The C language is the dominant language for writing systems software, but it permits large classes of programming errors that could be prevented with a more modern language. Unfortunately, it is impractical to simply rewrite all of our existing software; rather, we must focus on a transition path to a more reliable systems programming language. As the first step in an incremental transition to a new language, we must allow programmers to annotate higher-level idioms typically used by C programmers, such as bounded pointers and tagged unions.
This thesis presents Deputy, a dependent type framework that allows programmers to annotate existing C code with more refined types. In particular, dependent types allow programmers to relate multiple state elements, such as a pointer and its bounds, or a union and its tag. In doing so, we address several technical hurdles involved with dependent types. First, we address the issue of mutation in the presence of dependencies by using insights from axiomatic semantics. Second, we handle the problem of undecidability by using run-time checks where necessary. Third, we address usability challenges with a novel inference mechanism called automatic dependencies.
Once this framework is established, we show how it can be instantiated to support the dependent types required by modern systems code. In addition, we discuss several real-world applications of Deputy, including small and medium-size benchmarks as well as the Linux kernel itself. These benchmarks allow us to evaluate Deputy's annotation burden and performance in the context of real-world code.
Title
Dependent Types for Safe Systems Software
Published
2007-09-19
Full Collection Name
Electrical Engineering & Computer Sciences Technical Reports
Other Identifiers
EECS-2007-117
Type
Text
Extent
146 p
Archive
The Engineering Library
Usage Statement
Researchers may make free and open use of the UC Berkeley Library’s digitized public domain materials. However, some materials in our online collections may be protected by U.S. copyright law (Title 17, U.S.C.). Use or reproduction of materials protected by copyright beyond that allowed by fair use (Title 17, U.S.C. § 107) requires permission from the copyright owners. The use or reproduction of some materials may also be restricted by terms of University of California gift or purchase agreements, privacy and publicity rights, or trademark law. Responsibility for determining rights status and permissibility of any use or reproduction rests exclusively with the researcher. To learn more or make inquiries, please see our permissions policies (https://www.lib.berkeley.edu/about/permissions-policies).
