Skip to main content
SpringerLink
Log in
Book cover

Aliasing in Object-Oriented Programming. Types, Analysis and Verification pp 289–318Cite as

Object Ownership in Program Verification

  • Chapter

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 7850))

Abstract

Dealing with aliasing is one of the key challenges for the verification of imperative programs. For instance, aliases make it difficult to determine which abstractions are potentially affected by a heap update and to determine which locks need to be acquired to avoid data races. Object ownership was one of the first approaches that allowed programmers to control aliasing and to restrict the operations that can be applied to a reference. It thus enabled sound, modular, and automatic verification of heap-manipulating programs. In this paper, we present two ownership systems that have been designed specifically to support program verification—Universe Types and Spec#’s Dynamic Ownership—and explain their applications in program verification, illustrated through a series of Spec# examples.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Banerjee, A., Naumann, D.A., Rosenberg, S.: Regional Logic for Local Reasoning about Global Invariants. In: Vitek, J. (ed.) ECOOP 2008. LNCS, vol. 5142, pp. 387–411. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  2. Barnett, M., DeLine, R., Fähndrich, M., Leino, K.R.M., Schulte, W.: Verification of object-oriented programs with invariants. Journal of Object Technology (JOT) 3(6), 27–56 (2004)

    Article  Google Scholar 

  3. Barnett, M., Fähndrich, M., Leino, K.R.M., Müller, P., Schulte, W., Venter, H.: Specification and verification: The Spec# experience. Communications of the ACM 54(6), 81–91 (2011)

    Article  Google Scholar 

  4. Barnett, M., Naumann, D.A.: Friends Need a Bit More: Maintaining Invariants Over Shared State. In: Kozen, D. (ed.) MPC 2004. LNCS, vol. 3125, pp. 54–84. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  5. Bornat, R., Calcagno, C., O’Hearn, P., Parkinson, M.: Permission accounting in separation logic. In: Principles of Programming Languages (POPL), pp. 259–270. ACM (2005)

    Google Scholar 

  6. Boyapati, C.: SafeJava: A Unified Type System for Safe Programming. PhD thesis, MIT (2004)

    Google Scholar 

  7. Boyapati, C., Lee, R., Rinard, M.: Ownership types for safe programming: Preventing data races and deadlocks. In: Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), pp. 211–230. ACM Press (2002)

    Google Scholar 

  8. Boyapati, C., Rinard, M.: A parameterized type system for race-free Java programs. In: Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), pp. 56–69. ACM Press (2001)

    Google Scholar 

  9. Boyland, J.: Checking Interference with Fractional Permissions. In: Cousot, R. (ed.) SAS 2003. LNCS, vol. 2694, pp. 55–72. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  10. Clarke, D., Drossopoulou, S.: Ownership, encapsulation and the disjointness of type and effect. In: Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), pp. 292–310. ACM Press (2002)

    Google Scholar 

  11. Clarke, D., Potter, J., Noble, J.: Ownership types for flexible alias protection. In: Object-Oriented Programming Systems, Languages, and Applications (OOPSLA). ACM Press (1998)

    Google Scholar 

  12. Clarke, D., Wrigstad, T.: External Uniqueness is Unique Enough. In: Cardelli, L. (ed.) ECOOP 2003. LNCS, vol. 2743, pp. 176–201. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  13. Cohen, E., Dahlweid, M., Hillebrand, M., Leinenbach, D., Moskal, M., Santen, T., Schulte, W., Tobies, S.: VCC: A Practical System for Verifying Concurrent C. In: Berghofer, S., Nipkow, T., Urban, C., Wenzel, M. (eds.) TPHOLs 2009. LNCS, vol. 5674, pp. 23–42. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  14. Cohen, E., Moskal, M., Schulte, W., Tobies, S.: Local Verification of Global Invariants in Concurrent Programs. In: Touili, T., Cook, B., Jackson, P. (eds.) CAV 2010. LNCS, vol. 6174, pp. 480–494. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  15. Cook, B., Podelski, A., Rybalchenko, A.: Proving program termination. Communications of the ACM 54, 88–98 (2011)

