Abstract
High level design decisions are never captured formally in programs and are often violated as programs evolve. In this paper, we focus on design decisions in which an object o works correctly only if another object p is in some specific states. Such decisions can be specified as the object invariant of o.
The invariant of o must hold when control is not inside any of o’s methods (i.e. when o is in a steady state). From discussion forums on widely used APIs, it is clear that there are many instances where o’s invariant is violated by the programmer inadvertently changing the state of p when o is in a steady state. Typically, o and p are objects exposed by the API, and the programmer (who is the user of the API), unaware of the dependency between o and p, calls a method of p in such a way that o’s invariant is violated. The fact that the violation occurred is detected much later, when a method of o is called again, and it is difficult to determine exactly where such violations occur.
We propose a runtime verification scheme which guarantees that when o is in a steady state, any violation of o’s invariant is detected exactly where it occurs. This is done by tracking dependencies automatically and validating whether a state change of an object p breaks the invariant of any object o that depends on p. We demonstrate that our tool InvCOP, which implements this scheme, can accurately pinpoint violations of invariants involving multiple objects that were reported in discussion forums on widely used APIs.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ball, T., Rajamani, S.K.: The SLAM project: Debugging system software via static analysis. In: POPL, pp. 1–3. ACM, New York (2002)
DeLine, R., Fähndrich, M.: Enforcing high-level protocols in low-level software. In: PLDI. ACM, New York (2001)
Chin, B., Markstrum, S., Millstein, T.: Semantic type qualifiers. In: PLDI, pp. 85–95. ACM, New York (2005)
Beck, K., Cunningham, W.: A laboratory for teaching object-oriented thinking. In: OOPSLA, pp. 1–6 (1989)
JDOM FAQ – http://www.jdom.org/docs/faq.html#a0390
http://www.jdom.org/pipermail/jdom-interest/2005-March/014694.html
Clarke, D.G., Potter, J., Noble, J.: Ownership types for flexible alias protection. In: OOPSLA, pp. 48–64 (1998)
Boyapati, C., Liskov, B., Shrira, L.: Ownership types for object encapsulation. In: POPL, pp. 213–223. ACM, New York (2003)
Boyland, J.: Why we should not add readonly to java (yet). JOT 5(5), 5–29 (2006)
Barnett, M., DeLine, R., Fähndrich, M., Leino, K.R.M., Schulte, W.: Verification of object-oriented programs with invariants. JOT 3(6), 27–56 (2004)
Barnett, M., Naumann, D.A.: Friends need a bit more: Maintaining invariants over shared state. In: MPC, pp. 54–84. Springer, Heidelberg (2004)
Chen, F., Rosu, G.: Mop: an efficient and generic runtime verification framework. In: OOPSLA, pp. 569–588 (2007)
Avgustinov, P., Bodden, E., Hajiyev, E., Hendren, L.J., Lhoták, O., de Moor, O., Ongkingco, N., Sereni, D., Sittampalam, G., Tibble, J., Verbaere, M.: Aspects for trace monitoring. In: FATES/RV, pp. 20–39 (2006)
Stolz, V., Bodden, E.: Temporal assertions using aspectj. Electr. Notes Theor. Comput. Sci. 144(4), 109–124 (2006)
Kiczales, G., Lamping, J., Mendhekar, A., Maeda, C., Lopes, C.V., Loingtier, J.M., Irwin, J.: Aspect-oriented programming. In: ECOOP, pp. 220–242 (1997)
AspectJ –, http://www.eclipse.org/aspectj/
http://www.ibm.com/developerworks/java/library/j-jtp02183.html
Foster, J.S., Terauchi, T., Aiken, A.: Flow-sensitive type qualifiers. In: PLDI, pp. 1–12. ACM, New York (2002)
Helm, R., Holland, I.M., Gangopadhyay, D.: Contracts: Specifying behavioural compositions in object-oriented systems. In: OOPSLA/ECOOP, pp. 169–180 (1990)
Jaspan, C., Aldrich, J.: Checking framework plugins. In: OOPSLA Companion, pp. 795–796 (2007)
Leavens, G., Cheon, Y.: Design by contract with jml (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gopinathan, M., Rajamani, S.K. (2008). Runtime Monitoring of Object Invariants with Guarantee. In: Leucker, M. (eds) Runtime Verification. RV 2008. Lecture Notes in Computer Science, vol 5289. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-89247-2_10
Download citation
DOI: https://doi.org/10.1007/978-3-540-89247-2_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-89246-5
Online ISBN: 978-3-540-89247-2
eBook Packages: Computer ScienceComputer Science (R0)