sophisticated uses of pointer arithmetic. Second, by adding constructs which allow strong updates to the types of heap locations, even in the presence of aliasing, our system is able to verify properties of in-memory data structures in spite of temporary invariant violations. By using this strong update mechanism, our system is able to verify the correct initialization of newly-allocated regions of memory. Third, by using the abstract interpretation framework of Liquid Types, we are able to use refinement type inference to automatically verify important safety properties without imposing an onerous annotation burden. We have implemented our approach in CSOLVE, a tool for Low-Level Liquid Type inference for C programs. We demonstrate through several examples that CSOLVE is able to precisely infer complex invariants required to verify important safety properties, like the absence of array bounds violations and null-dereferences, with a minimal annotation overhead.

show abstract

Section: Type Inferencementioning

confidence: 77%

Section: Related Workmentioning

confidence: 92%

Section: Type Inferencementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Low-level liquid types

2010

Self Cite

View full text Add to dashboard Cite

show abstract

“…There are several studies [5,10,11,21,[24][25][26][27][28] that aim to infer dependent types for higher-order programs with recursive data structures. Rondon et al's liquid type inference [11,21] is a semi-automated verification method that requires users to provide templates of predicates, called logical qualifiers.…”

Section: Verification Of Higher-order Programs With Recursive Data Stmentioning

confidence: 99%

Towards a scalable software model checker for higher-order programs

Satô

Unno

Kobayashi

2013

Proceedings of the ACM SIGPLAN 2013 Workshop on Partial Evaluation and Program Manipulation

View full text Add to dashboard Cite

In our recent paper, we have shown how to construct a fullyautomated program verification tool (so called a "software model checker") for a tiny subset of functional language ML, by combining higher-order model checking, predicate abstraction, and CE-GAR. This can be viewed as a higher-order counterpart of previous software model checkers for imperative languages like BLAST and SLAM. The naïve application of the proposed approach, however, suffered from scalability problems, both in terms of efficiency and supported language features. To obtain more scalable software model checkers for full-scale functional languages, we propose a series of optimizations and extensions of the previous approach. Among others, we introduce (i) selective CPS transformation, (ii) selective predicate abstraction, and (iii) refined predicate discovery as optimization techniques; and propose (iv) functional encoding of recursive data structures and control operations to support a larger subset of ML. We have implemented the proposed methods, and obtained promising results.

show abstract

A Decidable Logic for Tree Data-Structures with Measurements

Qiu

Wang

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Type-based data structure verification

Cited by 68 publications

References 19 publications

Low-level liquid types

Low-level liquid types

Towards a scalable software model checker for higher-order programs

A Decidable Logic for Tree Data-Structures with Measurements

Contact Info

Product

Resources

About