Program Checking with Less Hassle

  • Julian Tschannen
  • Carlo A. Furia
  • Martin Nordio
  • Bertrand Meyer
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8164)


The simple and often imprecise specifications that programmers may write are a significant limit to a wider application of rigorous program verification techniques. Part of the reason why non-specialists find writing good specification hard is that, when verification fails, they receive little guidance as to what the causes might be, such as implementation errors or inaccurate specifications. To address these limitations, this paper presents two-step verification, a technique that combines implicit specifications, inlining, and loop unrolling to provide improved user feedback when verification fails. Two-step verification performs two independent verification attempts for each program element: one using standard modular reasoning, and another one after inlining and unrolling; comparing the outcomes of the two steps suggests which elements should be improved. Two-step verification is implemented in AutoProof, our static verifier for Eiffel programs integrated in EVE (the Eiffel Verification Environment) and available online.


Binary Search Java Modeling Language Implicit Contract Program Check Unrolled Loop 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Weide, B.W., et al.: Incremental benchmarks for software verification tools and techniques. In: Shankar, N., Woodcock, J. (eds.) VSTTE 2008. LNCS, vol. 5295, pp. 84–98. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  2. 2.
    Barnett, M., Leino, K.R.M., Schulte, W.: The Spec# programming system: An overview. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362, pp. 49–69. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  3. 3.
    Beyer, D., Henzinger, T.A., Jhala, R., Majumdar, R.: The software model checker Blast. STTT 9(5-6), 505–525 (2007)CrossRefGoogle Scholar
  4. 4.
    Bloch, J.: (2006),
  5. 5.
    Bobot, F., Filliâtre, J.-C., Marché, C., Paskevich, A.: Why3: Shepherd your herd of provers. In: Boogie, pp. 53–64 (2011)Google Scholar
  6. 6.
    Bormer, T., et al.: The COST IC0701 verification competition. In: Beckert, B., Damiani, F., Gurov, D. (eds.) FoVeOOS 2011. LNCS, vol. 7421, pp. 3–21. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  7. 7.
    Chalin, P.: Are practitioners writing contracts? In: Butler, M., Jones, C.B., Romanovsky, A., Troubitsyna, E. (eds.) Fault-Tolerant Systems. LNCS, vol. 4157, pp. 100–113. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Chang, B.-Y.E., Leino, K.R.M.: Inferring object invariants. ENTCS 131, 63–74 (2005)Google Scholar
  9. 9.
    Christakis, M., Müller, P., Wüstholz, V.: Collaborative verification and testing with explicit assumptions. In: Giannakopoulou, D., Méry, D. (eds.) FM 2012. LNCS, vol. 7436, pp. 132–146. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  10. 10.
    Cohen, E., Dahlweid, M., Hillebrand, M.A., Leinenbach, D., Moskal, M., Santen, T., Schulte, W., Tobies, S.: VCC: A practical system for verifying concurrent C. In: Berghofer, S., Nipkow, T., Urban, C., Wenzel, M. (eds.) TPHOLs 2009. LNCS, vol. 5674, pp. 23–42. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  11. 11.
    Cok, D.R., Kiniry, J.: ESC/Java2: Uniting ESC/Java and JML. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362, pp. 108–128. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  12. 12.
    Csallner, C., Smaragdakis, Y., Xie, T.: DSD-Crasher: A hybrid analysis tool for bug finding. ACM TOSEM 17(2), 8 (2008)CrossRefGoogle Scholar
  13. 13.
    Dijkstra, E.W.: A Discipline of Programming. Prentice Hall (1976)Google Scholar
  14. 14.
    Ernst, M.D., Cockrell, J., Griswold, W.G., Notkin, D.: Dynamically discovering likely program invariants to support program evolution. IEEE TSE 27(2), 99–123 (2001)Google Scholar
  15. 15.
    Estler, H.-C., Furia, C.A., Nordio, M., Piccioni, M., Meyer, B.: The evolution of contracts (2012),
  16. 16.
    Filliâtre, J.-C., Paskevich, A., Stump, A.: The 2nd verified software competition: Experience report. In: COMPARE, vol. 873, pp. 36–49 (2012)Google Scholar
  17. 17.
    Flanagan, C., Leino, K.R.M., Lillibridge, M., Nelson, G., Saxe, J.B., Stata, R.: Extended static checking for Java. In: PLDI, pp. 234–245. ACM (2002)Google Scholar
  18. 18.
    Furia, C.A., Meyer, B.: Inferring loop invariants using postconditions. In: Blass, A., Dershowitz, N., Reisig, W. (eds.) Fields of Logic and Computation. LNCS, vol. 6300, pp. 277–300. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  19. 19.
    Huisman, M., Klebanov, V., Monahan, R.: VerifyThis verification competition (2012),
  20. 20.
    James, P.R., Chalin, P.: Faster and more complete extended static checking for the Java Modeling Language. J. Autom. Reasoning 44(1-2), 145–174 (2010)CrossRefzbMATHGoogle Scholar
  21. 21.
    Kiniry, J.R., Morkan, A.E., Denby, B.: Soundness and completeness warnings in ESC/Java2. In: SAVCBS, pp. 19–24. ACM (2006)Google Scholar
  22. 22.
    Klebanov, V., et al.: The 1st verified software competition: Experience report. In: Butler, M., Schulte, W. (eds.) FM 2011. LNCS, vol. 6664, pp. 154–168. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  23. 23.
    Knuth, D.E.: The Art of Computer Programming. Addison-Wesley (2011)Google Scholar
  24. 24.
    Kovács, L., Voronkov, A.: Finding loop invariants for programs over arrays using a theorem prover. In: Chechik, M., Wirsing, M. (eds.) FASE 2009. LNCS, vol. 5503, pp. 470–485. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  25. 25.
    Le Goues, C., Leino, K.R.M., Moskal, M.: The Boogie verification debugger. In: Barthe, G., Pardo, A., Schneider, G. (eds.) SEFM 2011. LNCS, vol. 7041, pp. 407–414. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  26. 26.
    Leino, K.R.M.: This is Boogie 2. Technical report, Microsoft Research (2008)Google Scholar
  27. 27.
    Leino, K.R.M.: Dafny: an automatic program verifier for functional correctness. In: Clarke, E.M., Voronkov, A. (eds.) LPAR-16 2010. LNCS, vol. 6355, pp. 348–370. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  28. 28.
    Nordio, M., Calcagno, C., Furia, C.A.: Javanni: A verifier for JavaScript. In: Cortellessa, V., Varró, D. (eds.) FASE 2013. LNCS, vol. 7793, pp. 231–234. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  29. 29.
    Polikarpova, N.: Boogaloo (2012),
  30. 30.
    Polikarpova, N., Ciupa, I., Meyer, B.: A comparative study of programmer-written and automatically inferred contracts. In: ISSTA, pp. 93–104 (2009)Google Scholar
  31. 31.
    Polikarpova, N., Furia, C.A., Pei, Y., Wei, Y., Meyer, B.: What good are strong specifications? In: ICSE, pp. 257–266. ACM (2013)Google Scholar
  32. 32.
    Tinelli, C.: Formal methods in software engineering (2011),
  33. 33.
    Tschannen, J., Furia, C.A., Nordio, M., Meyer, B.: Usable verification of object-oriented programs by combining static and dynamic techniques. In: Barthe, G., Pardo, A., Schneider, G. (eds.) SEFM 2011. LNCS, vol. 7041, pp. 382–398. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  34. 34.
    Tschannen, J., Furia, C.A., Nordio, M., Meyer, B.: Verifying Eiffel programs with Boogie. In: BOOGIE Workshop (2011),
  35. 35.
    Tschannen, J., Furia, C.A., Nordio, M., Meyer, B.: Automatic verification of advanced object-oriented features: The AutoProof approach. In: Meyer, B., Nordio, M. (eds.) LASER 2011. LNCS, vol. 7682, pp. 133–155. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  36. 36.
    Wasylkowski, A., Zeller, A.: Mining temporal specifications from object usage. Autom. Softw. Eng. 18(3-4), 263–292 (2011)CrossRefGoogle Scholar
  37. 37.
    Wei, Y., Furia, C.A., Kazmin, N., Meyer, B.: Inferring better contracts. In: ICSE, pp. 191–200. ACM (2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Julian Tschannen
    • 1
  • Carlo A. Furia
    • 1
  • Martin Nordio
    • 1
  • Bertrand Meyer
    • 1
    • 2
  1. 1.Software EngineeringETH ZurichSwitzerland
  2. 2.ITMO National Research UniversitySt. PetersburgRussia

Personalised recommendations