Presentation is loading. Please wait.

Presentation is loading. Please wait.

Extended Static Checking for Java Cormac Flanagan Joint work with: Rustan Leino, Mark Lillibridge, Greg Nelson, Jim Saxe, and Raymie Stata.

Published byJulie Bryan Modified over 9 years ago

Similar presentations

Presentation on theme: "Extended Static Checking for Java Cormac Flanagan Joint work with: Rustan Leino, Mark Lillibridge, Greg Nelson, Jim Saxe, and Raymie Stata."— Presentation transcript:

1 Extended Static Checking for Java Cormac Flanagan Joint work with: Rustan Leino, Mark Lillibridge, Greg Nelson, Jim Saxe, and Raymie Stata

2 What is “Static Checking”? Annotated Source Code StaticChecker Error:... type systems type systems Error: wrong number of arguments in method call lint lint Error: unreachable code full program verification full program verification Error: qsort does not yield a sorted array

3 Comparison of Static Checkers Quality 100% Effort fullverification lint typesystems ExtendedStaticChecking Note: Graph is not to scale ESCModula-3 ESCJava

4 ESC/Java  Detect common run-time errors null dereferences null dereferences array bounds array bounds type casts type casts race conditions race conditions deadlocks deadlocks......  Check other properties object invariants object invariants method specifications method specifications......

5 Architecture of ESC/Java Annotated program Verification condition generator Automatic theorem prover Counter-example  x.  y. (x > y =>...) Error: index out of bounds on line 218 when x = 4 and y = 3

6 Not Full Verification  Prove absence of run-time errors, not full functional correctness Simpler method specifications Simpler method specifications Verification conditions easier to prove Verification conditions easier to prove

7 Example void sort2(int[] a) void sort2(int[] a) { if( a[0] < a[1] ) if( a[0] < a[1] ) { int t = a[0]; int t = a[0]; a[0] = a[ ]; a[0] = a[ ]; a[1] = t; a[1] = t; } } Error: possible null dereference at line 5 Error: possible index out of bounds at line 5 //@ ensures a[0] <= a[1] //@ requires a != null && a.length == 2 Error: possible index out of bounds at line 8 21 Error: postcondition not achieved No more errors detected :-( >

8 Under the Hood  Verification condition large but “dumb”  Proved in < 1 second (FORALL (t1) (FORALL (t2) (IMPLIES (AND (NEQ a null) (EQ (arrayLength a) 2)) (AND (NEQ a null) (AND (AND ( (select (select elem a) 0) (select (select elem a) 1)) (FORALL (t3) (AND (NEQ a null) (AND (AND ( (select (select elem a) 0) (select (select elem a) 1))) (AND (<= (select (select elem a) 0) (select (select elem a) 1)) (EQ true true)))))))))))

9 ESC/Java vs. Testing  Testing essential but Expensive Expensive Finds errors late Finds errors late Misses errors Misses errors  ESC/Java... ?

10 ESC/Java Summary  Finds more errors than type checking  Costs less than full verification  Currently working on small test programs www.research.digital.com/SRC/esc/Esc.html

11 Comparison of Static Checkers Quality 100% Effort fullverification lint typesystems decidabilitylimit ExtendedStaticChecking Note: Graph is not to scale

12 Metrics for Static Checkers  Cost of using the tool  Quality Does it miss errors? Does it give spurious warnings?

Download ppt "Extended Static Checking for Java Cormac Flanagan Joint work with: Rustan Leino, Mark Lillibridge, Greg Nelson, Jim Saxe, and Raymie Stata."

Similar presentations

Automatic verification of summations K. Rustan M. Leino IFIP WG 2.3 meeting 46 Sydney, Australia 11 January 2007.

Automatic verification of summations K. Rustan M. Leino IFIP WG 2.3 meeting 46 Sydney, Australia 11 January 2007.
Verification of object-oriented programs with invariants Mike Barnett, Robert DeLine, Manuel Fahndrich, K. Rustan M. Leino, Wolfram Schulte Formal techniques.

Verification of object-oriented programs with invariants Mike Barnett, Robert DeLine, Manuel Fahndrich, K. Rustan M. Leino, Wolfram Schulte Formal techniques.
Advanced programming tools at Microsoft

Advanced programming tools at Microsoft
Joint work with Mike Barnett, Robert DeLine, Manuel Fahndrich, and Wolfram Schulte Verifying invariants in object-oriented programs K. Rustan M. Leino.

