Abstract
Type systems and model checking are two prevalent approaches to program verification. A prominent difference between them is that type systems are typically defined in a syntactic and modular style whereas model checking is usually performed in a semantic and whole-program style. This difference between the two approaches makes them complementary to each other: type systems are good at explaining why a program was accepted while model checkers are good at explaining why a program was rejected.
We present a type system that is equivalent to a model checker for verifying temporal safety properties of imperative programs. The model checker is natural and may be instantiated with any finite-state abstraction scheme such as predicate abstraction. The type system, which is also parametric, type checks exactly those programs that are accepted by the model checker. It uses a variant of function types to capture flow sensitivity and intersection and union types to capture context sensitivity. Our result sheds light on the relationship between type systems and model checking, provides a methodology for studying their relative expressiveness, is a step towards sharing results between the two approaches, and motivates synergistic program analyses involving interplay between them.
- Amadio, R. M. and Cardelli, L. 1993. Subtyping recursive types. ACM Trans. Program. Lang. Syst. 15, 4, 575--631. Google ScholarDigital Library
- Amtoft, T. and Turbak, F. 2000. Faithful translations between polyvariant flows and polymorphic types. In Proceedings of the 14th European Symposium on Programming. Springer, 26--40. Google ScholarDigital Library
- Ball, T. and Rajamani, S. 2002. The SLAM project: Debugging system software via static analysis. In Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM Press, 1--3. Google ScholarDigital Library
- Banerjee, A. 1997. A modular, polyvariant and type-based closure analysis. In Proceedings of the 2nd ACM SIGPLAN International Conf. on Functional Programming. ACM Press, 1--10. Google ScholarDigital Library
- Beaven, M. and Stansifer, R. 1993. Explaining type errors in polymorphic languages. ACM Lett. on Program. Lang. Syst. 2, 1-4, 17--30. Google ScholarDigital Library
- Brylow, D. and Palsberg, J. 2004. Deadline analysis of interrupt-driven software. IEEE Trans. Soft. Engin. 30, 10, 634--655. Google ScholarDigital Library
- Chaki, S., Clarke, E. M., Groce, A., Jha, S., and Veith, H. 2003. Modular verification of software components in C. In Proceedings of the 25th International on Software Engineering. IEEE Computer Society Press, 385--395. Google ScholarDigital Library
- Chaki, S., Rajamani, S. K., and Rehof, J. 2002. Types as models: Model checking message-passing programs. In Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM Press, 45--57. Google ScholarDigital Library
- Chatterjee, K., Ma, D., Majumdar, R., Zhao, T., Henzinger, T. A., and Palsberg, J. 2004. Stack size analysis of interrupt driven software. Inform. Comput. 194, 2, 144--174.Google ScholarDigital Library
- Chitil, O. 2001. Compositional explanation of types and algorithmic debugging of type errors. In Proceedings of the 6th ACM SIGPLAN International Conference on Functional Programming. 193--204. Google ScholarDigital Library
- Cousot, P. 1997. Types as abstract interpretations. In Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM Press, 316--331. Google ScholarDigital Library
- Cousot, P. and Cousot, R. 2000. Temporal abstract interpretation. In Proceedings of the 27th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM Press, 12--25. Google ScholarDigital Library
- Debbabi, M., Benzakour, A., and Ktari, B. 1999. A synergy between model-checking and type inference for the verification of value-passing higher-order processes. In Proceedings of the 7th International Conference on Algebraic Methodology and Software Technology. Springer, 214--230. Google ScholarDigital Library
- DeLine, R. and Fahndrich, M. 2001. Enforcing high-level protocols in low-level software. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation. ACM Press, 59--69. Google ScholarDigital Library
- Duggan, D. and Bent, F. 1996. Explaining type inference. Sci. Comput. Program. 27, 1, 37--83. Google ScholarDigital Library
- Flanagan, C. and Freund, S. N. 2004. Type inference against races. Sci. Comput. Program. 64, 1, 140--165. Google ScholarDigital Library
- Flanagan, C., Freund, S. N., and Lifshin, M. 2005. Type inference for atomicity. In Proceedings of the ACM SIGPLAN Workshop on Types in Language Design and Implementation. ACM Press, 47--58. Google ScholarDigital Library
- Foster, J. S., Terauchi, T., and Aiken, A. 2002. Flow-sensitive type qualifiers. In Proceedings of the 2002 ACM SIGPLAN Conference on Programming Language Design and Implementation. ACM Press, 1--12. Google ScholarDigital Library
- Graf, S. and Saidi, H. 1997. Construction of abstract state graphs with PVS. In Proceedings of the 9th International Conference on Computer-Aided Verification. Springer, 72--83. Google ScholarDigital Library
- Haack, C. and Wells, J. B. 2003. Type error slicing in implicitly typed higher-order languages. In Proceedings of the 12th European Symposium on Programming. Springer, 284--301. Google ScholarDigital Library
- Heintze, N. 1995. Control-flow analysis and type systems. In Proceedings of the 2nd International Symposium on Static Analysis. Springer, 189--206. Google ScholarDigital Library
- Henzinger, T. A., Jhala, R., Majumdar, R., Necula, G. C., Sutre, G., and Weimer, W. 2002. Temporal-safety proofs for systems code. In Proceedings of the 14th International Conference on Computer-Aided Verification. Springer, 526--538. Google ScholarDigital Library
- Henzinger, T. A., Jhala, R., Majumdar, R., and Sutre, G. 2003. Software verification with Blast. In Proceedings of the 10th International SPIN Workshop on Model Checking Software. Springer, 235--239. Google ScholarDigital Library
