research-article

Low-level liquid types

Authors:

Patrick Maxim Rondon,

Ming Kawaguchi,

Ranjit JhalaAuthors Info & Claims

POPL '10: Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages

Pages 131 - 144

https://doi.org/10.1145/1706299.1706316

Published: 17 January 2010 Publication History

Abstract

We present Low-Level Liquid Types , a refinement type system for C based on Liquid Types . Low-Level Liquid Types combine refinement types with three key elements to automate verification of critical safety properties of low-level programs: First, by associating refinement types with individual heap locations and precisely tracking the locations referenced by pointers, our system is able to reason about complex invariants of in-memory data structures and sophisticated uses of pointer arithmetic. Second, by adding constructs which allow strong updates to the types of heap locations, even in the presence of aliasing, our system is able to verify properties of in-memory data structures in spite of temporary invariant violations. By using this strong update mechanism, our system is able to verify the correct initialization of newly-allocated regions of memory. Third, by using the abstract interpretation framework of Liquid Types, we are able to use refinement type inference to automatically verify important safety properties without imposing an onerous annotation burden. We have implemented our approach in CSOLVE, a tool for Low-Level Liquid Type inference for C programs. We demonstrate through several examples that CSOLVE is able to precisely infer complex invariants required to verify important safety properties, like the absence of array bounds violations and null-dereferences, with a minimal annotation overhead.

References

[1]

Amal Ahmed, Matthew Fluet, and Greg Morrisett. L3: A linear language with locations. Fundam. Inf., 77(4):397--449, 2007.

Digital Library

[2]

Alex Aiken, Jeffrey S. Foster, John Kodumal, and Tachio Terauchi. Checking and inferring local non-aliasing. In PLDI, pages 129--140, New York, NY, USA, 2003. ACM.

Digital Library

[3]

T. Ball and S. K. Rajamani. The SLAM project: debugging system software via static analysis. In POPL. ACM, 2002.

Digital Library

[4]

J. Bengtson, K. Bhargavan, C. Fournet, A. D. Gordon, and S. Maffeis. Refinement types for secure implementations. In CSF, 2008.

Digital Library

[5]

B. Blanchet, P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Mine, D. Monniaux, and X. Rival. A static analyzer for large safety-critical software. In PLDI, pages 196--207. ACM, 2003.

Digital Library

[6]

C. Calcagno, D. Distefano, P. W. O'Hearn, and H. Yang. Compositional shape analysis by means of bi-abduction. In POPL, 2009.

Digital Library

[7]

S. Chaki, J. Ouaknine, K. Yorav, and E.M. Clarke. Automated compositional abstraction refinement for concurrent C programs: A two-level approach. In SoftMC, 2003.

[8]

B. E. Chang and X. Rival. Relational inductive shape analysis. In POPL, pages 247--260, 2008.

Digital Library

[9]

J. Condit, B. Hackett, S. Lahiri, and S. Qadeer. Unifying type checking and property checking for low-level code. In POPL, 2009.

Digital Library

[10]

J. Condit, M. Harren, Z. Anderson, D. Gay, and G. C. Necula. Dependent types for low-level programming. In ESOP, 2007.

Digital Library

[11]

J. Condit, M. Harren, S. McPeak, G. Necula, and W. Weimer. Ccured in the real world. In PLDI, pages 232--244, 2003.

Digital Library

[12]

M. Fahndrich and R. DeLine. Adoption and focus: Practical linear types for imperative programming. In PLDI. ACM, 2002.

Digital Library

[13]

J-C. Filliâtre and C. Marché. The why/krakatoa/caduceus platform for deductive program verification. In CAV, 2007.

Digital Library

[14]

C. Flanagan. Hybrid type checking. In POPL. ACM, 2006.

Digital Library

[15]

C. Flanagan, K.R.M. Leino, M. Lillibridge, G. Nelson, J. B. Saxe, and R. Stata. Extended static checking for Java. In PLDI, 2002.

Digital Library

[16]

J.S. Foster, T. Terauchi, and A. Aiken. Flow-sensitive type qualifiers. In PLDI, pages 1--12. ACM, 2002.

Digital Library

[17]

T.A. Henzinger, R. Jhala, R. Majumdar, and K.L. McMillan. Abstractions from proofs. In POPL 04. ACM, 2004.

Digital Library

[18]

H. Jain, F. Ivancic, A. Gupta, I. Shlyakhter, and C. Wang. Using statically computed invariants inside the predicate abstraction and refinement loop. In CAV, pages 137--151, 2006.

