Affiliation:
1. BRICS, Department of Computer Science, University of Aarhus, Denmark
Abstract
We present a new framework for verifying partial specifications of programs in order to catch type and memory errors and check data structure invariants. Our technique can verify a large class of data structures, namely all those that can be expressed as
graph types
. Earlier versions were restricted to simple special cases such as lists or trees. Even so, our current implementation is as fast as the previous specialized tools.
Programs are annotated with partial specifications expressed in Pointer Assertion Logic, a new notation for expressing properties of the program store. We work in the logical tradition by encoding the programs and partial specifications as formulas in monadic second-order logic. Validity of these formulas is checked by the MONA tool, which also can provide explicit counterexamples to invalid formulas.
To make verification decidable, the technique requires explicit loop and function call invariants. In return, the technique is highly modular: every statement of a given program is analyzed only once.
The main target applications are safety-critical data-type algorithms, where the cost of annotating a program with invariants is justified by the value of being able to automatically verify complex properties of the program.
Publisher
Association for Computing Machinery (ACM)
Subject
Computer Graphics and Computer-Aided Design,Software
Reference38 articles.
1. Ten Years of Hoare's Logic: A Survey—Part I
2. Thomas
Ball
and
Sriram K.
Rajamani
.
Bebop: A symbolic model checker for boolean programs.In Proceedings of the SPIN Software Model Checking Workshop
volume
1885
of
LNCS 2000
.]] Thomas Ball and Sriram K. Rajamani. Bebop: A symbolic model checker for boolean programs.In Proceedings of the SPIN Software Model Checking Workshop volume 1885 of LNCS 2000.]]
Cited by
49 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献