Presentation is loading. Please wait.

Presentation is loading. Please wait.

Applications of extended static checking K. Rustan M. Leino Compaq SRC K. Rustan M. Leino Compaq SRC Systems Research Center Invited talk, SAS’01, Paris,

Published byDonald Hicks Modified over 9 years ago

Similar presentations

Presentation on theme: "Applications of extended static checking K. Rustan M. Leino Compaq SRC K. Rustan M. Leino Compaq SRC Systems Research Center Invited talk, SAS’01, Paris,"— Presentation transcript:

1 Applications of extended static checking K. Rustan M. Leino Compaq SRC K. Rustan M. Leino Compaq SRC Systems Research Center Invited talk, SAS’01, Paris, France, 17 July 2001

2 Talk outline  The extended static checking (ESC) technique  ESC/Java  Other possible applications of the ESC technique

3 GoalGoal Increase productivity in software development

4 Static program checking

5 Static program checkers

6 ESC architecture

7 ESC/JavaESC/Java  Checked run-time errors –Null dereferences –Array index bounds errors –Type cast errors –…  Synchronization errors –Race conditions –Deadlocks  Consistency with annotations –Preconditions –Object invariants –… Joint work with Cormac Flanagan, Mark Lillibridge, Todd Millstein, Greg Nelson, Jim Saxe, Raymie Stata

8 Modular checking

9 ESC/Java demo: Bag.java

10 Checker design tradeoffs  Soundness  Spurious warnings  Annotation burden  Performance

11 Evaluation of the ESC technique  Strengths: –Local analysis offers precision –Modular checking performs well and scales  Weaknesses: –Modularity requires annotations

12 Change modularity boundaries  Reduce annotation burden by changing grain of modularity?

13 Use ESC as a subroutine Houdini: joint work with Cormac Flanagan and Michael Levin Daikon: Michael Ernst, et al. generate candidate set of annotations ; repeat invoke ESC to refute annotations ; remove refuted annotations until quiescence ; invoke ESC to identify possible defects

14 Check only the annotations /* @ modifies isOpen; ensures isOpen; */ void open(String filename); /* @ requires isOpen; */ int getChar(); /* @ requires isOpen; modifies isOpen; */ void close(); Other protocol checking: Tom Ball & Sriram Rajamani; and Rob DeLine & Manuel Fähndrich

15 Principle of programming language design syntactic restrictions +static checks +dynamic checks =guaranteed program invariants

16 Example program invariants enforced by popular programming languages  each program variable holds a value of its type  program counter is a valid program location  each live local variable has a value  …

17 Null or not?  T+a possibly-null T object  T-a non-null T object  t.f defined only if t is of type T-  can cast from T+ to T- at the cost of a dynamic check  CLU [Liskov & Guttag 1986]

18 VerbosityVerbosity  if (t instanceof T-) { T- tm = (T-)t; … tm.f … }  if (t instanceof T- && ((T-)t).f instanceof T-) { … ((T-)((T-)t).f)).g … }

19 ESC technique to the rescue  Use T+ and T- types  Define dereference only for static type T-  Require explicit cast from T+ to T- only if ESC technique is unable to prove value to be non-null

20 Examples revisited  if (t != null) { … t.f … }  if (t != null && t.f != null) { … t.f.g … }

21 Obstacles to applying ESC technique  Soundness  What can be modified?  How does a programming language prescribe ESC checks?

22 ConclusionsConclusions  ESC is a powerful program analysis technique  Used in ESC/Modula-3, ESC/Java, Houdini  Future applications include programming language design  ESC/Java in teaching http://research.compaq.com/SRC/esc/

23

Download ppt "Applications of extended static checking K. Rustan M. Leino Compaq SRC K. Rustan M. Leino Compaq SRC Systems Research Center Invited talk, SAS’01, Paris,"

Similar presentations

1 Lecture 5 Towards a Verifying Compiler: Multithreading Wolfram Schulte Microsoft Research Formal Methods 2006 Race Conditions, Locks, Deadlocks, Invariants,

1 Lecture 5 Towards a Verifying Compiler: Multithreading Wolfram Schulte Microsoft Research Formal Methods 2006 Race Conditions, Locks, Deadlocks, Invariants,
Verification of object-oriented programs with invariants Mike Barnett, Robert DeLine, Manuel Fahndrich, K. Rustan M. Leino, Wolfram Schulte Formal techniques.

Verification of object-oriented programs with invariants Mike Barnett, Robert DeLine, Manuel Fahndrich, K. Rustan M. Leino, Wolfram Schulte Formal techniques.
Advanced programming tools at Microsoft

Advanced programming tools at Microsoft
Joint work with Mike Barnett, Robert DeLine, Manuel Fahndrich, and Wolfram Schulte Verifying invariants in object-oriented programs K. Rustan M. Leino.

