Presentation is loading. Please wait.

Presentation is loading. Please wait.

K. Rustan M. Leino Microsoft Research Peter Müller ETH Zurich Angela Wallenburg Chalmers University.

Published byJadon Asbury Modified over 9 years ago

Similar presentations

Presentation on theme: "K. Rustan M. Leino Microsoft Research Peter Müller ETH Zurich Angela Wallenburg Chalmers University."— Presentation transcript:

1 K. Rustan M. Leino Microsoft Research Peter Müller ETH Zurich Angela Wallenburg Chalmers University

2 Context Verification system for object-oriented programs Contribution Specification and structuring technique for objects that no longer undergo change

3 class C { int x, y, z; invariant x < 0  y ≤ z; } Boogie methodology (used in Spec#) Spec# demo: shows/ads

4

5

6

7 class C { T t; invariant t.x = 10; } class D { T s; invariant s.x = 23; } Spec# demo: guitar/level :D:D :T:T s :C:C t

8

9 class C { rep T t; invariant t.x = 10; } class D { rep T s; invariant s.x = 23; } Spec# demo: rep :D:D :T:T s :C:C t owner :T:T

10

11 An object is valid if it is not exposed (  o  o.owner.valid  o.valid) An object is consistent if it is valid and its owner is not valid Spec# demo: strum :Rock Band :Guitar:Guitar :GtString:GtString:GtString:GtString

12

13

14 Spec# demo: roadie/immutable

15

16

17

18

19

20

21 Example summary: Cannot share a rep object Base class of immutable class cannot be mutable Cannot apply mutable methods on an immutable object

22 Indicate which instances, not just whole classes, are immutable Indicate when an object becomes immutable Frozen objects can be mentioned in invariants freeze operation transfers ownership to an fictitious freezer object

23 class RockBand { frozen Roadie rd; invariant rd.Strength = 5; RockBand() { Roadie r = new Roadie(5); r.SchlepInstruments(); r.PrepareStage(); freeze r; rd = r; } … }

24 :RockBand:RockBand :Guitar:Guitar rd freezerfreezer :Roadie:Roadie gt owner

25 Special case of frozen objects Frozen objects give good encoding of immutable classes

26 Partial ownership Chalice demo: RockBand

27 class RockBand { var r: Roadie invariant rd(r) && r != null invariant acc(r.strength) && r.strength == 5 method Main() { var arnold := new Roadie arnold.strength := 5 var abba := new RockBand abba.r := arnold share abba var noDoubt := new RockBand noDoubt.r := arnold share noDoubt } class Roadie { var strength: int } Monitor invariant might not hold. Insufficient fraction at 4.13 for Roadie.strength.

28 Frozen objects are flexible. A program can: decide which instances are frozen decide when each instance becomes frozen Frozen objects can fit into any system with ownership and ownership transfer Frozen objects can encode immutable types Invariants can be written over frozen objects Future: implement in Spec# http://research.microsoft.com/specsharp

Download ppt "K. Rustan M. Leino Microsoft Research Peter Müller ETH Zurich Angela Wallenburg Chalmers University."

Similar presentations

Automatic verification of summations K. Rustan M. Leino IFIP WG 2.3 meeting 46 Sydney, Australia 11 January 2007.

Automatic verification of summations K. Rustan M. Leino IFIP WG 2.3 meeting 46 Sydney, Australia 11 January 2007.
1 Lecture 5 Towards a Verifying Compiler: Multithreading Wolfram Schulte Microsoft Research Formal Methods 2006 Race Conditions, Locks, Deadlocks, Invariants,

1 Lecture 5 Towards a Verifying Compiler: Multithreading Wolfram Schulte Microsoft Research Formal Methods 2006 Race Conditions, Locks, Deadlocks, Invariants,
Verification of object-oriented programs with invariants Mike Barnett, Robert DeLine, Manuel Fahndrich, K. Rustan M. Leino, Wolfram Schulte Formal techniques.

Verification of object-oriented programs with invariants Mike Barnett, Robert DeLine, Manuel Fahndrich, K. Rustan M. Leino, Wolfram Schulte Formal techniques.
Joint work with Mike Barnett, Robert DeLine, Manuel Fahndrich, and Wolfram Schulte Verifying invariants in object-oriented programs K. Rustan M. Leino.

