Abstract
We present Deuterium---a framework for implementing Java methods as executable contracts. Deuterium introduces a novel, type-safe way to write method contracts entirely in Java, as a combination of imperative generators and declarative specifications (written in a first-order relational logic with transitive closure). Existing approaches are typically based on encoding both the specification and the program heap into a constraint language, and then using an off-the-shelf constraint solver---without any additional guidance---to search for a new program heap that satisfies the specification. Deuterium takes advantage of user-provided generators to prune the search space and reduce incurred overhead of constraint solving. Deuterium supports two ways of solving declarative constraints: SAT-based and search-based with in-memory state exploration. We evaluate our approach on a suite of data structures, established as a standard benchmark by prior work. Furthermore, we use random and sequence-based test generation to create a new benchmark designed to mimic realistic execution scenarios. Our results show that generators improve the performance of executable contracts and that in-memory state exploration is the algorithm of choice when heap sizes are small.
Supplemental Material
- Ali Abbassi. 2018. Astra: Evaluating Translations from Alloy to SMT-LIB. http://hdl.handle.net/10012/14286 Ali Abbassi, Nancy A. Day, and Derek Rayside. 2019. Astra Version 1.0: Evaluating Translations from Alloy to SMT-LIB. ArXiv abs/ 1906.05881 ( 2019 ).Google Scholar
- Basel Y. Al-Nafouri. 2004. MintEra: A Testing Environment for Java Programs. Thesis (M. Eng.). Massachusetts Institute of Technology.Google Scholar
- Sahel Alouneh, Sa'ed Abed, Mohammad H. Al Shayeji, and Raed Mesleh. 2018. A Comprehensive Study and Analysis on SAT-Solvers: Advances, Usages and Achievements. Artificial Intelligence Review ( 2018 ), 1-27.Google Scholar
- Thomas Ball and Sriram K Rajamani. 2001. SLIC: A Specification Language for Interface Checking (of C). Technical Report. Technical Report MSR-TR-2001-21, Microsoft Research.Google Scholar
- Mike Barnett, Manuel Fähndrich, K Rustan M Leino, Peter Müller, Wolfram Schulte, and Herman Venter. 2011. Specification and Verification: The Spec# Experience. Commun. ACM 54, 6 ( 2011 ), 81-91.Google Scholar
- Mike Barnett, K. Rustan M. Leino, and Wolfram Schulte. 2005. The Spec# Programming System: An Overview. In Construction and Analysis of Safe, Secure, and Interoperable Smart Devices. 49-69.Google Scholar
- Chandrasekhar Boyapati, Sarfraz Khurshid, and Darko Marinov. 2002. Korat: Automated Testing Based on Java Predicates. In International Symposium on Software Testing and Analysis. 123-133.Google Scholar
Digital Library
- Eric Bruneton, Romain Lenglet, and Thierry Coupaye. 2002. ASM: A Code Manipulation Tool to Implement Adaptable Systems. In Adaptable and Extensible Component Systems.Google Scholar
- Lilian Burdy, Yoonsik Cheon, David R. Cok, Michael D. Ernst, Joseph R. Kiniry, Gary T. Leavens, K. Rustan M. Leino, and Erik Poll. 2005. An Overview of JML Tools and Applications. International Journal on Software Tools for Technology Transfer 7, 3 ( 2005 ), 212-232.Google Scholar
Cross Ref
- Patrice Chalin, Joseph R Kiniry, Gary T Leavens, and Erik Poll. 2005. Beyond Assertions: Advanced Specification and Verification with JML and ESC/Java2. In International Symposium on Formal Methods for Components and Objects. 342-363.Google Scholar
- Patrice Chalin, Robby, Perry R. James, Jooyong Lee, and George Karabotsos. 2010. Towards an Industrial Grade IVE for Java and Next Generation Research Platform for JML. International Journal on Software Tools for Technology Transfer 12, 6 ( 2010 ), 429-446.Google Scholar
Cross Ref