Joint work with Mike Barnett, Robert DeLine, Manuel Fahndrich, and Wolfram Schulte Verifying invariants in object-oriented programs K. Rustan M. Leino.
Extended Static Checking for Java Cormac Flanagan K. Rustan M. Leino Mark Lillibridge Greg Nelson James B. Saxe Raymie Stata Compaq SRC 18 June 2002 PLDI02,

Extended Static Checking for Java Cormac Flanagan K. Rustan M. Leino Mark Lillibridge Greg Nelson James B. Saxe Raymie Stata Compaq SRC 18 June 2002 PLDI02,
The Spec# programming system K. Rustan M. Leino Microsoft Research, Redmond, WA, USA Lunch seminar, Praxis Bath, UK 6 Dec 2005 joint work with Mike Barnett,

The Spec# programming system K. Rustan M. Leino Microsoft Research, Redmond, WA, USA Lunch seminar, Praxis Bath, UK 6 Dec 2005 joint work with Mike Barnett,
Bor-Yuh Evan Chang Daan Leijen Peter Müller David A. Naumann The Spec# programming system Mike Barnett Rob DeLine Manuel Fähndrich Bart Jacobs K. Rustan.

Bor-Yuh Evan Chang Daan Leijen Peter Müller David A. Naumann The Spec# programming system Mike Barnett Rob DeLine Manuel Fähndrich Bart Jacobs K. Rustan.
Demand-driven inference of loop invariants in a theorem prover

Demand-driven inference of loop invariants in a theorem prover
Object Invariants in Specification and Verification K. Rustan M. Leino Microsoft Research, Redmond, WA Joint work with: Mike Barnett, Ádám Darvas, Manuel.

Object Invariants in Specification and Verification K. Rustan M. Leino Microsoft Research, Redmond, WA Joint work with: Mike Barnett, Ádám Darvas, Manuel.
Writing specifications for object-oriented programs K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 21 Jan 2005 Invited talk, AIOOL 2005 Paris,

Writing specifications for object-oriented programs K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 21 Jan 2005 Invited talk, AIOOL 2005 Paris,
Spec# K. Rustan M. Leino Senior Researcher Programming Languages and Methods Microsoft Research, Redmond, WA, USA Microsoft Research faculty summit, Redmond,

Spec# K. Rustan M. Leino Senior Researcher Programming Languages and Methods Microsoft Research, Redmond, WA, USA Microsoft Research faculty summit, Redmond,
Lecture 4 Towards a Verifying Compiler: Data Abstraction Wolfram Schulte Microsoft Research Formal Methods 2006 Purity, Model fields, Inconsistency _____________.

Lecture 4 Towards a Verifying Compiler: Data Abstraction Wolfram Schulte Microsoft Research Formal Methods 2006 Purity, Model fields, Inconsistency _____________.
Challenges in increasing tool support for programming K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 23 Sep 2004 ICTAC Guiyang, Guizhou, PRC joint.

Challenges in increasing tool support for programming K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 23 Sep 2004 ICTAC Guiyang, Guizhou, PRC joint.
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 8.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 8.
The Spec# programming system K. Rustan M. Leino Microsoft Research, Redmond, WA, USA Distinguished Lecture Series Max Planck Institute for Software Systems.

The Spec# programming system K. Rustan M. Leino Microsoft Research, Redmond, WA, USA Distinguished Lecture Series Max Planck Institute for Software Systems.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Verification of Multithreaded Object- Oriented Programs with Invariants Bart Jacobs, K. Rustan M. Leino, Wolfram Schulte.

Verification of Multithreaded Object- Oriented Programs with Invariants Bart Jacobs, K. Rustan M. Leino, Wolfram Schulte.
A simple sequential reasoning approach for sound modular verification of mainstream multithreaded programs Wolfram Schulte & Bart Jacobs Microsoft Research.

A simple sequential reasoning approach for sound modular verification of mainstream multithreaded programs Wolfram Schulte & Bart Jacobs Microsoft Research.
272: Software Engineering Fall 2008 Instructor: Tevfik Bultan Lecture 3: Java Modeling Language and Extended Static Checking.

272: Software Engineering Fall 2008 Instructor: Tevfik Bultan Lecture 3: Java Modeling Language and Extended Static Checking.
K. Rustan M. Leino Research in Software Engineering (RiSE) Microsoft Research, Redmond, WA, USA 3 December 2008 U. Lugano Lugano, Switzerland.

K. Rustan M. Leino Research in Software Engineering (RiSE) Microsoft Research, Redmond, WA, USA 3 December 2008 U. Lugano Lugano, Switzerland.

Similar presentations

Ads by Google