Dependent Types for Low-Level Programming

  • Jeremy Condit
  • Matthew Harren
  • Zachary Anderson
  • David Gay
  • George C. Necula
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4421)


In this paper, we describe the key principles of a dependent type system for low-level imperative languages. The major contributions of this work are (1) a sound type system that combines dependent types and mutation for variables and for heap-allocated structures in a more flexible way than before and (2) a technique for automatically inferring dependent types for local variables. We have applied these general principles to design Deputy, a dependent type system for C that allows the user to describe bounded pointers and tagged unions. Deputy has been used to annotate and check a number of real-world C programs.


  1. 1.
    Anderson, Z.R.: Static analysis of C for hybrid type checking. Tech. Rep. EECS-2007-1, UC Berkeley (2007)Google Scholar
  2. 2.
    Augustsson, L.: Cayenne—a language with dependent types. In: ICFP’98 (1998)Google Scholar
  3. 3.
    Austin, T.M., Breach, S.E., Sohi, G.S.: Efficient detection of all pointer and array access errors. In: PLDI’94 (1994)Google Scholar
  4. 4.
    Carlisle, M.C.: Olden: Parallelizing Programs with Dynamic Data Structures on Distributed-Memory Machines. PhD thesis, Princeton University (June 1996)Google Scholar
  5. 5.
    Condit, J., et al.: Dependent types for low-level programming. Tech. Rep. EECS-2006-129, UC Berkeley (2006)Google Scholar
  6. 6.
    Dhurjati, D., Adve, V.: Backwards-compatible array bounds checking for C with very low overhead. In: ICSE’06 (2006)Google Scholar
  7. 7.
    Flanagan, C.: Hybrid type checking. In: POPL’06 (2006)Google Scholar
  8. 8.
    Hackett, B., et al.: Modular checking for buffer overflows in the large. In: ICSE’06 (2006)Google Scholar
  9. 9.
    Necula, G.C., Harren, M.: Using Dependent Types to Certify the Safety of Assembly Code. In: Hankin, C., Siveroni, I. (eds.) SAS 2005. LNCS, vol. 3672, pp. 155–170. Springer, Heidelberg (2005)Google Scholar
  10. 10.
    Hill, J., et al.: System architecture directions for networked sensors. In: ASPLOS’00 (2000),
  11. 11.
    Jim, T., et al.: Cyclone: A safe dialect of C. In: USENIX Annual Technical Conference (2002)Google Scholar
  12. 12.
    Lee, C., Potkonjak, M., Mangione-Smith, W.H.: MediaBench: A tool for evaluating and synthesizing multimedia and communicatons systems. In: International Symposium on Microarchitecture (1997)Google Scholar
  13. 13.
    Nanevski, A., Morrisett, G.: Dependent type theory of stateful higher-order functions. Tech. Rep. TR-24-05, Harvard University.Google Scholar
  14. 14.
    Necula, G.C., et al.: CCured: Type-safe retrofitting of legacy software. TOPLAS 27(3) (2005)Google Scholar
  15. 15.
    Necula, G.C., et al.: CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs. In: Horspool, R.N. (ed.) CC 2002 and ETAPS 2002. LNCS, vol. 2304, Springer, Heidelberg (2002)CrossRefGoogle Scholar
  16. 16.
    Ou, X., et al.: Dynamic typing with dependent types. In: IFIP Conference on Theoretical Computer Science (2004)Google Scholar
  17. 17.
    Siek, J.G., Taha, W.: Gradual typing for functional languages. In: Scheme and Functional Programming (2006)Google Scholar
  18. 18.
    SPEC: Standard Performance Evaluation Corporation Benchmarks (July 1995),
  19. 19.
    Xi, H.: Imperative programming with dependent types. In: LICS’00 (2000)Google Scholar
  20. 20.
    Xi, H., Pfenning, F.: Dependent types in practical programming. In: POPL’99 (1999)Google Scholar
  21. 21.
    Zhou, F., et al.: SafeDrive: Safe and recoverable extensions using language-based techniques. In: OSDI’06 (2006)Google Scholar

Copyright information

© Springer Berlin Heidelberg 2007

Authors and Affiliations

  • Jeremy Condit
    • 1
  • Matthew Harren
    • 1
  • Zachary Anderson
    • 1
  • David Gay
    • 2
  • George C. Necula
    • 1
  1. 1.University of California, Berkeley 
  2. 2.Intel Research, Berkeley 

Personalised recommendations