248,770 research outputs found
A Relational Logic for Higher-Order Programs
Relational program verification is a variant of program verification where
one can reason about two programs and as a special case about two executions of
a single program on different inputs. Relational program verification can be
used for reasoning about a broad range of properties, including equivalence and
refinement, and specialized notions such as continuity, information flow
security or relative cost. In a higher-order setting, relational program
verification can be achieved using relational refinement type systems, a form
of refinement types where assertions have a relational interpretation.
Relational refinement type systems excel at relating structurally equivalent
terms but provide limited support for relating terms with very different
structures.
We present a logic, called Relational Higher Order Logic (RHOL), for proving
relational properties of a simply typed -calculus with inductive types
and recursive definitions. RHOL retains the type-directed flavour of relational
refinement type systems but achieves greater expressivity through rules which
simultaneously reason about the two terms as well as rules which only
contemplate one of the two terms. We show that RHOL has strong foundations, by
proving an equivalence with higher-order logic (HOL), and leverage this
equivalence to derive key meta-theoretical properties: subject reduction,
admissibility of a transitivity rule and set-theoretical soundness. Moreover,
we define sound embeddings for several existing relational type systems such as
relational refinement types and type systems for dependency analysis and
relative cost, and we verify examples that were out of reach of prior work.Comment: Submitted to ICFP 201
Predicate Abstraction for Linked Data Structures
We present Alias Refinement Types (ART), a new approach to the verification
of correctness properties of linked data structures. While there are many
techniques for checking that a heap-manipulating program adheres to its
specification, they often require that the programmer annotate the behavior of
each procedure, for example, in the form of loop invariants and pre- and
post-conditions. Predicate abstraction would be an attractive abstract domain
for performing invariant inference, existing techniques are not able to reason
about the heap with enough precision to verify functional properties of data
structure manipulating programs. In this paper, we propose a technique that
lifts predicate abstraction to the heap by factoring the analysis of data
structures into two orthogonal components: (1) Alias Types, which reason about
the physical shape of heap structures, and (2) Refinement Types, which use
simple predicates from an SMT decidable theory to capture the logical or
semantic properties of the structures. We prove ART sound by translating types
into separation logic assertions, thus translating typing derivations in ART
into separation logic proofs. We evaluate ART by implementing a tool that
performs type inference for an imperative language, and empirically show, using
a suite of data-structure benchmarks, that ART requires only 21% of the
annotations needed by other state-of-the-art verification techniques
Trust, but Verify: Two-Phase Typing for Dynamic Languages
A key challenge when statically typing so-called dynamic languages is the
ubiquity of value-based overloading, where a given function can dynamically
reflect upon and behave according to the types of its arguments. Thus, to
establish basic types, the analysis must reason precisely about values, but in
the presence of higher-order functions and polymorphism, this reasoning itself
can require basic types. In this paper we address this chicken-and-egg problem
by introducing the framework of two-phased typing. The first "trust" phase
performs classical, i.e. flow-, path- and value-insensitive type checking to
assign basic types to various program expressions. When the check inevitably
runs into "errors" due to value-insensitivity, it wraps problematic expressions
with DEAD-casts, which explicate the trust obligations that must be discharged
by the second phase. The second phase uses refinement typing, a flow- and
path-sensitive analysis, that decorates the first phase's types with logical
predicates to track value relationships and thereby verify the casts and
establish other correctness properties for dynamically typed languages
Better Inferred Types for JavaScript
This poster describes a paper for static analysis of JavaScript, which has proven useful for a variety of tools, including optimization, error checking, security auditing, program refactoring, and more. We propose a technique called type refinement that can improve the precision of such static analyses for JavaScript without any discernible performance impact. The essential idea behind refinement is to use the conditions in branch guards to refine the analysis information propagated along each branch path. The key insight of the paper is to recognize that JavaScript semantics include many implicit conditional checks on types, and that performing type refinement on these checks provides significant benefit for analysis precision.To demonstate the effectiveness of type refinement, we implement a static analysis tool for reporting potential type-errors in JavaScript programs as an example of analyses that can benefit from this idea. We provide an extensive empirical evaluation of type refinement using a benchmark suite containing a variety of JavaScript application domains, ranging from the standard performance benchmark suites (Sunspider and Octane), to open-source JavaScript applications, to machine-generated JavaScript via Emscripten. We show that type refinement can significantly improve analysis precision, upto 86%, without affecting the performance of the analysis
Property Types for Mutable Data Structures in Java
Property Types are a kind of user-defined refinement type about variables and fields in a program. They are verified by discharging as many properties as possible using a scalable type checker. The remaining assertions are forwarded to a less scalable but more powerful deductive verification tool. However, the design and implementation by Lanzinger et al. cannot function in the presence of aliasing and mutability. In this thesis, we find that property checking can be performed safely on mutable data structures provided exclusive mutable access to the referenced object, which we define as property-safety. We study different approaches to aliasing control, including uniqueness, ownership and permissions. Based on this research, we present the Exclusivity Type System, which can be used to check the property-safety of program variables and class fields. Using flow-sensitive type refinement, we develop Mutable Property Types, which can track changes in a variable’s property type over time. Impure methods can be annotated to specify how they change the Property Types of their receiver and arguments. We explain how the original Property Checker’s program translation can be adapted to include correct assertions about the pre- and post-types of each method. We present a prototypical implementation of the Exclusivity Checker for Java programs using the Checker Framework. Our work provides many insights into the nature of property type verification on mutable data structures and we devise the theoretical groundwork for performing this verification. To corroborate the reasonableness of the presented approach, we suggest a thorough analysis of our systems through formal proofs
Structural Analysis Using NX Nastran 9.0
NX Nastran is a powerful Finite Element Analysis (FEA) software package used to solve linear and non-linear models for structural and thermal systems. The software, which consists of both a solver and user interface, breaks down analysis into four files, each of which are important to the end results of the analysis. The software offers capabilities for a variety of types of analysis, and also contains a respectable modeling program. Over the course of ten weeks, I was trained to effectively implement NX Nastran into structural analysis and refinement for parts of two missions at NASA's Kennedy Space Center, the Restore mission and the Orion mission
Liquidate your assets: reasoning about resource usage in liquid Haskell
Liquid Haskell is an extension to the type system of Haskell that supports formal reasoning about program correctness by encoding logical properties as refinement types. In this article, we show how Liquid Haskell can also be used to reason about program efficiency in the same setting. We use the system’s existing verification machinery to ensure that the results of our cost analysis are valid, together with custom invariants for particular program contexts to ensure that the results of our analysis are precise. To illustrate our approach, we analyse the efficiency of a wide range of popular data structures and algorithms, and in doing so, explore various notions of resource usage. Our experience is that reasoning about efficiency in Liquid Haskell is often just as simple as reasoning about correctness, and that the two can naturally be combined
- …