    Article  Google Scholar 

  16. Cunningham, D., Drossopoulou, S., Eisenbach, S.: Universe Types for Race Safety. In: Verification and Analysis of Multi-threaded Java-like Programs (VAMP), pp. 20–51 (2007)

    Google Scholar 

  17. Darvas, Á., Leino, K.R.M.: Practical Reasoning About Invocations and Implementations of Pure Methods. In: Dwyer, M.B., Lopes, A. (eds.) FASE 2007. LNCS, vol. 4422, pp. 336–351. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  18. Dietl, W.: Universe Types: Topology, Encapsulation, Genericity, and Tools. PhD thesis, Department of Computer Science, ETH Zurich (2009)

    Google Scholar 

  19. Dietl, W., Drossopoulou, S., Müller, P.: Generic Universe Types. In: Ernst, E. (ed.) ECOOP 2007. LNCS, vol. 4609, pp. 28–53. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  20. Dietl, W., Drossopoulou, S., Müller, P.: Separating ownership topology and encapsulation with Generic Universe Types. Transactions on Programming Languages and Systems (TOPLAS) 33, 20:1–20:62 (2011)

    Google Scholar 

  21. Dietl, W., Ernst, M.D., Müller, P.: Tunable Static Inference for Generic Universe Types. In: Mezini, M. (ed.) ECOOP 2011. LNCS, vol. 6813, pp. 333–357. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  22. Dietl, W., Müller, P.: Universes: Lightweight ownership for JML. Journal of Object Technology (JOT) 4(8), 5–32 (2005)

    Article  Google Scholar 

  23. Drossopoulou, S., Francalanza, A., Müller, P., Summers, A.J.: A Unified Framework for Verification Techniques for Object Invariants. In: Vitek, J. (ed.) ECOOP 2008. LNCS, vol. 5142, pp. 412–437. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  24. Flanagan, C., Leino, K.R.M., Lillibridge, M., Nelson, G., Saxe, J.B., Stata, R.: Extended static checking for Java. In: Programming Language Design and Implementation (PLDI). CM SIGPLAN Notices, vol. 37(5), pp. 234–245. ACM Press (2002)

    Google Scholar 

  25. Haack, C., Poll, E., Schäfer, J., Schubert, A.: Immutable Objects for a Java-Like Language. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 347–362. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  26. Hatcliff, J., Leavens, G.T., Leino, K.R.M., Müller, P., Parkinson, M.: Behavioral interface specification languages. Computing Surveys (2012) (to appear)

    Google Scholar 

  27. Hoare, C.A.R.: Proofs of correctness of data representation. Acta Informatica 1, 271–281 (1972)

    Article  MATH  Google Scholar 

  28. Huisman, M.: Reasoning about Java Programs in higher order logic with PVS and Isabelle. Ipa dissertation series, 2001-03, University of Nijmegen, Holland (2001)

    Google Scholar 

  29. Leavens, G.T., Poll, E., Clifton, C., Cheon, Y., Ruby, C., Cok, D., Müller, P., Kiniry, J., Chalin, P., Zimmerman, D.M., Dietl, W.: JML Reference Manual (June 2008), http://www.jmlspecs.org/

  30. Kassios, I.T.: Dynamic Frames: Support for Framing, Dependencies and Sharing Without Restrictions. In: Misra, J., Nipkow, T., Sekerinski, E. (eds.) FM 2006. LNCS, vol. 4085, pp. 268–283. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  31. Kassios, I.T.: The dynamic frames theory. Formal Aspects of Computing 23(3), 267–289 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  32. Jacobs, B., Piessens, F., Smans, J., Leino, K.R.M., Schulte, W.: A programming model for concurrent object-oriented programs. Transactions on Programming Languages and Systems (TOPLAS) 31(1) (2008)

    Google Scholar 

  33. Jacobs, B., Smans, J., Piessens, F.: A Quick Tour of the VeriFast Program Verifier. In: Ueda, K. (ed.) APLAS 2010. LNCS, vol. 6461, pp. 304–311. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  34. Leino, K.R.M.: Toward Reliable Modular Programs. PhD thesis, California Institute of Technology, Available as Technical Report Caltech-CS-TR-95-03 (1995)

