Presentation is loading. Please wait.

Presentation is loading. Please wait.

Program Verification: Theory and Practice Sriram K. Rajamani Microsoft Research India (with thanks to Tom Ball for material from his course)

Published byMelissa Carter Modified over 10 years ago

Similar presentations

Presentation on theme: "Program Verification: Theory and Practice Sriram K. Rajamani Microsoft Research India (with thanks to Tom Ball for material from his course)"— Presentation transcript:

1 Program Verification: Theory and Practice Sriram K. Rajamani Microsoft Research India (with thanks to Tom Ball for material from his course)

2 2 Organization Instructors –Deepak DSouza, IISc –Aditya Nori, MSR India –Sriram K. Rajamani, MSR India Teaching Assistant –Madhu Gopinathan, IISc

3 3 PROBLEM

4 4 Software validation problem Does the software work?

5 5 Software validation problem Does the software work? I hope it doesnt crash! I hope it still interoperates with my other software in the same way as the previous version! I hope some hacker cannot steal all my money, and publish all my email on the web I hope it can handle my peak transaction load

6 6 How do we do software validation? Testing: The old-fashioned way Run it and see if it works Fix it if it doesnt work Ship it if it doesnt crash!

7 7 What is wrong with testing?

8 8

9 9 Program Verification The algorithmic discovery of properties of a program by inspection of the source text - Manna and Pnueli, Algorithmic Verification Also known as: static analysis, static program analysis, formal methods,….

10 10 Difficulty of program verification What will you prove? –Specification of a complex software is as complex as the software itself Deep specifications of software are hard to prove –State-of-art in tools and automation not good enough

11 11 Elusive triangle 11 Large programs Deep properties Automation We will let go of this one!

12 12

13 13 void Foo( int * ptr, int const * ptrToConst, int * const constPtr, int const * const constPtrToConst ) { *ptr = 0; ptr = 0; *ptrToConst = 0; ptrToConst = 0; *constPtr = 0; constPtr = 0; *constPtrToConst = 0; constPtrToConst = 0; }

14 14 void Foo( int * ptr, int const * ptrToConst, int * const constPtr, int const * const constPtrToConst ) { *ptr = 0; // OK: modifies the pointee ptr = 0; // OK: modifies the pointer *ptrToConst = 0; // Error! Cannot modify the pointee ptrToConst = 0; // OK: modifies the pointer *constPtr = 0; // OK: modifies the pointee constPtr = 0; // Error! Cannot modify the pointer *constPtrToConst = 0; // Error! Cannot modify the pointee constPtrToConst = 0; // Error! Cannot modify the pointer }

15 15

16 16

17 17 http://en.wikipedia.org/wiki/Microsoft_Platform_SDK http://www.microsoft.com/whdc/devtools/tools/sdv.mspx http://www.gotdotnet.com/team/fxcop/ http://research.microsoft.com/specsharp/

18 18

19 19

20 20

21 21 Worse is better, also called the New Jersey style, is the name of a computer software design approach (or design philosophy) in which simplicity of both interface and implementation is more important than any other system attribute (including correctness, consistency, and completeness). computersoftware designdesign philosophyinterface http://en.wikipedia.org/wiki/Worse_is_Better

22 22 http://en.wikipedia.org/wiki/Robert_Tappan_Morris

23 23

24 24

25 25

26 26 Do I need to annotate my program before I can use the tool? How long does the tool take to run? How do I manage the huge number of error messages initially produced? How can I suppress false alarms (an incorrect error message)? What do I know about my program when the tool reports no errors? How can I extend the checking capability of the tool?

27 27 unreachable States reachable init unsafe

28 28

29 29

30 30

31 31 Reading assignment… Read Findbugs paper http://portal.acm.org/citation.cfm?doid=110 8792.1108798 http://portal.acm.org/citation.cfm?doid=110 8792.1108798 Read Java Bytecode Verification paper http://Gallium.inria.fr/~xleroy/publi/survey- bytecode-verification.ps.gz

Download ppt "Program Verification: Theory and Practice Sriram K. Rajamani Microsoft Research India (with thanks to Tom Ball for material from his course)"

Similar presentations

TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST

TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST
Advanced Piloting Cruise Plot.

Advanced Piloting Cruise Plot.
Our library has two forms of encyclopedias: Hard copy and electronic versions. The first is simply the old-fashioned book on the shelf type of encyclopedia.

Our library has two forms of encyclopedias: Hard copy and electronic versions. The first is simply the old-fashioned "book on the shelf" type of encyclopedia.
© 2008 Pearson Addison Wesley. All rights reserved Chapter Seven Costs.

© 2008 Pearson Addison Wesley. All rights reserved Chapter Seven Costs.
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.

Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
Chapter 1 The Study of Body Function Image PowerPoint

Chapter 1 The Study of Body Function Image PowerPoint
Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.

Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.
Author: Julia Richards and R. Scott Hawley

Author: Julia Richards and R. Scott Hawley
1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.
Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.

Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.
UNITED NATIONS Shipment Details Report – January 2006.

UNITED NATIONS Shipment Details Report – January 2006.
Business Transaction Management Software for Application Coordination 1 www.choreology.com Business Processes and Coordination.

Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Title Subtitle.

Title Subtitle.
My Alphabet Book abcdefghijklm nopqrstuvwxyz.

My Alphabet Book abcdefghijklm nopqrstuvwxyz.
DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.

DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.

FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.
Addition Facts 1 - 20.

Addition Facts
Year 6 mental test 5 second questions

Year 6 mental test 5 second questions

Similar presentations

Ads by Google