skip to main content
10.1145/1146238.1146251acmconferencesArticle/Chapter ViewAbstractPublication PagesisstaConference Proceedingsconference-collections
Article

Modular verification of code with SAT

Published: 21 July 2006 Publication History

Abstract

An approach is described for checking the methods of a class against a full specification. It shares with traditional model checking the idea of exhausting the entire space of executions within some finite bounds, and with traditional verification the idea of modular analysis, in which a method is analyzed, in isolation, for all possible calling contexts.The analysis involves an automatic two-phase reduction: first, to an intermediate form in relational logic (using a new encoding described here), and second, to a boolean formula (using existing techniques), which is then handed to an off the shelf SAT solver.A variety of implementations of the Java Collections Framework's List interface were checked against existing JML specifications. The analysis revealed bugs in the implementations, as well as errors in the specifications themselves.

References

[1]
6.170 Laboratory in Software Engineering, Fall 2001. http://www.ocw.mit.edu/OcwWeb/Electrical- Engineering-and-Computer-Science/6-170Fall- 2005/CourseHome/.]]
[2]
GNU Trove: High performance collections for Java. http://trove4j.sourceforge.net/.]]
[3]
Jakarta Commons-Collections. http://jakarta.apache.org/commons/collections/.]]
[4]
JML Specifications for the Java Collections Framework. http://www.cs.iastate.edu/leavens/JMLrelease/javadocs/java/util/Collection.html.]]
[5]
The Alloy Analyzer. http://alloy.mit.edu/.]]
[6]
A. Andoni, D. Daniliuc, S. Khurshid, and D. Marinov. Evaluating the "Small Scope Hypothesis". Technical Report MIT-LCS-TR-921, MIT CSAIL, 2003.]]
[7]
T. Ball and S. K. Rajamani. The SLAM Project: Debugging System Software via Static Analysis. In POPL '02: Proceedings of the 29th ACM Symposium on the Principles of Programming Languages, New York, NY, USA, 2002. ACM Press.]]
[8]
A. Biere, A. Cimatti, E. Clarke, and Y. Zhu. Symbolic Model Checking without BDDs. In 5th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS'99), Amsterdam, The Netherlands, 1999.]]
[9]
C. Boyapati, S. Khurshid, and D. Marinov. Korat: Automated Testing Based on Java Predicates. In ISSTA '02: Proceedings of the 2000 ACM SIGSOFT International Symposium on Software Testing and Analysis, July 2002.]]
[10]
L. Burdy, Y. Cheon, D. Cok, M. D. Ernst, J. Kiniry, G. T. Leavens, K. R. M. Leino, and E. Poll. An overview of JML tools and applications. Software Tools for Technology Transfer, 7(3):212--232, 2005.]]
[11]
C.A.R. Hoare. Proofs of Correctness of Data Representations. Acta Informatica, 1(4), 1972.]]
[12]
S. Chaki, E. Clarke, A. Groce, S. Jha, and H. Veith. Modular Verification of Software Components in C. In ICSE '03: Proceedings of the 25th International Conference on Software Engineering, pages 385--395, Washington, DC, USA, 2003.]]
[13]
A. Cimatti, E. Clarke, F. Giunchiglia, and M. Roveri. NuSMV: A New Symbolic Model Verifier. In 11th International Conference on Computer Aided Verification (CAV'99), Trento, Italy, pages 495--499, July, 2003.]]
[14]
C. Flanagan, K. R. M. Leino, M. Lillibridge, G. Nelson, J. B. Saxe, and R. Stata. Extended Static Checking for Java. In ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation (PLDI'2002), pages 234--245, 2002.]]
[15]
T. A. Henzinger, R. Jhala, R. Majumdar, and G. Sutre. Lazy Abstraction. In POPL '02: Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 58--70, New York, NY, USA, 2002. ACM Press.]]
[16]
G. J. Holzmann. The Model Checker SPIN. In IEEE Trans. Softw. Eng., volume 23, 1997.]]
[17]
D. Jackson. Automating First-Order Relational Logic. In SIGSOFT '00/FSE-8: Proceedings of the 8th ACM SIGSOFT international symposium on Foundations of software engineering, pages 130--139, New York, NY, USA, 2000. ACM Press.]]
[18]
D. Jackson, I. Shlyakhter, and M. Sridharan. A Micromodularity Mechanism. In Proceedings of the ACM SIGSOFT Conference on the Foundations of Software Engineering / European Software Engineering Conference (FSE / ESEC '01), 2001.]]
[19]
D. Jackson and M. Vaziri. Finding Bugs with a Constraint Solver. In ISSTA '00: Proceedings of the 2000 ACM SIGSOFT International Symposium on Software Testing and Analysis, 2000.]]
[20]
D. Jackson. Object Models as Heap Invariants. In Essays on Programming Methodology, edited by Carroll Morgan and Annabelle McIver. Springer Verlag, 2000.]]
[21]
J. C. King. Symbolic execution and program testing. Commun. ACM, 19(7):385--394, 1976.]]
[22]
B. W. Lampson. Software Components: Only the Giants Survive. In K. S. J. Andrew Herbert, editor, Computer Systems: Papers for Roger Needham, Lecture Notes in Computer Science, pages 59--65. Springer-Verlag Berlin, 2004.]]
[23]
T. Lev-Ami and M. Sagiv. TVLA: A System for Implementing Static Analyses. In SAS 2000: Static Analysis, 7th International Symposium, Santa Barbara, CA, USA, volume 1824 of Lecture Notes in Computer Science, pages 280--302, 2000.]]
[24]
D. Marinov and S. Khurshid. TestEra: A Novel Framework for Automated Testing of Java Programs. In ASE '2001: 16th IEEE International Conference on Automated Software Engineering, pages 22--31, 2001.]]
[25]
M. D. McIlroy. Mass-Produced Software Components. In J. M. Buxton, P. Naur, and B. Randell, editors, Software Engineering Concepts and Techniques (1968 NATO Conference of Software Engineering), pages 88--98. NATO Science Committee, Oct 1968.]]
[26]
K. L. McMillan. Symbolic Model Checking. Kluwer Academic Publishers, 1993.]]
[27]
Sun Microsystems. Java Collections Framework. http://java.sun.com/j2se/1.5.0/docs/guide/collections/.]]
[28]
M. Taghdiri. Inferring Specifications to Detect Errors in Code. In ASE '2004: 19th IEEE International Conference on Automated Software Engineering, Linz, Austria, pages 144--153, 2004.]]
[29]
E. Torlak and D. Jackson. The Design of a Relational Engine. Submitted for publication, 2006.]]
[30]
D. Jackson. Software Abstractions: Logic, Language, and Analysis. MIT Press, Cambridge, MA, 2006.]]
[31]
J. van den Berg and B. Jacobs. The LOOP compiler for Java and JML. Lecture Notes in Computer Science, 2031:299+, 2001.]]
[32]
M. Vaziri. Finding Bugs in Software with a Constraint Solver. PhD thesis, Massachusetts Institute of Technology, MA, USA, Feb. 2004.]]
[33]
M. Vaziri and D. Jackson. Checking Heap-Manipulating Procedures with a Constraint Solver. In 9th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2003), 2003.]]
[34]
W. Visser, K. Havelund, G. Brat, and S. Park. Model Checking Programs. In ASE '2000: 15th IEEE International Conference on Automated Software Engineering, pages 3--11, 2000.]]
[35]
Y. Xie and A. Aiken. Saturn: A SAT-Based Tool for Bug Detection. In 17th International Conference on Computer Aided Verification (CAV 2005), Edinburgh, Scotland, UK, 2005.]]