    Google Scholar 

  35. Leino, K.R.M.: Dafny: An Automatic Program Verifier for Functional Correctness. In: Clarke, E.M., Voronkov, A. (eds.) LPAR-16 2010. LNCS(LNAI), vol. 6355, pp. 348–370. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  36. Leino, K.R.M.: Data groups: Specifying the modification of extended state. In: Object-Oriented Programming Systems, Languages, and Applications (OOPSLA). ACM SIGPLAN Notices, vol. 33(10), pp. 144–153. ACM Press (1998)

    Google Scholar 

  37. Leino, K.R.M., Müller, P.: Object Invariants in Dynamic Contexts. In: Odersky, M. (ed.) ECOOP 2004. LNCS, vol. 3086, pp. 491–515. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  38. Leino, K.R.M., Müller, P.: A Verification Methodology for Model Fields. In: Sestoft, P. (ed.) ESOP 2006. LNCS, vol. 3924, pp. 115–130. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  39. Leino, K.R.M., Müller, P., Wallenburg, A.: Flexible Immutability with Frozen Objects. In: Shankar, N., Woodcock, J. (eds.) VSTTE 2008. LNCS, vol. 5295, pp. 192–208. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  40. Leino, K.R.M., Müller, P.: Verification of Equivalent-Results Methods. In: Drossopoulou, S. (ed.) ESOP 2008. LNCS, vol. 4960, pp. 307–321. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  41. Leino, K.R.M., Müller, P.: A Basis for Verifying Multi-threaded Programs. In: Castagna, G. (ed.) ESOP 2009. LNCS, vol. 5502, pp. 378–393. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  42. Leino, K.R.M., Müller, P.: Using the Spec# Language, Methodology, and Tools to Write Bug-Free Programs. In: Müller, P. (ed.) LASER Summer School 2007/2008. LNCS, vol. 6029, pp. 91–139. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  43. Leino, K.R.M., Nelson, G.: Data abstraction and information hiding. Transactions on Programming Languages and Systems (TOPLAS) 24(5), 491–553 (2002)

    Article  Google Scholar 

  44. Leino, K.R.M., Poetzsch-Heffter, A., Zhou, Y.: Using data groups to specify and check side effects. In: Programming Language Design and Implementation (PLDI). ACM SIGPLAN Notices, vol. 37(5), pp. 246–257. ACM Press (2002)

    Google Scholar 

  45. Leino, K.R.M., Schulte, W.: Using History Invariants to Verify Observers. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 80–94. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  46. Leu, F.: Implementation of frozen objects into Spec#. Master’s thesis, ETH Zurich (2009), http://www.pm.inf.ethz.ch/education/theses/student_docs/Florian_Leu/florian_leu_MA_report

  47. Lu, Y., Xue, J.: Validity Invariants and Effects. In: Ernst, E. (ed.) ECOOP 2007. LNCS, vol. 4609, pp. 202–226. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  48. Meyer, B.: Object-Oriented Software Construction. 2nd edn. Prentice Hall (1997)

    Google Scholar 

  49. Müller, P.: Modular Specification and Verification of Object-Oriented Programs. LNCS, vol. 2262. Springer, Heidelberg (2002)

    Book  MATH  Google Scholar 

  50. Müller, P.: Formal methods-based tools for race, deadlock and other errors. In: Padua, D. (ed.) Encyclopedia of Parallel Computing, pp. 704–710. Springer (2011)

    Google Scholar 

  51. Müller, P., Poetzsch-Heffter, A.: Modular specification and verification techniques for object-oriented software components. In: Leavens, G.T., Sitaraman, M. (eds.) Foundations of Component-Based Systems. Cambridge University Press (2000)

    Google Scholar 

  52. Müller, P., Poetzsch-Heffter, A., Leavens, G.T.: Modular invariants for layered object structures. Science of Computer Programming 62, 253–286 (2006)