Joint work with Mike Barnett, Robert DeLine, Manuel Fahndrich, and Wolfram Schulte Verifying invariants in object-oriented programs K. Rustan M. Leino.
Extended Static Checking for Java Cormac Flanagan K. Rustan M. Leino Mark Lillibridge Greg Nelson James B. Saxe Raymie Stata Compaq SRC 18 June 2002 PLDI02,

Extended Static Checking for Java Cormac Flanagan K. Rustan M. Leino Mark Lillibridge Greg Nelson James B. Saxe Raymie Stata Compaq SRC 18 June 2002 PLDI02,
The Spec# programming system K. Rustan M. Leino Microsoft Research, Redmond, WA, USA Lunch seminar, Praxis Bath, UK 6 Dec 2005 joint work with Mike Barnett,

The Spec# programming system K. Rustan M. Leino Microsoft Research, Redmond, WA, USA Lunch seminar, Praxis Bath, UK 6 Dec 2005 joint work with Mike Barnett,
Demand-driven inference of loop invariants in a theorem prover

Demand-driven inference of loop invariants in a theorem prover
Object Invariants in Specification and Verification K. Rustan M. Leino Microsoft Research, Redmond, WA Joint work with: Mike Barnett, Ádám Darvas, Manuel.

Object Invariants in Specification and Verification K. Rustan M. Leino Microsoft Research, Redmond, WA Joint work with: Mike Barnett, Ádám Darvas, Manuel.
Writing specifications for object-oriented programs K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 21 Jan 2005 Invited talk, AIOOL 2005 Paris,

Writing specifications for object-oriented programs K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 21 Jan 2005 Invited talk, AIOOL 2005 Paris,
Program Verification Using the Spec# Programming System ETAPS Tutorial K. Rustan M. Leino, Microsoft Research, Redmond Rosemary Monahan, NUIM Maynooth.

Program Verification Using the Spec# Programming System ETAPS Tutorial K. Rustan M. Leino, Microsoft Research, Redmond Rosemary Monahan, NUIM Maynooth.
Technologies for finding errors in object-oriented software K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 0 Summer school on Formal Models.

Technologies for finding errors in object-oriented software K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 0 Summer school on Formal Models.
Spec# K. Rustan M. Leino Senior Researcher Programming Languages and Methods Microsoft Research, Redmond, WA, USA Microsoft Research faculty summit, Redmond,

Spec# K. Rustan M. Leino Senior Researcher Programming Languages and Methods Microsoft Research, Redmond, WA, USA Microsoft Research faculty summit, Redmond,
Challenges in increasing tool support for programming K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 23 Sep 2004 ICTAC Guiyang, Guizhou, PRC joint.

Challenges in increasing tool support for programming K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 23 Sep 2004 ICTAC Guiyang, Guizhou, PRC joint.
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 8.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 8.
The Spec# programming system K. Rustan M. Leino Microsoft Research, Redmond, WA, USA Distinguished Lecture Series Max Planck Institute for Software Systems.

The Spec# programming system K. Rustan M. Leino Microsoft Research, Redmond, WA, USA Distinguished Lecture Series Max Planck Institute for Software Systems.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Verification of Multithreaded Object- Oriented Programs with Invariants Bart Jacobs, K. Rustan M. Leino, Wolfram Schulte.

Verification of Multithreaded Object- Oriented Programs with Invariants Bart Jacobs, K. Rustan M. Leino, Wolfram Schulte.
JML and ESC/Java2: An Introduction Karl Meinke School of Computer Science and Communication, KTH.

JML and ESC/Java2: An Introduction Karl Meinke School of Computer Science and Communication, KTH.
Securing Java applets Erik Poll Security of Systems (SOS) group University of Nijmegen www.cs.kun.nl/~erikpoll.

Securing Java applets Erik Poll Security of Systems (SOS) group University of Nijmegen
272: Software Engineering Fall 2008 Instructor: Tevfik Bultan Lecture 3: Java Modeling Language and Extended Static Checking.

272: Software Engineering Fall 2008 Instructor: Tevfik Bultan Lecture 3: Java Modeling Language and Extended Static Checking.

Similar presentations

Ads by Google