Typestate: A programming language concept for enhancing software reliability
IEEE Transactions on Software Engineering
Introduction to algorithms
Contracts: specifying behavioral compositions in object-oriented systems
OOPSLA/ECOOP '90 Proceedings of the European conference on object-oriented programming on Object-oriented programming systems, languages, and applications
Analysis patterns: reusable objects models
Analysis patterns: reusable objects models
Ownership types for flexible alias protection
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Enforcing high-level protocols in low-level software
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
The SLAM project: debugging system software via static analysis
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Flow-sensitive type qualifiers
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Ownership types for object encapsulation
POPL '03 Proceedings of the 30th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Simplify: a theorem prover for program checking
Journal of the ACM (JACM)
Effective typestate verification in the presence of aliasing
Proceedings of the 2006 international symposium on Software testing and analysis
Mop: an efficient and generic runtime verification framework
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Companion to the 22nd ACM SIGPLAN conference on Object-oriented programming systems and applications companion
Runtime Monitoring of Object Invariants with Guarantee
Runtime Verification
The spec# programming system: an overview
CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
VSTTE '08 Proceedings of the 2nd international conference on Verified Software: Theories, Tools, Experiments
ATVA '08 Proceedings of the 6th International Symposium on Automated Technology for Verification and Analysis
Online inference and enforcement of temporal properties
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 1
An empirical study of object protocols in the wild
Proceedings of the 25th European conference on Object-oriented programming
A systematic mapping study on the combination of static and dynamic quality assurance techniques
Information and Software Technology
Residual investigation: predictive and precise bug detection
Proceedings of the 2012 International Symposium on Software Testing and Analysis
| Hi-index | 0.00 |
In this paper, we consider object protocols that constrain interactions between objects in a program. Several such protocols have been proposed in the literature. For many APIs (such as JDOM, JDBC), API designers constrain how API clients interact with API objects. In practice, API clients violate such constraints, as evidenced by postings in discussion forums for these APIs. Thus, it is important that API designers specify constraints using appropriate object protocols and enforce them. The goal of an object protocol is expressed as a protocol invariant. Fundamental properties such as ownership can be expressed as protocol invariants. We present a language, PROLANG, to specify object protocols along with their protocol invariants, and a tool, INVCOP++, to check if a program satisfies a protocol invariant. INVCOP++ separates the problem of checking if a protocol satisfies its protocol invariant (called protocol correctness), from the problem of checking if a program conforms to a protocol (called program conformance). The former is solved using static analysis, and the latter using runtime analysis. Due to this separation (1) errors made in protocol design are detected at a higher level of abstraction, independent of the program's source code, and (2) performance of conformance checking is improved as protocol correctness has been verified statically. We present theoretical guarantees about the way we combine static and runtime analysis, and empirical evidence that our tool INVCOP++ finds usage errors in widely used APIs. We also show that statically checking protocol correctness greatly optimizes the overhead of checking program conformance, thus enabling API clients to test whether their programs use the API as intended by the API designer.