Cited By

View all
  • (2024)Forge: A Tool and Language for Teaching Formal MethodsProceedings of the ACM on Programming Languages10.1145/36498338:OOPSLA1(613-641)Online publication date: 29-Apr-2024
  • (2024)An Analysis of the Impact of Field-Value Instance Navigation in Alloy’s Model FindingRigorous State-Based Methods10.1007/978-3-031-63790-2_9(141-159)Online publication date: 21-Jun-2024
  • (2023)Grisette: Symbolic Compilation as a Functional Programming LibraryProceedings of the ACM on Programming Languages10.1145/35712097:POPL(455-487)Online publication date: 11-Jan-2023
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ISSTA '06: Proceedings of the 2006 international symposium on Software testing and analysis
July 2006
274 pages
ISBN:1595932631
DOI:10.1145/1146238
  • General Chair:
  • Lori Pollock,
  • Program Chair:
  • Mauro Pezzè
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 July 2006

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. SAT
  2. alloy
  3. first-order logic
  4. formal methods
  5. formal verification
  6. software model checking

Qualifiers

  • Article

Conference

ISSTA06
Sponsor:

Acceptance Rates

Overall Acceptance Rate 58 of 213 submissions, 27%

Upcoming Conference

ISSTA '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)9
  • Downloads (Last 6 weeks)0
Reflects downloads up to 17 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Forge: A Tool and Language for Teaching Formal MethodsProceedings of the ACM on Programming Languages10.1145/36498338:OOPSLA1(613-641)Online publication date: 29-Apr-2024
  • (2024)An Analysis of the Impact of Field-Value Instance Navigation in Alloy’s Model FindingRigorous State-Based Methods10.1007/978-3-031-63790-2_9(141-159)Online publication date: 21-Jun-2024
  • (2023)Grisette: Symbolic Compilation as a Functional Programming LibraryProceedings of the ACM on Programming Languages10.1145/35712097:POPL(455-487)Online publication date: 11-Jan-2023
  • (2023)A Study of the Electrum and DynAlloy Dynamic Behavior NotationsIEEE Transactions on Software Engineering10.1109/TSE.2023.332062549:11(4946-4963)Online publication date: Nov-2023
  • (2023)Live Programming for Finite Model Finders2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE)10.1109/ASE56229.2023.00016(1747-1752)Online publication date: 11-Sep-2023
  • (2023)Domain Dependent Parameter Setting in SAT Solver Using Machine Learning TechniquesAgents and Artificial Intelligence10.1007/978-3-031-22953-4_8(169-200)Online publication date: 20-Jan-2023
  • (2022)Impact Analysis of Intelligent Agents in Automatic Fault-Prone Components Prediction and TestingResearch Anthology on Agile Software, Software Development, and Testing10.4018/978-1-6684-3702-5.ch038(746-776)Online publication date: 2022
  • (2022)Efficient Synthesis of Method Call Sequences for Test Generation and Bounded VerificationProceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering10.1145/3551349.3556951(1-12)Online publication date: 10-Oct-2022
  • (2022)ICEBAR: Feedback-Driven Iterative Repair of Alloy SpecificationsProceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering10.1145/3551349.3556944(1-13)Online publication date: 10-Oct-2022
  • (2022)ATR: template-based repair for Alloy specificationsProceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3533767.3534369(666-677)Online publication date: 18-Jul-2022
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media