K. Rustan M. Leino Microsoft Research Peter Müller ETH Zurich Angela Wallenburg Chalmers University.

Slides:



Advertisements
Similar presentations
Automatic verification of summations K. Rustan M. Leino IFIP WG 2.3 meeting 46 Sydney, Australia 11 January 2007.
Advertisements

1 Lecture 5 Towards a Verifying Compiler: Multithreading Wolfram Schulte Microsoft Research Formal Methods 2006 Race Conditions, Locks, Deadlocks, Invariants,
Verification of object-oriented programs with invariants Mike Barnett, Robert DeLine, Manuel Fahndrich, K. Rustan M. Leino, Wolfram Schulte Formal techniques.
Joint work with Mike Barnett, Robert DeLine, Manuel Fahndrich, and Wolfram Schulte Verifying invariants in object-oriented programs K. Rustan M. Leino.
The Spec# programming system K. Rustan M. Leino Microsoft Research, Redmond, WA, USA Lunch seminar, Praxis Bath, UK 6 Dec 2005 joint work with Mike Barnett,
Bor-Yuh Evan Chang Daan Leijen Peter Müller David A. Naumann The Spec# programming system Mike Barnett Rob DeLine Manuel Fähndrich Bart Jacobs K. Rustan.
Demand-driven inference of loop invariants in a theorem prover
Checking correctness properties of object-oriented programs K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 4 EEF summer school on Specification,
Object Invariants in Specification and Verification K. Rustan M. Leino Microsoft Research, Redmond, WA Joint work with: Mike Barnett, Ádám Darvas, Manuel.
Checking correctness properties of object-oriented programs K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 2 EEF summer school on Specification,
Writing specifications for object-oriented programs K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 21 Jan 2005 Invited talk, AIOOL 2005 Paris,
1 Towards a Verifying Compiler: The Spec# Approach Wolfram Schulte Microsoft Research Formal Methods 2006 Joint work with Rustan Leino, Mike Barnett, Manuel.
Program Verification Using the Spec# Programming System ETAPS Tutorial K. Rustan M. Leino, Microsoft Research, Redmond Rosemary Monahan, NUIM Maynooth.
Technologies for finding errors in object-oriented software K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 3 Summer school on Formal Models.
Spec# K. Rustan M. Leino Senior Researcher Programming Languages and Methods Microsoft Research, Redmond, WA, USA Microsoft Research faculty summit, Redmond,
Lecture 4 Towards a Verifying Compiler: Data Abstraction Wolfram Schulte Microsoft Research Formal Methods 2006 Purity, Model fields, Inconsistency _____________.
Challenges in increasing tool support for programming K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 23 Sep 2004 ICTAC Guiyang, Guizhou, PRC joint.
K. Rustan M. Leino Research in Software Engineering (RiSE) Microsoft Research, Redmond, WA, USA 15 January 2009 Séminaire Digiteo Orsay, France.
The Spec# programming system K. Rustan M. Leino Microsoft Research, Redmond, WA, USA Distinguished Lecture Series Max Planck Institute for Software Systems.
Constraint Semantics for Abstract Read Permissions 28 th July 2014, FTfJP, Uppsala John Tang Boyland (UW-Milwaukee/ETH Zurich) Peter Müller, Malte Schwerhoff,
Automated Software Verification with a Permission-Based Logic 20 th June 2014, Zürich Malte Schwerhoff, ETH Zürich.
Verification of Multithreaded Object- Oriented Programs with Invariants Bart Jacobs, K. Rustan M. Leino, Wolfram Schulte.
A simple sequential reasoning approach for sound modular verification of mainstream multithreaded programs Wolfram Schulte & Bart Jacobs Microsoft Research.
K. Rustan M. Leino Research in Software Engineering (RiSE) Microsoft Research, Redmond, WA, USA 3 December 2008 U. Lugano Lugano, Switzerland.
Inferring Object Invariants Bor-Yuh Evan ChangK. Rustan M. Leino University of California, BerkeleyMicrosoft Research January 21, 2005 AIOOL 2005 Paris,
K. Rustan M. Leino Research in Software Engineering (RiSE) Microsoft Research, Redmond, WA part 0 International Summer School Marktoberdorf Marktoberdorf,
Fractional Permissions without the Fractions Alex Summers ETH Zurich Joint work with: Stefan Heule, Rustan Leino, Peter Müller ETH Zurich MSR Redmond ETH.
ECI 2007: Specification and Verification of Object-Oriented Programs Lecture 2 Courtesy: K. Rustan M. Leino and Wolfram Schulte.
Lecture 2 Towards a Verifying Compiler: Logic of Object oriented Programs Wolfram Schulte Microsoft Research Formal Methods 2006 Objects, references, heaps,
Introduction to Spec# Programming System Yossi Peery Advanced SW Tools Seminar TAU Nov 2006.
K. Rustan M. Leino Research in Software Engineering (RiSE) Microsoft Research, Redmond, WA part 4 International Summer School Marktoberdorf Marktoberdorf,