- Koen Claessen, Jonas Duregård, and Michal H Palka. 2014. Generating Constrained Random Data with Uniform Distribution. In International Symposium on Functional and Logic Programming, Vol. 8475. 18-34.Google Scholar
- David R. Cok. 2011. OpenJML: JML for Java 7 by Extending OpenJDK. In NASA Formal Methods Symposium. 472-479.Google Scholar
Cross Ref
- Stephen A. Cook. 1971. The Complexity of Theorem-Proving Procedures. In Symposium on Theory of Computing. 151-158.Google Scholar
- Brett Daniel, Danny Dig, Kely Garcia, and Darko Marinov. 2007. Automated Testing of Refactoring Engines. In Symposium on the Foundations of Software Engineering. 185-194.Google Scholar
- Manuel Fähndrich, Michael Barnett, Daan Leijen, and Francesco Logozzo. 2012. Integrating a Set of Contract Checking Tools into Visual Studio. In Workshop on Developing Tools as Plug-ins. 43-48.Google Scholar
Cross Ref
- Manuel Fähndrich, Michael Barnett, and Francesco Logozzo. 2010. Embedded Contract Languages. In Symposium on Applied Computing. 2103-2110.Google Scholar
- Burke Fetscher, Koen Claessen, Michał Pałka, John Hughes, and Robert Bruce Findler. 2015. Making random judgments: Automatically generating well-typed terms from the definition of a type-system. In European Symposium on Programming Languages and Systems. 383-405.Google Scholar
Cross Ref
- Norbert E. Fuchs. 1992. Specifications Are (Preferably) Executable. Software Engineering Journal 7, 5 ( 1992 ), 323-334.Google Scholar
Digital Library
- Juan Pablo Galeotti, Nicolás Rosner, Carlos Gustavo López Pombo, and Marcelo Fabian Frias. 2010. Analysis of Invariants for Eficient Bounded Verification. In International Symposium on Software Testing and Analysis. 25-36.Google Scholar
- Milos Gligoric, Tihomir Gvero, Vilas Jagannath, Sarfraz Khurshid, Viktor Kuncak, and Darko Marinov. 2010. Test Generation through Programming in UDITA. In International Conference on Software Engineering. 225-234.Google Scholar
Digital Library
- C.A.R. Hoare. 1987. An Overview of Some Formal Methods for Program Design. Computer 9 ( 1987 ), 85-91.Google Scholar
- Daniel Jackson. 2002. Alloy: A Lightweight Object Modelling Notation. ACM Trans. Softw. Eng. Methodol. 11, 2 ( 2002 ), 256-290.Google Scholar
Digital Library
- Eugene Kuleshov. 2007. Using the ASM Framework to Implement Common Java Bytecode Transformation Patterns. In Aspect-Oriented Software Development.Google Scholar
- Viktor Kuncak, Etienne Kneuss, and Philippe Suter. 2013. Executing Specifications Using Synthesis and Constraint Solving. In International Conference on Runtime Verification. 1-20.Google Scholar
- Ivan Kuraj, Viktor Kuncak, and Daniel Jackson. 2015. Programming with Enumerable Sets of Structures. In International Conference on Object-Oriented Programming, Systems, Languages, and Applications. 37-56.Google Scholar
- Leonidas Lampropoulos, Diane Gallois-Wong, Cătălin Hriţcu, John Hughes, Benjamin C Pierce, and Li-yao Xia. 2017. Beginner's luck: a language for property-based generators. In Symposium on Principles of Programming Languages. 114-129.Google Scholar
Digital Library
- Leonid Anatolevich Levin. 1973. Universal Sequential Search Problems. Problemy Peredachi Informatsii 9, 3 ( 1973 ), 115-116.Google Scholar
- Barbara Liskov and John Guttag. 2000. Program Development in Java: Abstraction, Specification, and Object-Oriented Design.Google Scholar
- Francesco Logozzo. 2013. Practical Specification and Verification with Code Contracts. In SIGAda Annual Conference on High Integrity Language Technology. 7-8.Google Scholar
- Gus Lopez, Bjørn N. Freeman-Benson, and Alan Borning. 1993. Kaleidoscope: A Constraint Imperative Programming Language. In Constraint Programming, Proceedings of the NATO Advanced Study Institute on Constraint Programming. 313-329.Google Scholar