- Igarashi, A. and Kobayashi, N. 2002. Resource usage analysis. In Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM Press, 331--342. Google ScholarDigital Library
- Johnson, G. F. and Walz, J. A. 1986. A maximium flow approach to anomaly isolation in unification-based incremental type inference. In Proceedings of the 13th ACM Symposium on Principles of Programming Languages. ACM Press, 44--57. Google ScholarDigital Library
- Lerner, B., Flower, M., Grossman, D., and Chambers, C. 2007. Searching for type-error messages. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation. ACM Press, 425--434. Google ScholarDigital Library
- Ma, D. 2004. Bounding the stack size of interrupt-driven programs. Ph.D. thesis, Purdue University. Google ScholarDigital Library
- Mandelbaum, Y., Walker, D., and Harper, R. 2003. An effective theory of type refinements. In Proceedings of the 8th ACM SIGPLAN International Conference on Functional Programming. ACM Press, 213--225. Google ScholarDigital Library
- Milner, R. 1978. A theory of type polymorphism in programming. J. Comput. Syst. Sci. 17, 348--375.Google ScholarCross Ref
- Mossin, C. 1997. Exact flow analysis. In Proceedings of the 4th International Symposium on Static Analysis. Springer, 250--264. Google ScholarDigital Library
- Naik, M. 2004. A type system equivalent to a model checker. M.S. thesis, Purdue University.Google Scholar
- Namjoshi, K. S. 2001. Certifying model checkers. In Proceedings of the 13th International Conference on Computer-Aided Verification. Springer, 2--12. Google ScholarDigital Library
- Namjoshi, K. S. 2003. Lifting temporal proofs through abstractions. In Proceedings of the 14th International Conference on Verification, Model Checking, and Abstract Interpretation. Springer, 174--188. Google ScholarDigital Library
- Palsberg, J. 1998. Equality-based flow analysis versus recursive types. ACM Trans. Program. Lang. Syst. 20, 6, 1251--1264. Google ScholarDigital Library
- Palsberg, J. and Ma, D. 2002. A typed interrupt calculus. In Proceedings of the 7th International Symposium on Formal Techniques in Real-Time and Fault Tolerant Systems. Springer, 291--310. Google ScholarDigital Library
- Palsberg, J. and O'Keefe, P. M. 1995. A type system equivalent to flow analysis. ACM Trans. Program. Lang. Syst. 17, 4, 576--599. Google ScholarDigital Library
- Palsberg, J. and Pavlopoulou, C. 2001. From polyvariant flow information to intersection and union types. J. Funct. Program. 11, 3, 263--317. Google ScholarDigital Library
- Palsberg, J. and Smith, S. 1996. Constrained types and their expressiveness. ACM Transactions Program. Lang. Syst. 18, 5, 519--527. Google ScholarDigital Library
- Peled, D., Pnueli, A., and Zuck, L. D. 2001. From falsification to verification. In Proceedings of the 21st Conference on Foundations of Software Technology and Theoretical Computer Science. Springer, 292--304. Google ScholarDigital Library
- Peled, D. and Zuck, L. D. 2001. From model checking to a temporal proof. In Proceedings of the 8th International SPIN Workshop on Model Checking Software. Springer, 1--14. Google ScholarDigital Library
- Schmidt, D. and Steffen, B. 1998. Program analysis as model checking of abstract interpretations. In Proceedings of the 5th International Symposium on Static Analysis. Springer, 351--380.Google Scholar
- Schmidt, D. A. 1998. Data flow analysis is model checking of abstract interpretations. In Proceedings of the 25th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM Press, 38--48. Google ScholarDigital Library
- Steffen, B. 1991. Data flow analysis as model checking. In Proceedings of Theoretical Aspects of Computer Science. Springer, 346--364. Google ScholarDigital Library
- Tan, L. and Cleaveland, R. 2002. Evidence-based model checking. In Proceedings of the 14th International Conference on Computer-Aided Verification. Springer, 455--470. Google ScholarDigital Library
- Tip, F. and Dinesh, T. B. 2001. A slicing-based approach for locating type errors. ACM Trans. Soft. Engin. Method. 10, 1 , 5--55. Google ScholarDigital Library
- Walker, D. and Morrisett, G. 2001. Alias types for recursive data structures. In Proceedings of the 3rd International Workshop on Types in Compilation. Springer, 177--206. Google ScholarDigital Library
- Wand, M. 1986. Finding the source of type errors. In Proceedings of the 13th ACM Symposium on Principles of Programming Languages. ACM Press, 38--43. Google ScholarDigital Library
- Xi, H. 2000. Imperative programming with dependent types. In Proceedings of the 15th IEEE Symposium on Logic in Computer Science. IEEE Computer Society Press, 375--387. Google ScholarDigital Library
Index Terms
- A type system equivalent to a model checker
Recommendations
The software model checker Blast: Applications to software engineering
Blast is an automatic verification tool for checking temporal safety properties of C programs. Given a C program and a temporal safety property, Blast either statically proves that the program satisfies the safety property, or provides an execution path ...
The software model checker Blast
Blast is an automatic verification tool for checking temporal safety properties of C programs. Given a C program and a temporal safety property, Blast either statically proves that the program satisfies the safety property, or provides an execution path ...
A type system equivalent to a model checker
ESOP'05: Proceedings of the 14th European conference on Programming Languages and SystemsType systems and model checking are two prevalent approaches to program verification. A prominent difference between them is that type systems are typically defined in a syntactic and modular style whereas model checking is usually performed in a ...
Comments