Dafny: An Automatic Program Verifier for Functional Correctness

Leino, K. Rustan M.

doi:10.1007/978-3-642-17511-4_20

Cited by 586 publications

(369 citation statements)

References 34 publications

Supporting

Mentioning

365

Contrasting

Unclassified

Order By: Relevance

“…The presence of this location in the assignable clause actually causes erasure of information about this location from the current verification context upon a setFandUnlock method call, because no postcondition can be specified that would give the new value of this location. In other verification systems the mechanism of erasing information is typically called havocing [16], in the Java Dynamic Logic it is called anonymisation, and incidentally it also gives us the base for showing that specifications are self-framed w.r.t. permissions in JDL.…”

Section: Examples Of Sound and Unsound Specificationsmentioning

confidence: 99%

Dynamic Frames Based Verification Method for Concurrent Java Programs

Mostowski

2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. In this paper we discuss a verification method for concurrent Java programs based on the concept of dynamic frames. We build on our earlier work that proposes a new, symbolic permission system for concurrent reasoning and we provide the following new contributions. First, we describe our approach for proving program specifications to be self-framed w.r.t. permissions, which is a necessary condition to maintain soundness in concurrent reasoning. Second, we show how we use predicates to provide modular and reusable specifications for program synchronisation points, like locks or forked threads. Our work primarily targets the KeY verification system with its specification language JML * and symbolic execution proving method. Hence, we also give the current status of the work on implementation and we discuss some examples that are verifiable with KeY.

show abstract

Section: Examples Of Sound and Unsound Specificationsmentioning

confidence: 99%

Dynamic Frames Based Verification Method for Concurrent Java Programs

Mostowski

2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…However, Leino has recently developed a proof in Dafny of the standard functional recursive algorithm, as well as an alternative version of the iterative algorithm based on ranges. Both can be found in the Dafny test suite [11]. Also, to the best our knowledge, there is no exiting version of iterative quicksort based on pivots.…”

Section: Contributionsmentioning

confidence: 99%

Quicksort Revisited

Certezeanu

Drossopoulou

Egelund-Muller

et al. 2016

Theory and Practice of Formal Methods

Self Cite

View full text Add to dashboard Cite

show abstract

“…Dafny [4] is an imperative sequential programming language which supports generic classes, dynamic allocation and inductive datatypes and has its own specification constructs. A Dafny program may contain both specification and implementation details.…”

Section: Dafnymentioning

confidence: 99%

“…This paper presents work in progress on a tool-supported development approach by linking two existing verification tools, Rodin [2] and Dafny [4]. The Rodin platform supports the creation and verification of Event-B formal models.…”

Section: Introductionmentioning

confidence: 99%

From Event-B Models to Dafny Code Contracts

Dalvandi

Butler

Rezazadeh

2015

Fundamentals of Software Engineering

View full text Add to dashboard Cite

Abstract. The constructive approach to software correctness aims at formal modelling and verification of the structure and behaviour of a system in different levels of abstraction. In contrast, the analytical approach to software verification focuses on code level correctness and its verification. Therefore it would seem that the constructive and analytical approaches should complement each other well. To demonstrate this idea we present a case for linking two existing verification methods, Event-B (constructive) and Dafny (analytical). This approach combines the power of Event-B abstraction and its stepwise refinement with the verification capabilities of Dafny. We presented a small case study to demonstrate this approach and outline of the rules for transforming Event-B events to Dafny contracts. Finally, a tool for automatic generation of Dafny contracts from Event-B formal models is presented.

show abstract

Dafny: An Automatic Program Verifier for Functional Correctness

Cited by 586 publications

References 34 publications

Dynamic Frames Based Verification Method for Concurrent Java Programs

Dynamic Frames Based Verification Method for Concurrent Java Programs

Quicksort Revisited

From Event-B Models to Dafny Code Contracts

Contact Info

Product

Resources

About