K. Rustan M. Leino Research in Software Engineering (RiSE) Microsoft Research, Redmond, WA part 0 Summer School on Logic and Theorem-Proving in Programming.
K. Rustan M. Leino RiSE, Microsoft Research Typing, Analysis and Verification of Heap-Manipulating Programs Dagstuhl, Germany 20 July 2009.
Building a program verifier K. Rustan M. Leino Microsoft Research, Redmond, WA 10 May 2006 Guest lecture, Shaz Qadeer’s cse599f, Formal Verification of.
K. Rustan M. Leino Microsoft Research, Redmond, WA, USA with Mike Barnett, Robert DeLine, Manuel Fahndrich, and Wolfram Schulte Toward enforceable contracts.
Using and Building an Automatic Program Verifier K. Rustan M. Leino Research in Software Engineering (RiSE) Microsoft Research, Redmond Lecture 4 LASER.
Going beyond a basic ownership system in Spec# K. Rustan M. Leino Microsoft Research, Redmond, WA Joint work with: Peter Müller Angela Wallenburg ESF workshop.
Well-cooked Spaghetti: Weakest-Precondition of Unstructured Programs Mike Barnett and Rustan Leino Microsoft Research Redmond, WA, USA.
K. Rustan M. Leino Research in Software Engineering (RiSE) Microsoft Research, Redmond Caltech Pasadena, CA 12 November 2009.
K. Rustan M. Leino RiSE, Microsoft Research, Redmond joint work with Peter Müller and Jan Smans Lecture 0 1 September 2009 FOSAD 2009, Bertinoro, Italy.
K. Rustan M. Leino RiSE, Joint work with: Peter Müller (ETH Zurich) Jan Smans (KU Leuven) Special thanks to Mike Barnett VMCAI, Madrid, Spain, 18 January.
Software Engineering Prof. Dr. Bertrand Meyer March 2007 – June 2007 Chair of Software Engineering Static program checking and verification Slides: Based.
K. Rustan M. Leino RiSE, Microsoft Research 1 Dec 2008 Invited talk, working group meeting COST Action IC0701, Formal Verification of Object-Oriented Software.
Using and Building an Automatic Program Verifier K. Rustan M. Leino Research in Software Engineering (RiSE) Microsoft Research, Redmond Lecture 3 Marktoberdorf.
Viper A Verification Infrastructure for Permission-Based Reasoning 1 st March 2015, ECOOP’15 PC Meeting, Zurich Uri Juhasz, Ioannis Kassios, Peter Müller,
Reasoning about object structures with Spec# K. Rustan M. Leino Microsoft Research, Redmond, WA Joint work with: Mike Barnett, Ádám Darvas, Manuel Fähndrich,
Rustan Leino RiSE, Microsoft Research, Redmond MIT 5 June 2009 Joint work with: Peter Müller, ETH Zurich Jan Smans, KU Leuven.
Verification of Programs with Inspector Methods Bart Jacobs and Frank Piessens Dept. CS, K.U.Leuven, Belgium.
A Universe-Type-Based Verification Technique for Mutable Static Fields and Methods Alexander J Summers Sophia Drossopoulou Imperial College London Peter.
K. Rustan M. Leino Microsoft Research, Redmond, WA, USA with Mike Barnett, Robert DeLine, Manuel Fahndrich, and Wolfram Schulte Spec# Writing and checking.
K. Rustan M. Leino and Wolfram Schulte Microsoft Research, Redmond ESOP 2007 Braga, Portugal 28 March 2007.
Specifying and verifying programs in Spec# K. Rustan M. Leino Microsoft Research, Redmond, WA, USA Invited talk, PSI 2006 Novosibirsk, Russia 27 June 2006.
An Introduction to Automated Program Verification with Permission Logics 15 th May 2015, Systems Group, ETH Zurich Uri Juhasz, Ioannis Kassios, Peter Müller,
K. Rustan M. Leino RiSE, Microsoft Research, Redmond joint work with Peter Müller and Jan Smans Lecture 1 2 September 2009 FOSAD 2009, Bertinoro, Italy.
K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 15 Nov 2007 Chalmers Göteborg, Sweden.
Spec# John Lefor Program Manager Developer Division, Microsoft.
1 Verification of object-oriented programs with invariants Mike Barnett, Robert DeLine, Manuel Fahndrich, K. Rustan M. Leino, Wolfram Schulte ECOOP 2003.
ESOP 2010, Paphos, Cyprus, 22 March 2010 K. Rustan M. Leino (RiSE group, Microsoft Research) Peter Müller (ETH Zurich) Jan Smans (KU Leuven)
Faithful mapping of model classes to mathematical structures Ádám Darvas ETH Zürich Switzerland Peter Müller Microsoft Research Redmond, WA, USA SAVCBS.
Reasoning about object structures with Spec# K. Rustan M. Leino Microsoft Research, Redmond, WA Joint work with: Mike Barnett, Ádám Darvas, Manuel Fähndrich,
Object Invariants in Dynamic Contexts K.R.M. Leino and P. Muller : Objects and Aspects Presented by Jonathan Aldrich.
Dafny An automatic program verifier for functional correctness
Specification techniques for verifying object-oriented software
Class-local object invariants
Verification of concurrent object-oriented programs
Spec# Writing and checking contracts in a .NET language
Hoare-style program verification
Method Verification CS/SWE 332 Paul Ammann.
Dafny An automatic program verifier for functional correctness
Method Verification Paul Ammann.
Presentation transcript:

