1,345 research outputs found
Interacting via the Heap in the Presence of Recursion
Almost all modern imperative programming languages include operations for
dynamically manipulating the heap, for example by allocating and deallocating
objects, and by updating reference fields. In the presence of recursive
procedures and local variables the interactions of a program with the heap can
become rather complex, as an unbounded number of objects can be allocated
either on the call stack using local variables, or, anonymously, on the heap
using reference fields. As such a static analysis is, in general, undecidable.
In this paper we study the verification of recursive programs with unbounded
allocation of objects, in a simple imperative language for heap manipulation.
We present an improved semantics for this language, using an abstraction that
is precise. For any program with a bounded visible heap, meaning that the
number of objects reachable from variables at any point of execution is
bounded, this abstraction is a finitary representation of its behaviour, even
though an unbounded number of objects can appear in the state. As a
consequence, for such programs model checking is decidable.
Finally we introduce a specification language for temporal properties of the
heap, and discuss model checking these properties against heap-manipulating
programs.Comment: In Proceedings ICE 2012, arXiv:1212.345
COSMICAH 2005: workshop on verification of COncurrent Systems with dynaMIC Allocated Heaps (a Satellite event of ICALP 2005) - Informal Proceedings
Lisboa Portugal, 10 July 200
A Notion of Dynamic Interface for Depth-Bounded Object-Oriented Packages
Programmers using software components have to follow protocols that specify
when it is legal to call particular methods with particular arguments. For
example, one cannot use an iterator over a set once the set has been changed
directly or through another iterator. We formalize the notion of dynamic
package interfaces (DPI), which generalize state-machine interfaces for single
objects, and give an algorithm to statically compute a sound abstraction of a
DPI. States of a DPI represent (unbounded) sets of heap configurations and
edges represent the effects of method calls on the heap. We introduce a novel
heap abstract domain based on depth-bounded systems to deal with potentially
unboundedly many objects and the references among them. We have implemented our
algorithm and show that it is effective in computing representations of common
patterns of package usage, such as relationships between viewer and label,
container and iterator, and JDBC statements and cursors
PLACES'10: The 3rd Workshop on Programmng Language Approaches to concurrency and Communication-Centric Software
Paphos, Cyprus. March 201
Dynamic Package Interfaces - Extended Version
A hallmark of object-oriented programming is the ability to perform
computation through a set of interacting objects. A common manifestation of
this style is the notion of a package, which groups a set of commonly used
classes together. A challenge in using a package is to ensure that a client
follows the implicit protocol of the package when calling its methods.
Violations of the protocol can cause a runtime error or latent invariant
violations. These protocols can extend across different, potentially
unboundedly many, objects, and are specified informally in the documentation.
As a result, ensuring that a client does not violate the protocol is hard.
We introduce dynamic package interfaces (DPI), a formalism to explicitly
capture the protocol of a package. The DPI of a package is a finite set of
rules that together specify how any set of interacting objects of the package
can evolve through method calls and under what conditions an error can happen.
We have developed a dynamic tool that automatically computes an approximation
of the DPI of a package, given a set of abstraction predicates. A key property
of DPI is that the unbounded number of configurations of objects of a package
are summarized finitely in an abstract domain. This uses the observation that
many packages behave monotonically: the semantics of a method call over a
configuration does not essentially change if more objects are added to the
configuration. We have exploited monotonicity and have devised heuristics to
obtain succinct yet general DPIs. We have used our tool to compute DPIs for
several commonly used Java packages with complex protocols, such as JDBC,
HashSet, and ArrayList.Comment: The only changes compared to v1 are improvements to the Abstract and
Introductio
A Survey of Symbolic Execution Techniques
Many security and software testing applications require checking whether
certain properties of a program hold for any possible usage scenario. For
instance, a tool for identifying software vulnerabilities may need to rule out
the existence of any backdoor to bypass a program's authentication. One
approach would be to test the program using different, possibly random inputs.
As the backdoor may only be hit for very specific program workloads, automated
exploration of the space of possible inputs is of the essence. Symbolic
execution provides an elegant solution to the problem, by systematically
exploring many possible execution paths at the same time without necessarily
requiring concrete inputs. Rather than taking on fully specified input values,
the technique abstractly represents them as symbols, resorting to constraint
solvers to construct actual instances that would cause property violations.
Symbolic execution has been incubated in dozens of tools developed over the
last four decades, leading to major practical breakthroughs in a number of
prominent software reliability applications. The goal of this survey is to
provide an overview of the main ideas, challenges, and solutions developed in
the area, distilling them for a broad audience.
The present survey has been accepted for publication at ACM Computing
Surveys. If you are considering citing this survey, we would appreciate if you
could use the following BibTeX entry: http://goo.gl/Hf5FvcComment: This is the authors pre-print copy. If you are considering citing
this survey, we would appreciate if you could use the following BibTeX entry:
http://goo.gl/Hf5Fv
Program verification with interacting analysis plugins
In this paper we propose and argue for a modular framework for interprocedural program analysis, where multiple program analysis tools are combined in order to exploit the particular advantages of each. This allows for âplugging togetherâ such tools as required by each verification task and makes it easy to integrate new analyses. Our framework automates the sharing of information between plugins using a first order logic with transitive closure, in a way inspired by the open product of Cortesi et al.. We describe a prototype implementation of our framework, which performs static assertion checking on a simple language for heap-manipulating programs. This implementation includes plugins for three existing approaches â predicate abstraction, 3-valued shape analysis and a decidable pointer analysis â and for a simple type system. We demonstrate through a detailed example the increase in precision that our approach can provide. Finally we discuss the design decisions we have taken, in particular the tradeoffs involved in the choice of language by which the plugins communicate, and identify some future directions for our work
Behavioral types in programming languages
A recent trend in programming language research is to use behav- ioral type theory to ensure various correctness properties of large- scale, communication-intensive systems. Behavioral types encompass concepts such as interfaces, communication protocols, contracts, and choreography. The successful application of behavioral types requires a solid understanding of several practical aspects, from their represen- tation in a concrete programming language, to their integration with other programming constructs such as methods and functions, to de- sign and monitoring methodologies that take behaviors into account. This survey provides an overview of the state of the art of these aspects, which we summarize as the pragmatics of behavioral types
Evaluating software verification systems: benchmarks and competitions
This report documents the program and the outcomes of Dagstuhl Seminar 14171 âEvaluating Software Verification Systems: Benchmarks and Competitionsâ. The seminar brought together a large group of current and future competition organizers and participants, benchmark maintainers, as well as practitioners and researchers interested in the topic. The seminar was conducted as a highly interactive event, with a wide spectrum of contributions from participants, including talks, tutorials, posters, tool demonstrations, hands-on sessions, and a live competition
- âŚ