Experience Report on Formally Verifying Parts of OpenJDK's API with KeY

11/27/2018
by   Alexander Knüppel, et al.
0

Deductive verification of software has not yet found its way into industry, as complexity and scalability issues require highly specialized experts. The long-term perspective is, however, to develop verification tools aiding industrial software developers to find bugs or bottlenecks in software systems faster and more easily. The KeY project constitutes a framework for specifying and verifying software systems, aiming at making formal verification tools applicable for mainstream software development. To help the developers of KeY, its users, and the deductive verification community, we summarize our experiences with KeY 2.6.1 in specifying and verifying real-world Java code from a users perspective. To this end, we concentrate on parts of the Collections-API of OpenJDK 6, where an informal specification exists. While we describe how we bridged informal and formal specification, we also exhibit accompanied challenges that we encountered. Our experiences are that (a) in principle, deductive verification for API-like code bases is feasible, but requires high expertise, (b) developing formal specifications for existing code bases is still notoriously hard, and (c) the under-specification of certain language constructs in Java is challenging for tool builders. Our initial effort in specifying parts of OpenJDK 6 constitutes a stepping stone towards a case study for future research.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
11/11/2019

Verifying OpenJDK's LinkedList using KeY

As a particular case study of the formal verification of state-of-the-ar...
research
01/09/2023

Case studies of development of verified programs with Dafny for accessibility assessment

Formal verification techniques aim at formally proving the correctness o...
research
09/10/2018

A case study in formal verification of a Java program

We describe a successful attempt to formally verify a simple genetic alg...
research
10/19/2020

Verifying Correct Usage of Context-Free API Protocols (Extended Version)

Several real-world libraries (e.g., reentrant locks, GUI frameworks, ser...
research
09/03/2018

Deductive Verification of Unmodified Linux Kernel Library Functions

This paper presents results from the development and evaluation of a ded...
research
05/06/2019

Interactive Semi-automated Specification Mining for Debugging: An Experience Report

Context: Specification mining techniques are typically used to extract t...
research
09/20/2018

Should I Bug You? Identifying Domain Experts in Software Projects Using Code Complexity Metrics

In any sufficiently complex software system there are experts, having a ...

Please sign up or login with your details

Forgot password? Click here to reset