Soft contract verification for higher-order stateful programs

Nguyen, Phuc H.; Gilray, Thomas; Tobin-Hochstadt, Sam; Horn, David Van

doi:10.1145/3158139

Cited by 10 publications

(23 citation statements)

References 65 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We then show an optimizer which soundly removes contracts based on the results of SCV, whose soundness follows directly from the theorems of [Nguyễn et al 2018]. While this model is simple, it demonstrates the essential ideas behind our approach, and shows how the correctness of our optimizer can be derived directly from the soundness of the underlying tools.…”

Section: A Model Of Optimized Gradual Typingmentioning

confidence: 95%

“…Building on a sound and precise higher-order symbolic execution system for a large subset of Racket [Nguyễn et al 2018], SCV-CR eliminates almost all of the contracts generated by Typed Racket across a dozen preexisting benchmarks [Greenman et al 2019]. As shown in Figure 1, after our optimizations, almost no performance overhead remains, despite the presence of catastrophic overhead even in some simple benchmarks we study.…”

Section: Static Verification To Avoid Dynamic Costsmentioning

confidence: 99%

“…We begin with an example-driven overview of how contract verification can eliminate gradual typing dynamic checks ( §2). Next, we formalize our ideas ( §3) in a simple gradually typed language of modules and functions, which compiles to the language of contracts considered by Nguyễn et al [2018], and show how the soundness of our optimizer is a corrollary of the soundness result for their symbolic executor. Then, we describe the implementation ( §4), including integration with Typed Racket, use of an existing symbolic execution engine, and subsequent optimization.…”

Section: Contributions This Paper Contributesmentioning

confidence: 99%

“…Verification of main involves approximating arbitrary interactions with it through symbolic execution. If main is blame-free during symbolic execution, it must also be blame-free in any concrete execution, by the soundness of higher-order symbolic execution [Nguyễn et al 2018].…”

Section: Contract Verificationmentioning

confidence: 99%

“…We assume the operational semantics of Con programs as given by [Nguyễn et al 2018]. Informally, the example program computes as follows, resulting in the blaming of u2 for violating the type of t1:…”

Section: Translating Types To Contractsmentioning

confidence: 99%

See 4 more Smart Citations

Corpse reviver: sound and efficient gradual typing via contract verification

Moy

Nguyen

Tobin-Hochstadt

et al. 2021

Proc. ACM Program. Lang.

Self Cite

View full text Add to dashboard Cite

Gradually typed programming languages permit the incremental addition of static types to untyped programs. To remain sound, languages insert run-time checks at the boundaries between typed and untyped code. Unfortunately, performance studies have shown that the overhead of these checks can be disastrously high, calling into question the viability of sound gradual typing. In this paper, we show that by building on existing work on soft contract verification, we can reduce or eliminate this overhead. Our key insight is that while untyped code cannot be trusted by a gradual type system, there is no need to consider only the worst case when optimizing a gradually typed program. Instead, we statically analyze the untyped portions of a gradually typed program to prove that almost all of the dynamic checks implied by gradual type boundaries cannot fail, and can be eliminated at compile time. Our analysis is modular, and can be applied to any portion of a program. We evaluate this approach on a dozen existing gradually typed programs previously shown to have prohibitive performance overhead—with a median overhead of 2.5× and up to 80.6× in the worst case—and eliminate all overhead in most cases, suffering only 1.5× overhead in the worst case.

show abstract

Section: A Model Of Optimized Gradual Typingmentioning

confidence: 95%

Section: Static Verification To Avoid Dynamic Costsmentioning

confidence: 99%

Section: Contributions This Paper Contributesmentioning

confidence: 99%

Section: Contract Verificationmentioning

confidence: 99%

Section: Translating Types To Contractsmentioning

confidence: 99%

See 3 more Smart Citations

Corpse reviver: sound and efficient gradual typing via contract verification

Moy

Nguyen

Tobin-Hochstadt

et al. 2021

Proc. ACM Program. Lang.

Self Cite

View full text Add to dashboard Cite

show abstract

Effect-Driven Flow Analysis

Nicolay

Stiévenart

Meuter

et al. 2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Traditional machine-based static analyses use a worklist algorithm to explore the analysis state space, and compare each state in the worklist against a set of seen states as part of their fixed-point computation. This may require many state comparisons, which gives rise to a computational overhead. Even an analysis with a global store has to clear its set of seen states each time the store updates because of allocation or side-effects, which results in more states being reanalyzed and compared. In this work we present a static analysis technique, Modf, that does not rely on a set of seen states, and apply it to a machine-based analysis with global-store widening. Modf analyzes one function execution at a time to completion while tracking read, write, and call effects. These effects trigger the analysis of other function executions, and the analysis terminates when no new effects can be discovered. We compared Modf to a traditional machine-based analysis implementation on a set of 20 benchmark programs and found that Modf is faster for 17 programs with speedups ranging between 1.4x and 12.3x. Furthermore, Modf exhibits similar precision as the traditional analysis on most programs and yields state graphs that are comparable in size.

show abstract

Trace contracts

MOY,

FELLEISEN

2023

J. Funct. Prog.

View full text Add to dashboard Cite

Behavioral software contracts allow programmers to strengthen the obligations and promises that they express with conventional types. They lack expressive power, though, when it comes to invariants that hold across several function calls. Trace contracts narrow this expressiveness gap. A trace contract is a predicate over the sequence of values that flow through function calls and returns. This paper presents a principled design, an implementation, and an evaluation of trace contracts.

show abstract

Soft contract verification for higher-order stateful programs

Cited by 10 publications

References 65 publications

Corpse reviver: sound and efficient gradual typing via contract verification

Corpse reviver: sound and efficient gradual typing via contract verification

Effect-Driven Flow Analysis

Trace contracts

Contact Info

Product

Resources

About