Verification of Array, Record, and Pointer Operations in Pascal

Luckham, David C.; Suzuki, Norihisa

doi:10.1145/357073.357078

Cited by 57 publications

(25 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Introducing pointers in a Hoare-style assertion logic and using a proof assistant for proving pointer programs goes back to the late seventies [9], where the Stanford Pascal Program Verifier was used. A more recent reference is [5], using the Jape proof editor.…”

Section: Related Work and Conclusionmentioning

confidence: 99%

Certified Absence of Dangling Pointers in a Language with Explicit Deallocation

Dios

Montenegro

Peña

2010

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Safe is a first-order eager functional language with facilities for programmer controlled destruction of data structures. It provides also regions, i.e. disjoint parts of the heap, where the program allocates data structures, so that the runtime system does not need a garbage collector. A region is a collection of cells, each one big enough to allocate a data constructor. Deallocating cells or regions may create dangling pointers. The language is aimed at inferring and certifying memory safety properties in a Proof Carrying Code like environment. Some of its analyses have been presented elsewhere. The one relevant to this paper is a type system and a type inference algorithm guaranteeing that well-typed programs will be free of dangling pointers at runtime. Here we present how to generate formal certificates about the absence of dangling pointers property inferred by the compiler. The certificates are Isabelle/HOL proof scripts which can be proof-checked by this tool when loaded with a database of previously proved theorems. The key idea is proving an Isabelle/HOL theorem for each syntactic construction of the language, relating the static types inferred by the compiler to the dynamic properties about the heap that will be satisfied at runtime.

show abstract

Section: Related Work and Conclusionmentioning

confidence: 99%

Certified Absence of Dangling Pointers in a Language with Explicit Deallocation

Dios

Montenegro

Peña

2010

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Our work is thus best compared to other work on mechanical or at least formal verification of pointer programs using variants of traditional (general purpose) Hoare logic. Historically, some of the first formal verification of pointer programs in [11] (and later [10]) used a model where the store is incorporated in the assertion logic. More recent is the verification of several algorithms, including list manipulating programs and the SchorrWaite graph-marking algorithm, by Bornat [5] using the Jape system.…”

Section: Conclusion and Related Workmentioning

confidence: 99%

Automatic Certification of Heap Consumption

Beringer

Hofmann

Momigliano

et al. 2005

Logic for Programming, Artificial Intelligence, and Reasoning

View full text Add to dashboard Cite

Abstract. We present a program logic for verifying the heap consumption of low-level programs. The proof rules employ a uniform assertion format and have been derived from a general purpose program logic [1]. In a proof-carrying code scenario, the inference of invariants is delegated to the code provider, who employs a certifying compiler that generates a certificate from program annotations and analysis. The granularity of the proof rules matches that of the linear type system presented in [6], which enables us to perform verification by replaying typing derivations in a theorem prover, given the specifications of individual methods. The resulting verification conditions are of limited complexity, and are automatically discharged. We also outline a proof system that relaxes the linearity restrictions and relates to the type system of usage aspects presented in [2].

show abstract

“…, e n ) → e}. This approach is the standard extension of the Hoare calculus to handle arrays and is described fully in [22]. We strengthen the precondition of this rule to ensure that both the Array Declaration: …”

Section: Safety Policymentioning

confidence: 99%

Synthesizing Certified Code

Whalen

Schumann

Fischer

2002

FME 2002:Formal Methods—Getting IT Right

View full text Add to dashboard Cite

Abstract. Code certification is a lightweight approach for formally demonstrating software quality. Its basic idea is to require code producers to provide formal proofs that their code satisfies certain quality properties. These proofs serve as certificates that can be checked independently. Since code certification uses the same underlying technology as program verification, it requires detailed annotations (e.g., loop invariants) to make the proofs possible. However, manually adding annotations to the code is time-consuming and error-prone. We address this problem by combining code certification with automatic program synthesis. Given a high-level specification, our approach simultaneously generates code and all annotations required to certify the generated code. We describe a certification extension of AutoBayes, a synthesis tool for automatically generating data analysis programs. Based on built-in domain knowledge, proof annotations are added and used to generate proof obligations that are discharged by the automated theorem prover E-SETHEO. We demonstrate our approach by certifying operator-and memory-safety on a data-classification program. For this program, our approach was faster and more precise than PolySpace, a commercial static analysis tool.

show abstract

Verification of Array, Record, and Pointer Operations in Pascal

Cited by 57 publications

References 11 publications

Certified Absence of Dangling Pointers in a Language with Explicit Deallocation

Certified Absence of Dangling Pointers in a Language with Explicit Deallocation

Automatic Certification of Heap Consumption

Synthesizing Certified Code

Contact Info

Product

Resources

About