K. Rustan M. Leino Microsoft Research Peter Müller ETH Zurich Angela Wallenburg Chalmers University

Context Verification system for object-oriented programs Contribution Specification and structuring technique for objects that no longer undergo change

class C { int x, y, z; invariant x < 0  y ≤ z; } Boogie methodology (used in Spec#) Spec# demo: shows/ads

class C { T t; invariant t.x = 10; } class D { T s; invariant s.x = 23; } Spec# demo: guitar/level :D:D :T:T s :C:C t

class C { rep T t; invariant t.x = 10; } class D { rep T s; invariant s.x = 23; } Spec# demo: rep :D:D :T:T s :C:C t owner :T:T

An object is valid if it is not exposed (  o  o.owner.valid  o.valid) An object is consistent if it is valid and its owner is not valid Spec# demo: strum :Rock Band :Guitar:Guitar :GtString:GtString:GtString:GtString

Spec# demo: roadie/immutable

Example summary: Cannot share a rep object Base class of immutable class cannot be mutable Cannot apply mutable methods on an immutable object

Indicate which instances, not just whole classes, are immutable Indicate when an object becomes immutable Frozen objects can be mentioned in invariants freeze operation transfers ownership to an fictitious freezer object

class RockBand { frozen Roadie rd; invariant rd.Strength = 5; RockBand() { Roadie r = new Roadie(5); r.SchlepInstruments(); r.PrepareStage(); freeze r; rd = r; } … }

:RockBand:RockBand :Guitar:Guitar rd freezerfreezer :Roadie:Roadie gt owner

Special case of frozen objects Frozen objects give good encoding of immutable classes

Partial ownership Chalice demo: RockBand

class RockBand { var r: Roadie invariant rd(r) && r != null invariant acc(r.strength) && r.strength == 5 method Main() { var arnold := new Roadie arnold.strength := 5 var abba := new RockBand abba.r := arnold share abba var noDoubt := new RockBand noDoubt.r := arnold share noDoubt } class Roadie { var strength: int } Monitor invariant might not hold. Insufficient fraction at 4.13 for Roadie.strength.

Frozen objects are flexible. A program can: decide which instances are frozen decide when each instance becomes frozen Frozen objects can fit into any system with ownership and ownership transfer Frozen objects can encode immutable types Invariants can be written over frozen objects Future: implement in Spec#

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.