Joint work with Mike Barnett, Robert DeLine, Manuel Fahndrich, and Wolfram Schulte Verifying invariants in object-oriented programs K. Rustan M. Leino.
The Spec# programming system K. Rustan M. Leino Microsoft Research, Redmond, WA, USA Lunch seminar, Praxis Bath, UK 6 Dec 2005 joint work with Mike Barnett,

The Spec# programming system K. Rustan M. Leino Microsoft Research, Redmond, WA, USA Lunch seminar, Praxis Bath, UK 6 Dec 2005 joint work with Mike Barnett,
Bor-Yuh Evan Chang Daan Leijen Peter Müller David A. Naumann The Spec# programming system Mike Barnett Rob DeLine Manuel Fähndrich Bart Jacobs K. Rustan.

Bor-Yuh Evan Chang Daan Leijen Peter Müller David A. Naumann The Spec# programming system Mike Barnett Rob DeLine Manuel Fähndrich Bart Jacobs K. Rustan.
Demand-driven inference of loop invariants in a theorem prover

Demand-driven inference of loop invariants in a theorem prover
Checking correctness properties of object-oriented programs K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 4 EEF summer school on Specification,

Checking correctness properties of object-oriented programs K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 4 EEF summer school on Specification,
Object Invariants in Specification and Verification K. Rustan M. Leino Microsoft Research, Redmond, WA Joint work with: Mike Barnett, Ádám Darvas, Manuel.

Object Invariants in Specification and Verification K. Rustan M. Leino Microsoft Research, Redmond, WA Joint work with: Mike Barnett, Ádám Darvas, Manuel.
Checking correctness properties of object-oriented programs K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 2 EEF summer school on Specification,

Checking correctness properties of object-oriented programs K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 2 EEF summer school on Specification,
Writing specifications for object-oriented programs K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 21 Jan 2005 Invited talk, AIOOL 2005 Paris,

Writing specifications for object-oriented programs K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 21 Jan 2005 Invited talk, AIOOL 2005 Paris,
1 Towards a Verifying Compiler: The Spec# Approach Wolfram Schulte Microsoft Research Formal Methods 2006 Joint work with Rustan Leino, Mike Barnett, Manuel.

1 Towards a Verifying Compiler: The Spec# Approach Wolfram Schulte Microsoft Research Formal Methods 2006 Joint work with Rustan Leino, Mike Barnett, Manuel.
Program Verification Using the Spec# Programming System ETAPS Tutorial K. Rustan M. Leino, Microsoft Research, Redmond Rosemary Monahan, NUIM Maynooth.

Program Verification Using the Spec# Programming System ETAPS Tutorial K. Rustan M. Leino, Microsoft Research, Redmond Rosemary Monahan, NUIM Maynooth.
Technologies for finding errors in object-oriented software K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 3 Summer school on Formal Models.

Technologies for finding errors in object-oriented software K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 3 Summer school on Formal Models.
Spec# K. Rustan M. Leino Senior Researcher Programming Languages and Methods Microsoft Research, Redmond, WA, USA Microsoft Research faculty summit, Redmond,

Spec# K. Rustan M. Leino Senior Researcher Programming Languages and Methods Microsoft Research, Redmond, WA, USA Microsoft Research faculty summit, Redmond,
Lecture 4 Towards a Verifying Compiler: Data Abstraction Wolfram Schulte Microsoft Research Formal Methods 2006 Purity, Model fields, Inconsistency _____________.

Lecture 4 Towards a Verifying Compiler: Data Abstraction Wolfram Schulte Microsoft Research Formal Methods 2006 Purity, Model fields, Inconsistency _____________.
Challenges in increasing tool support for programming K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 23 Sep 2004 ICTAC Guiyang, Guizhou, PRC joint.

Challenges in increasing tool support for programming K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 23 Sep 2004 ICTAC Guiyang, Guizhou, PRC joint.
K. Rustan M. Leino Research in Software Engineering (RiSE) Microsoft Research, Redmond, WA, USA 15 January 2009 Séminaire Digiteo Orsay, France.

K. Rustan M. Leino Research in Software Engineering (RiSE) Microsoft Research, Redmond, WA, USA 15 January 2009 Séminaire Digiteo Orsay, France.
The Spec# programming system K. Rustan M. Leino Microsoft Research, Redmond, WA, USA Distinguished Lecture Series Max Planck Institute for Software Systems.

The Spec# programming system K. Rustan M. Leino Microsoft Research, Redmond, WA, USA Distinguished Lecture Series Max Planck Institute for Software Systems.
Constraint Semantics for Abstract Read Permissions 28 th July 2014, FTfJP, Uppsala John Tang Boyland (UW-Milwaukee/ETH Zurich) Peter Müller, Malte Schwerhoff,

Constraint Semantics for Abstract Read Permissions 28 th July 2014, FTfJP, Uppsala John Tang Boyland (UW-Milwaukee/ETH Zurich) Peter Müller, Malte Schwerhoff,

Similar presentations

Ads by Google