Typestate verification: abstraction techniques and complexity results

Authors:
J. Field;D. Goyal;G. Ramalingam;E. Yahav
Affiliations:
IBM T.J. Watson Research Center, Yorktown Heights, NY;Calypto Design Systems Inc., Santa Clara, CA and IBM T.J. Watson Research Center, Yorktown Heights, NY;IBM T.J. Watson Research Center, Yorktown Heights, NY;School of Computer Science, Tel-Aviv University, Tel-Aviv, Israel
Venue:
Science of Computer Programming - Special issue: Static analysis symposium (SAS 2003)
Year:
2005

Citing 27
Cited 3

Typestate: A programming language concept for enhancing software reliability

IEEE Transactions on Software Engineering
Pointer-induced aliasing: a problem classification

POPL '91 Proceedings of the 18th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Undecidability of static analysis

ACM Letters on Programming Languages and Systems (LOPLAS)
The undecidability of aliasing

ACM Transactions on Programming Languages and Systems (TOPLAS)
Precise interprocedural dataflow analysis via graph reachability

POPL '95 Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Verification of concurrent software with FLAVERS

ICSE '97 Proceedings of the 19th international conference on Software engineering
On the complexity of flow-sensitive dataflow analyses

Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Model checking

Model checking
Making abstract interpretations complete

Journal of the ACM (JACM)
Bandera: extracting finite-state models from Java source code

Proceedings of the 22nd international conference on Software engineering
Enforcing high-level protocols in low-level software

Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Automatic predicate abstraction of C programs

Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Automatically validating temporal safety properties of interfaces

SPIN '01 Proceedings of the 8th international SPIN workshop on Model checking of software
Role analysis

POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Lazy abstraction

POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Flow-sensitive type qualifiers

PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Adoption and focus: practical linear types for imperative programming

PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
ESP: path-sensitive program verification in polynomial time

PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Deriving specialized program analyses for certifying component-client conformance

PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Extended static checking for Java

PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
A Discipline of Programming

A Discipline of Programming
Principles of Program Analysis

Principles of Program Analysis
Extending Typestate Checking Using Conditional Liveness Analysis

IEEE Transactions on Software Engineering
Construction of Abstract State Graphs with PVS

CAV '97 Proceedings of the 9th International Conference on Computer Aided Verification
Counterexample-Guided Abstraction Refinement

CAV '00 Proceedings of the 12th International Conference on Computer Aided Verification
Using Programmer-Written Compiler Extensions to Catch Security Holes

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Verifying safety properties using separation and heterogeneous abstractions

Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation

The case for analysis preserving language transformation

Proceedings of the 2006 international symposium on Software testing and analysis
Types and higher-order recursion schemes for verification of higher-order programs

Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Reference count analysis with shallow aliasing

Information Processing Letters

Quantified Score

Hi-index	0.02

Visualization

Abstract

We consider the problem of typestate verification for shallow programs; i.e., programs where pointers from program variables to heap-allocated objects are allowed, but where heap-allocated objects may not themselves contain pointers. We prove a number of results relating the complexity of verification to the nature of the finite state machine used to specify the property. Some properties are shown to be intractable, but others which appear to be quite similar admit polynomial-time verification algorithms. Our results serve to provide insight into the inherent complexity of important classes of verification problems. In addition, the program abstractions used for the polynomial-time verification algorithms may be of independent interest.