• PDF / 364,750 Bytes
• 12 Pages / 430 x 660 pts Page_size
• 64 Downloads / 228 Views

DOWNLOAD

REPORT

MIT Computer Science and Artificial Intelligence Laboratory; Cambridge, USA 2 ´ Ecole Polytechnique F´ed´erale de Lausanne; Lausanne, Switzerland 3 University of California, San Diego; La Jolla, USA {kkz,rinard}@csail.mit.edu, [email protected], [email protected]

Abstract. The process of verifying that a program conforms to its specification is often hampered by errors in both the program and the specification. A runtime checker that can evaluate formal specifications can be useful for quickly identifying such errors. This paper describes our preliminary experience with incorporating run-time checking into the Jahob verification system and discusses some lessons we learned in this process. One of the challenges in building a runtime checker for a program verification system is that the language of invariants and assertions is designed for simplicity of semantics and tractability of proofs, and not for run-time checking. Some of the more challenging constructs include existential and universal quantification, set comprehension, specification variables, and formulas that refer to past program states. In this paper, we describe how we handle these constructs in our runtime checker, and describe directions for future work.

1

Introduction

This paper explores the use of a run-time checker in a program verification system Jahob [29]. Our program verification system can prove that the specified program properties hold in all program executions. The system attempts to prove properties using loop invariant inference algorithms [42], decision procedures [30], and theorem provers [8]. As in many other static analysis systems [3, 14] this process has the property that if a correctness proof is found, then the desired property of the program holds in all executions. However, if a proof is not found, this could be either because the property does not hold (there is an error in specification or code), or because the example triggered a limitation of the static verification system (for example, imprecision of loop invariant inference, or limitation of the theorem proving engines). In contrast, run-time checking [11, 12, 13] compiles specifications into executable code and executes the specifications while the program is running. Although run-time checking alone cannot guarantee the absence of errors, it can identify concrete executions when errors do appear. Run-time checking is therefore complementary to static verification. Run-time checking is especially useful when developing the code and specifications, when the specifications and code are likely to contain errors due to developer’s errors in formalizing the desired properties. O. Sokolsky and S. Tasiran (Eds.): RV 2007, LNCS 4839, pp. 202–213, 2007. c Springer-Verlag Berlin Heidelberg 2007 

Runtime Checking for Program Verification

203

Combining static and run-time checking. Given the complementary nature of these techniques, recent verification systems for expressive properties such as Spec# [3] and JML tools [14, 33] include both a static verifier and a run-time checker that can oper

Recommend Documents

Generating Inductive Shape Predicates for Runtime Checking and Formal Verification

203 12 28MB

BDDs for Representing Data in Runtime Verification

177 56 33MB

ROSMonitoring: A Runtime Verification Framework for ROS

323 47 65MB

Declarative Stream Runtime Verification (hLola)

166 72 17MB

Efficient Runtime Assertion Checking for Properties over Mathematical Numbers

157 6 33MB

First-Order Timed Runtime Verification Using BDDs

167 71 19MB

Actor-Based Runtime Verification with MESA

146 62 33MB

Runtime Verification of Contracts with Themulus

163 13 15MB

Embedding Online Runtime Verification for Fault Disambiguation on Robonaut2

167 100 15MB

Post-Silicon and Runtime Verification for Modern Processors

184 89 3MB

An Interface Theory for Program Verification

157 81 28MB

Integrating Runtime Verification into an Automated UAS Traffic Management System

162 95 48MB