    Article  MathSciNet  MATH  Google Scholar 

  53. Müller, P., Rudich, A.: Ownership transfer in Universe Types. In: Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), pp. 461–478. ACM Press (2007)

    Google Scholar 

  54. Naumann, D.A.: Observational purity and encapsulation. Theor. Comput. Sci. 376(3), 205–224 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  55. Naumann, D.A., Banerjee, A.: Dynamic Boundaries: Information Hiding by Second Order Framing with First Order Assertions. In: Gordon, A.D. (ed.) ESOP 2010. LNCS, vol. 6012, pp. 2–22. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  56. O’Hearn, P.W.: Resources, concurrency, and local reasoning. Theor. Comput. Sci. 375, 271–307 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  57. Östlund, J., Wrigstad, T., Clarke, D., Åkerblom, B.: Ownership, Uniqueness, and Immutability. In: Paige, R.F., Meyer, B. (eds.) TOOLS EUROPE 2008. LNBIP, vol. 11, pp. 178–197. Springer, Heidelberg (2008)

    Google Scholar 

  58. Parkinson, M., Bierman, G.: Separation logic and abstraction. In: Palsberg, J., Abadi, M. (eds.) Principles of Programming Languages (POPL), pp. 247–258. ACM Press (January 2005)

    Google Scholar 

  59. Poetzsch-Heffter, A.: Specification and verification of object-oriented programs. Habilitation thesis, Technical University of Munich (January 1997)

    Google Scholar 

  60. Reynolds, J.C.: Separation logic: A logic for shared mutable data structures. In: Logic in Computer Science (LICS). IEEE Computer Society Press (2002)

    Google Scholar 

  61. Rudich, A.: Automatic Verification of Heap Structures with Stereotypes. PhD thesis, ETH Zurich (2011)

    Google Scholar 

  62. Rudich, A., Darvas, Á., Müller, P.: Checking Well-Formedness of Pure-Method Specifications. In: Cuellar, J., Sere, K. (eds.) FM 2008. LNCS, vol. 5014, pp. 68–83. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  63. Sălcianu, A., Rinard, M.: Purity and Side Effect Analysis for Java Programs. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 199–215. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  64. Smans, J., Jacobs, B., Piessens, F.: Implicit Dynamic Frames: Combining Dynamic Frames and Separation Logic. In: Drossopoulou, S. (ed.) ECOOP 2009. LNCS, vol. 5653, pp. 148–172. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  65. Summers, A.J., Müller, P.: Freedom before commitment—a lightweight type system for object initialisation. In: Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), pp. 1013–1032. ACM (2011)

    Google Scholar 

  66. Zibin, Y., Potanin, A., Ali, M., Artzi, S., Kieżun, A., Ernst, M.D.: Object and reference immutability using Java generics. In: European Software Engineering Conference/Foundations of Software Engineering (ESEC/FSE), pp. 75–84. ACM Press (2007)

    Google Scholar 

  67. Zibin, Y., Potanin, A., Li, P., Ali, M., Ernst, M.D.: Ownership and immutability in generic Java. In: Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), pp. 598–617 (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Washington, USA

    Werner Dietl

  2. ETH Zurich, Switzerland

    Peter Müller

Authors
  1. Werner Dietl
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Peter Müller
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Katholieke Universiteit Leuven, Celestijnenlaan 200A, 3001, Heverlee, Belgium

    Dave Clarke

  2. School of Engineering and Computer Science, Victoria University of Wellington, Cottn Building, Gate 6, Kelburn Parade, 6140, Wellington, New Zealand

    James Noble

  3. Department of Information Technology, Uppsala University, Lägerhyddsvägen 2, 75237, Uppsala, Sweden

    Tobias Wrigstad

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Dietl, W., Müller, P. (2013). Object Ownership in Program Verification. In: Clarke, D., Noble, J., Wrigstad, T. (eds) Aliasing in Object-Oriented Programming. Types, Analysis and Verification. Lecture Notes in Computer Science, vol 7850. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-36946-9_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-36946-9_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-36945-2

  • Online ISBN: 978-3-642-36946-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation