Abstract
Static analysis tools, such as resource analyzers, give useful information on software systems, especially in real-time and safety-critical applications. Therefore, the question of the reliability of the obtained results is highly important. State-of-the-art static analyzers typically combine a range of complex techniques, make use of external tools, and evolve quickly. To formally verify such systems is not a realistic option. In this work, we propose a different approach whereby, instead of the tools, we formally verify the results of the tools. The central idea of such a formal verification framework for static analysis is the method-wise translation of the information about a program gathered during its static analysis into specification contracts that contain enough information for them to be verified automatically. We instantiate this framework with costa, a state-of-the-art static analysis system for sequential Java programs, for producing resource guarantees and KeY, a state-of-the-art verification tool, for formally verifying the correctness of such resource guarantees. Resource guarantees allow to be certain that programs will run within the indicated amount of resources, which may refer to memory consumption, number of instructions executed, etc. Our results show that the proposed tool cooperation can be used for automatically producing verified resource guarantees.
Similar content being viewed by others
Notes
Recall that we assume that the Java program is recursion-free, thus “recursion” in the RBR actually correspond only to loop constructs in the Java program.
To be more precise, there is some splitting, but only to ensure that
and
are not null.
References
Albert, E., Arenas, P., Codish, M., Genaim, S., Puebla, G., Zanardini, D.: Termination analysis of Java bytecode. In: Proceedings of FMOODS’08, vol. 5051 of LNCS, pp. 2–18. Springer (2008)
Albert, E., Arenas, P., Genaim, S., Puebla, G.: Field-sensitive value analysis by field-insensitive analysis. In: Proceedings of FM’09, vol. 5850 of LNCS, pp. 370–386. Springer (2009)
Albert, E., Arenas, P., Genaim, S., Puebla, G.: Closed-form upper bounds in static cost analysis. J. Autom. Reason. 46(2), 161–203 (2011)
Albert, E., Arenas, P., Genaim, S., Puebla, G., Román-Díez, G.: Conditional termination of loops over heap-allocated data. Sci. Comput. Program. 92, 2–24 (2014)
Albert, E., Arenas, P., Genaim, S., Puebla, G., Zanardini, D.: Cost analysis of Java bytecode. In: European Symposium on Programming (ESOP’07), vol. 4421 of LNCS. Springer (2007)
Albert, E., Arenas, P., Genaim, S., Puebla, G., Zanardini, D.: Cost analysis of object-oriented bytecode programs. Theor. Comput. Sci. 413(1), 142–159 (2012)
Albert, E., Arenas, P., Puebla, G., Hermenegildo, M.: Certificate size reduction in abstraction-carrying code. Theory Pract. Log. Progr. 12(3), 283–318 (2012)
Albert, E., Bubel, R., Genaim, S., Hähnle, R., Puebla, G., Román-Díez, G.: Verified resource guarantees using COSTA and KeY. In: Proceedings of PEPM’11, pp. 73–76 (2011)
Albert, E., Bubel, R., Genaim, S., Hähnle, R., Román-Díez, G.: Verified resource guarantees for heap manipulating programs. In: Proceedings of FASE’12, vol. 7212 of LNCS, pp. 130–145. Springer, March (2012)
Albert, E., Genaim, S., Gómez-Zamalloa, M.: Parametric inference of memory requirements for garbage collected languages. In: Proceeding of ISMM’10, pp. 121–130. ACM Press (2010)
Albert, E., Genaim, S., Masud, A.N.: On the inference of resource usage upper and lower bounds. ACM Trans. Comput. Log. 14(3), 22:1–22:35 (2013)
Albert, E., Arenas, P., Correas, J., Gómez-Zamalloa, M., Genaim, S., Puebla, G., Román-Díez, G.: Object-Sensitive Cost Analysis for Concurrent Objects, Technical Report. http://costa.ls.fi.upm.es/papers/costa/AlbertACGGPRtr.pdf (2014)
Ball, T., Bounimova, E., Levin, V., Kumar, R., Lichtenberg, J.: The static driver verifier research platform. In: Proceeding of CAV’10, vol. 6174 of LNCS, pp. 119–122. Springer (2010)
Barnett, M., Chang, B., DeLine, R., Jacobs, B., Rustan K., Leino, M.: Boogie: A modular reusable verifier for object-oriented programs. In: Proceedings of FMCO’06, vol. 4111 of LNCS, pp. 364–387. Springer (2006)
Beckert, B., Hähnle, R., Schmitt, P.: Verification of object-oriented software: the KeY approach, vol. 4334 of LNCS. Springer (2006)
Beyer, D., Erkan Keremoglu M.: CPAchecker: A tool for configurable software verification. In: Computer Aided Verification, vol. 6806 of LNCS, pp. 184–190. Springer (2011)
Blazy, S., Maroneze, A., Pichardie, D.: Formal verification of loop bound estimation for WCET analysis. In: Proceedings of VSTTE’13, vol. 8164 of LNCS, pp. 281–303. Springer (2013)
Brockschmidt, M., Cook, B., Fuhs, C.: Better termination proving through cooperation. In: Computer Aided Verification, vol. 8044 of LNCS, pp. 413–429. Springer, Berlin Heidelberg (2013)
Bubel, R., Roth, A., Rümmer, P.: Ensuring the correctness of lightweight tactics for JavaCard dynamic logic. Electron. Notes Theor. Comput. Sci. 199, 107–128 (2008)
Crary, K., Weirich, S.: Resource bound certification. In: Proceedings of POPL’00, pp. 184–198. ACM (2000)
Dios, De., Peña, R.: Certification of safe polynomial memory bounds. In: Proceedings of FM’11, LNCS, pp. 184–199. Springer, June (2011)
Filliâtre, J.C., Marché, C.: The Why/Krakatoa/Caduceus platform for deductive program verification. In: Proceeding of CAV’07, vol. 4590 of LNCS, pp. 173–177. Springer (2007)
Gulwani, S., Mehra, K. K., Chilimbi, T. M.: Speed: precise and efficient static estimation of program computational complexity. In: Proceeding of POPL’09, pp. 127–139. ACM (2009)
Hoffmann, J., Hofmann, M.: Amortized resource analysis with polynomial potential. In: Proceedings of ESOP’10, vol. 6012 of LNCS, pp. 287–306. Springer (2010)
Rustan, K., Leino, M.: Dafny: An automatic program verifier for functional correctness. In: Proceeding of LPAR’10, vol. 6355 of LNCS, pp. 348–370. Springer (2010)
Leroy, X.: Formal verification of a realistic compiler. Commun ACM 52(7), 107–115 (2009)
Lindholm, T., Yellin, F.: The Java Virtual Machine Specification. Addison-Wesley, Boston (1996)
Mauborgne, L., Rival, X.: Trace partitioning in abstract interpretation based static analyzers. In: Sagiv, M. (ed.) European Symposium on Programming (ESOP’05), vol. 3444 of LNCS, pp. 5–20. Springer (2005)
Necula, G.: Proof-carrying code. In: Proceedings of POPL’97, pp. 106–119. ACM Press (1997)
Pnueli, A., Siegel, M., Singerman, E.: Translation validation. In: Proceeding of TACAS’98, vol. 1384 of LNCS, pp. 151–166. Springer (1998)
Podelski, A., Rybalchenko, A.: A complete method for the synthesis of linear ranking functions. In: 5th International Conference on Verification, Model Checking and Abstract Interpretation (VMCAI’04), LNCS, pp. 239–251. Springer (2004)
Secci, S., Spoto, F.: Pair-sharing analysis of object-oriented programs. In: Proceedings of SAS’05, vol. 3672 of LNCS, pp. 320–335. Springer (2005)
Smans, J., Jacobs, B., Piessens, F., Schulte, W.: An automatic verifier for Java-like programs based on dynamic frames. In: Proceeding of FASE’08, vol. 4961 of LNCS, pp. 261–275. Springer (2008)
Spoto, F., Hill, P.M., Payet, E.: Path-length analysis of object-oriented programs. In: Proceeding of EAAI’06. http://profs.sci.univr.it/spoto/papers.html (2006)
Wegbreit, B.: Mechanical program analysis. Commun ACM 18(9), 528–539 (1975)
Weiß, B.: Deductive verification of object-oriented software: dynamic frames, dynamic logic and predicate abstraction. Ph.D. thesis, Karlsruhe Institute of Technology (2011)
Acknowledgments
We gratefully thank the anonymous referees for many useful comments and suggestions that greatly helped to improve this article. This work was funded partially by the EU Project FP7-ICT-610582 ENVISAGE: Engineering Virtualized Services (http://www.envisage-project.eu), by the Spanish MINECO Project TIN2012-38137, and by the CM Project S2013/ICE-3006.
Author information
Authors and Affiliations
Corresponding author
Appendix: JML annotations overview
Appendix: JML annotations overview
Rights and permissions
About this article
Cite this article
Albert, E., Bubel, R., Genaim, S. et al. A formal verification framework for static analysis. Softw Syst Model 15, 987–1012 (2016). https://doi.org/10.1007/s10270-015-0476-y
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10270-015-0476-y