This paper formalizes future conditions, which complement traditional pre- and post-conditions to provide a more comprehensive specification of each function’s behaviour and expectation. Pre-conditions govern the required states before each function call, while post-conditions define the immediate outcomes (post-states) upon completion. Future conditions extend this paradigm by specifying expected temporal behaviors and states that manifest after the function call has finished, potentially affecting subsequent operations or program states. Together, these three types of conditions form a robust specification mechanism for reasoning about API behaviors across various temporal contexts. However, existing techniques for reasoning about future conditions have three key limitations: inefficient entailment checking, under-approximation of program behaviors, and bounded loop unrolling. To address these challenges, we propose a set of over-approximating Hoare-style forward rules that accommodate future conditions that are processed once per method declaration. Moreover, we propose a novel solution for modelling recursive behaviors via a bag of future conditions, which can be heuristically synthesized and verified in the verification system. We formally prove the soundness of our proposal in Coq and use experimental results to demonstrate its effectiveness in detecting non-trivial, real-world API misuses.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Specifying and Verifying Future Conditions

  • Yahui Song,
  • Darius Foo,
  • Wei-Ngan Chin

摘要

This paper formalizes future conditions, which complement traditional pre- and post-conditions to provide a more comprehensive specification of each function’s behaviour and expectation. Pre-conditions govern the required states before each function call, while post-conditions define the immediate outcomes (post-states) upon completion. Future conditions extend this paradigm by specifying expected temporal behaviors and states that manifest after the function call has finished, potentially affecting subsequent operations or program states. Together, these three types of conditions form a robust specification mechanism for reasoning about API behaviors across various temporal contexts. However, existing techniques for reasoning about future conditions have three key limitations: inefficient entailment checking, under-approximation of program behaviors, and bounded loop unrolling. To address these challenges, we propose a set of over-approximating Hoare-style forward rules that accommodate future conditions that are processed once per method declaration. Moreover, we propose a novel solution for modelling recursive behaviors via a bag of future conditions, which can be heuristically synthesized and verified in the verification system. We formally prove the soundness of our proposal in Coq and use experimental results to demonstrate its effectiveness in detecting non-trivial, real-world API misuses.