Digital Library

[19]

JOS. Jos: An operating system kernel. http://pdos.csail.mit.edu/6.828/2005/overview.html.

[20]

M. Kawaguchi, P. Rondon, and R. Jhala. Type-based data structure verification. In PLDI, pages 304--315, 2009.

Digital Library

[21]

C. Lee, M. Potkonjak, and W. H. Mangione-Smith. Mediabench: A tool for evaluating and synthesizing multimedia and communicatons systems. In MICRO, 1997.

Digital Library

[22]

T. Lev-Ami and S. Sagiv. TVLA: A system for implementing static analyses. In SAS, LNCS 1824, pages 280--301. Springer, 2000.

Digital Library

[23]

A. Nanevski, G. Morrisett, A. Shinnar, P. Govereau, and L. Birkedal. Ynot: Reasoning with the awkward squad. In ICFP, 2008.

Digital Library

[24]

H. H. Nguyen, C. David, S. Qin, and W-N. Chin. Automated verification of shape and size properties via separation logic. In VMCAI, 2007.

Digital Library

[25]

X. Ou, G. Tan, Y. Mandelbaum, and D. Walker. Dynamic typing with dependent types. In IFIP TCS, pages 437--450, 2004.

[26]

The GNU Project. GNU coreutils. http://www.gnu.org/.

[27]

Z. Rakamaric, J. D. Bingham, and A. J. Hu. An inference-rule-based decision procedure for verification of heap-manipulating programs with mutable data and cyclic data structures. In VMCAI, 2007.

Digital Library

[28]

P. Rondon, M. Kawaguchi, and R. Jhala. Low-level liquid types: Technical report. http://pho.ucsd.edu/liquid.

[29]

P. Rondon, M. Kawaguchi, and R. Jhala. Liquid types. In PLDI, 2008.

Digital Library

[30]

D. Walker and J.G. Morrisett. Alias types for recursive data structures. In Types in Compilation 2000, pages 177--206. Springer-Verlag, 2000.

Digital Library

[31]

R. P. Wilson and M. S. Lam. Efficient context-sensitive pointer analysis for c programs. In PLDI, 1995.

Digital Library

[32]

H. Xi and F. Pfenning. Dependent types in practical programming. In POPL, pages 214--227, 1999.

Digital Library

[33]

Y. Xie and A. Aiken. Scalable error detection using boolean satisfiability. In POPL, pages 351--363, 2005.

Digital Library

[34]

K. Zee, V. Kuncak, and M. C. Rinard. Full functional verification of linked data structures. In PLDI, pages 349--361, 2008.

Digital Library

[35]

D. Zhu and H. Xi. Safe programming with pointers through stateful views. In PADL, pages 83--97. Springer, 2005.

Digital Library

Cited By

Simonnet JLemerre MSighireanu M(2024)A Dependent Nominal Physical Type System for Static Analysis of Memory in Low Level CodeProceedings of the ACM on Programming Languages10.1145/36897128:OOPSLA2(30-59)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689712
Spies SGäher LSammler MDreyer D(2024)Quiver: Guided Abductive Inference of Separation Logic Specifications in CoqProceedings of the ACM on Programming Languages10.1145/36564138:PLDI(889-913)Online publication date: 20-Jun-2024
https://dl.acm.org/doi/10.1145/3656413
Tanaka ISakayori KKobayashi NKeller GWang M(2024)Ownership Types for Verification of Programs with Pointer ArithmeticProceedings of the 2024 ACM SIGPLAN International Workshop on Partial Evaluation and Program Manipulation10.1145/3635800.3636965(94-106)Online publication date: 11-Jan-2024
https://dl.acm.org/doi/10.1145/3635800.3636965
Show More Cited By

Index Terms

Low-level liquid types

Recommendations

Liquid types
PLDI '08: Proceedings of the 29th ACM SIGPLAN Conference on Programming Language Design and Implementation

We present Logically Qualified Data Types, abbreviated to Liquid Types, a system that combines Hindley-Milner type inference with Predicate Abstraction to automatically infer dependent types precise enough to prove a variety of safety properties. Liquid ...
Low-level liquid types
POPL '10

We present Low-Level Liquid Types , a refinement type system for C based on Liquid Types . Low-Level Liquid Types combine refinement types with three key elements to automate verification of critical safety properties of low-level programs: First, by ...
Liquid types
PLDI '08

We present Logically Qualified Data Types, abbreviated to Liquid Types, a system that combines Hindley-Milner type inference with Predicate Abstraction to automatically infer dependent types precise enough to prove a variety of safety properties. Liquid ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

POPL '10: Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages

January 2010

520 pages

ISBN:9781605584799

DOI:10.1145/1706299

General Chair:
Manuel Hermenegildo
IMDEA-Software and T.U. of Madrid, Spain
,
Program Chair:
Jens Palsberg
UCLA, University of California, Los Angeles

ACM SIGPLAN Notices Volume 45, Issue 1
POPL '10
January 2010
500 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/1707801
Issue’s Table of Contents

Copyright © 2010 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGPLAN: ACM Special Interest Group on Programming Languages

In-Cooperation

SIGACT: ACM Special Interest Group on Algorithms and Computation Theory

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 January 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

POPL '10

Sponsor:

SIGPLAN

POPL '10: The 37th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages

January 17 - 23, 2010

Madrid, Spain

Acceptance Rates

Overall Acceptance Rate 824 of 4,130 submissions, 20%

Upcoming Conference

POPL '25

Sponsor:
sigplan

The 52nd Annual ACM SIGPLAN Symposium on Principles of Programming Languages

January 19 - 25, 2025

Denver , CO , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

69
Total Citations
View Citations
533
Total Downloads

Downloads (Last 12 months)30
Downloads (Last 6 weeks)1

Reflects downloads up to 12 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Simonnet JLemerre MSighireanu M(2024)A Dependent Nominal Physical Type System for Static Analysis of Memory in Low Level CodeProceedings of the ACM on Programming Languages10.1145/36897128:OOPSLA2(30-59)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689712
Spies SGäher LSammler MDreyer D(2024)Quiver: Guided Abductive Inference of Separation Logic Specifications in CoqProceedings of the ACM on Programming Languages10.1145/36564138:PLDI(889-913)Online publication date: 20-Jun-2024
https://dl.acm.org/doi/10.1145/3656413
Tanaka ISakayori KKobayashi NKeller GWang M(2024)Ownership Types for Verification of Programs with Pointer ArithmeticProceedings of the 2024 ACM SIGPLAN International Workshop on Partial Evaluation and Program Manipulation10.1145/3635800.3636965(94-106)Online publication date: 11-Jan-2024
https://dl.acm.org/doi/10.1145/3635800.3636965
Geller AFrank JBowman W(2024)Indexed Types for a Statically Safe WebAssemblyProceedings of the ACM on Programming Languages10.1145/36329228:POPL(2395-2424)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632922
Luo FLuo RChen TQiao AHe ZSong SJiang YLi SRoychoudhury APaiva AAbreu RStorey M(2024)SCVHunter: Smart Contract Vulnerability Detection Based on Heterogeneous Graph Attention NetworkProceedings of the IEEE/ACM 46th International Conference on Software Engineering10.1145/3597503.3639213(1-13)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3597503.3639213
Liu JKretz ILiu HTan BWang JSun YPearson LMiltner ADillig IFeng Y(2024)Certifying Zero-Knowledge Circuits with Refinement Types2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00078(1741-1759)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00078
Lemerre MRival XNicole OIllous H(2024)Advanced Memory and Shape AnalysesGuide to Software Verification with Frama-C10.1007/978-3-031-55608-1_11(487-520)Online publication date: 10-Jul-2024
https://doi.org/10.1007/978-3-031-55608-1_11
Saffrich HThiemann P(2023)Polymorphic Typestate for Session TypesProceedings of the 25th International Symposium on Principles and Practice of Declarative Programming10.1145/3610612.3610624(1-15)Online publication date: 22-Oct-2023
https://dl.acm.org/doi/10.1145/3610612.3610624
Lehmann NGeller AVazou NJhala R(2023)Flux: Liquid Types for RustProceedings of the ACM on Programming Languages10.1145/35912837:PLDI(1533-1557)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3591283
Müller KEngel CLoitsch CStiefelhagen RWeber G(2022)Traveling More Independently: A Study on the Diverse Needs and Challenges of People with Visual or Mobility Impairments in Unfamiliar Indoor EnvironmentsACM Transactions on Accessible Computing10.1145/351425515:2(1-44)Online publication date: 19-May-2022
https://dl.acm.org/doi/10.1145/3514255
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents