Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

Finding bugs with a constraint solver

Finding bugs with a constraint solver Finding Bugs with a Constraint Solver Finding Bugs with Constraint Solver Daniel Jackson & Mandana Vaziri MIT Laboratory for Computer Science 545 Technology Square Cambridge, Massachusetts 02139 {dnj, vaziri}@lcs.mit.edu ABSTRACT A method for finding bugs in code is presented. For given small numbers j and k, the code of a procedure is translated into a relational formula whose models represent all execution traces that involve at most j heap cells and k loop iterations. This formula is conjoined with the negation of the procedure ™s specification. The models of the resulting formula, obtained using a constraint solver, are counterexamples: executions of the code that violate the specification. The method can analyze millions of executions in seconds, and thus rapidly expose quite subtle flaws. It can accommodate calls to procedures for which specifications but no code is available. A range of standard properties (such as absence of null pointer dereferences) can also be easily checked, using predefined specifications. KEYWORDS Detecting bugs; relational formulas; Alloy language; constraint solvers; testing; static analysis; model checking. 1 INTRODUCTION This paper describes a method for finding bugs in code. It requires no user input beyond a specification, is completely automatic, and, when a bug http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png ACM SIGSOFT Software Engineering Notes Association for Computing Machinery

Finding bugs with a constraint solver

Loading next page...
 
/lp/association-for-computing-machinery/finding-bugs-with-a-constraint-solver-KvRDoCqtgn

References

References for this paper are not available at this time. We will be adding them shortly, thank you for your patience.

Publisher
Association for Computing Machinery
Copyright
Copyright © 2000 by ACM Inc.
ISSN
0163-5948
DOI
10.1145/347636.383378
Publisher site
See Article on Publisher Site

Abstract

Finding Bugs with a Constraint Solver Finding Bugs with Constraint Solver Daniel Jackson & Mandana Vaziri MIT Laboratory for Computer Science 545 Technology Square Cambridge, Massachusetts 02139 {dnj, vaziri}@lcs.mit.edu ABSTRACT A method for finding bugs in code is presented. For given small numbers j and k, the code of a procedure is translated into a relational formula whose models represent all execution traces that involve at most j heap cells and k loop iterations. This formula is conjoined with the negation of the procedure ™s specification. The models of the resulting formula, obtained using a constraint solver, are counterexamples: executions of the code that violate the specification. The method can analyze millions of executions in seconds, and thus rapidly expose quite subtle flaws. It can accommodate calls to procedures for which specifications but no code is available. A range of standard properties (such as absence of null pointer dereferences) can also be easily checked, using predefined specifications. KEYWORDS Detecting bugs; relational formulas; Alloy language; constraint solvers; testing; static analysis; model checking. 1 INTRODUCTION This paper describes a method for finding bugs in code. It requires no user input beyond a specification, is completely automatic, and, when a bug

Journal

ACM SIGSOFT Software Engineering NotesAssociation for Computing Machinery

Published: Sep 1, 2000

There are no references for this article.