Proving well-formedness of interface specifications
نویسندگان
چکیده
Automated software verification systems, that try to prove the correctness of a program, use specifications in the code as a base to verify said program. When this specification includes calls to sideeffect free methods, the verification system might want to use the specification of these side-effect free methods to have more information available for its correctness proofs. Unfortunately, the specifications of these side-effect free methods can be ill-formed, which can introduce unsoundness to the verification system. For some sources of this unsoundness, like unfeasible postconditions, solutions are already found and implemented. Other ill-formedness issues, like non well-founded recursion in specifications, are known and met by syntactic rules that solve them, but are stricter than they need to be, thus disallowing a range of specifications, that are not ill-formed at all. The goal of this thesis was to find proof obligations that prove, that a given method specification or class invariant is well-formed and thus safe to use for correctness proofs. These proof obligations were then implemented in the automated software verification system Boogie to filter out non well-formed specifications.
منابع مشابه
Well-Formedness Guarantees for ACL2 Metafunctions and Clause Processors
Some runtime checks can be safely removed from code if appropriate program properties are proved. We describe how we have applied this idea to the ACL2 theorem prover to speed up the application of user-defined proof procedures. In particular, we discuss how and why we have added a new feature to ACL2 that allows the user to verify certain well-formedness properties of the expressions produced ...
متن کاملProving Entailment Between Conceptual State Specifications
The lack of expressive power of temporal logic as a speciication language can be compensated to a certain extent by the introduction of powerful, high-level temporal operators, which are diicult to understand and reason about. A more natural way to increase the expressive power of a temporal speciication language is by introducing conceptual state variables, which are auxiliary (unimplemented) ...
متن کاملAnalyzing Tabular and State-Transition Requirements Specifications in PVS
\_' (lescribe PVS's capabilities for representing tabular specifications of the kind advocated t)y Parnas and others, and show how PVS's Type Correctness Conditions (TCCs) are used to ensure certain well-formedness properties. We then show how these and other capabilities of PVS can be used to represent the AND/OR tables of Leveson and the Decision Tables of Sherry, and we demonstrate how PVS_s...
متن کاملChecking Well-Formedness of Pure-Method Specifications
Contract languages such as JML and Spec# specify invariants and preand postconditions using side-effect free expressions of the programming language, in particular, pure methods. For such contracts to be meaningful, they must be well-formed: First, they must respect the partiality of operations, for instance, the preconditions of pure methods used in the contract. Second, they must enable a con...
متن کاملMathematical Vernacular and Conceptual Well-Formedness in Mathematical Language
This paper investigates the semantics of mathematical concepts in a type theoretic framework with coercive subtyping. The type-theoretic analysis provides a formal semantic basis in the design and implementation of Mathematical Vernacular (MV), a natural language suitable for interactive development of mathematics with the support of the current theorem proving technology. The idea of semantic ...
متن کامل