- Darko Marinov and Sarfraz Khurshid. 2001. TestEra: A Novel Framework for Automated Testing of Java Programs. In International Conference on Automated Software Engineering. 22-31.Google Scholar
- Baoluo Meng, Andrew Reynolds, Cesare Tinelli, and Clark Barrett. 2017. Relational Constraint Solving in SMT. In International Conference on Automated Deduction. 148-165.Google Scholar
- Aleksandar Milicevic, Ido Efrati, and Daniel Jackson. 2014. Rby-An Embedding of Alloy in Ruby. In International Conference on Abstract State Machines, Alloy, B, TLA, VDM, and Z. 56-71.Google Scholar
- Aleksandar Milicevic, Derek Rayside, Kuat Yessenov, and Daniel Jackson. 2011. Unifying Execution of Imperative and Declarative Code. In International Conference on Software Engineering. 511-520.Google Scholar
- Joseph P Near and Daniel Jackson. 2010. An Imperative Extension to Alloy. In International Conference on Abstract State Machines, Alloy, B and Z. 118-131.Google Scholar
Digital Library
- Oracle and/or its afiliates. 2020. Java™ Platform, Standard Edition 8 API Specification. https://docs.oracle.com/javase/8/ docs/api/.Google Scholar
- Carlos Pacheco, Shuvendu K. Lahiri, Michael D. Ernst, and Thomas Ball. 2007. Feedback-directed Random Test Generation. In International Conference on Software Engineering. 75-84.Google Scholar
- Nadia Polikarpova, Carlo A Furia, and Scott West. 2013. To Run What No One Has Run Before: Executing an Intermediate Verification Language. In International Conference on Runtime Verification. 251-268.Google Scholar
Cross Ref
- Derek Rayside, Aleksandar Milicevic, Kuat Yessenov, Greg Dennis, and Daniel Jackson. 2009. Agile Specifications. In International Conference on Object-Oriented Programming, Systems, Languages, and Applications. 999-1006.Google Scholar
- Derek Rayside, Vajihollah Montaghami, Francesca Leung, Albert Yuen, Kevin Xu, and Daniel Jackson. 2012. Synthesizing Iterators from Abstraction Functions. In International Conference on Generative Programming and Component Engineering. 31-40.Google Scholar
Digital Library
- Christoph Reichenbach, Yannis Smaragdakis, and Neil Immerman. 2012. PQL: A Purely-Declarative Java Extension for Parallel Programming. In European Conference on Object-Oriented Programming. 53-78.Google Scholar
- Nicolás Rosner, Valeria S. Bengolea, Pablo Ponzio, Shadi Abdul Khalek, Nazareno Aguirre, Marcelo F. Frias, and Sarfraz Khurshid. 2014. Bounded Exhaustive Test Input Generation from Hybrid Invariants. In International Conference on Object-Oriented Programming, Systems, Languages, and Applications. 655-674.Google Scholar
Digital Library
- Hesam Samimi, Ei Darli Aung, and Todd Millstein. 2010. Falling Back on Executable Specifications. In European Conference on Object-Oriented Programming. 552-576.Google Scholar
- Hesam Samimi, Rebecca Hicks, Ari Fogel, and Todd Millstein. 2013. Declarative mocking. In International Symposium on Software Testing and Analysis. 246-256.Google Scholar
Digital Library
- Rohan Sharma, Milos Gligoric, Andrea Arcuri, Gordon Fraser, and Darko Marinov. 2011a. Predicate Coverage. http://mir.cs.illinois.edu/coverage/.Google Scholar
- Rohan Sharma, Milos Gligoric, Andrea Arcuri, Gordon Fraser, and Darko Marinov. 2011b. Testing Container Classes: Random or Systematic?. In Fundamental Approaches to Software Engineering. 262-277.Google Scholar
- Armando Solar-Lezama, Liviu Tancau, Rastislav Bodík, Sanjit A. Seshia, and Vijay A. Saraswat. 2006. Combinatorial Sketching for Finite Programs. In International Conference on Architectural Support for Programming Languages and Operating Systems. 404-415.Google Scholar
- Emina Torlak and Rastislav Bodik. 2013. Growing Solver-Aided Languages with Rosette. In Symposium on New Ideas, New Paradigms, and Reflections on Programming & Software. 135-152.Google Scholar
- Emina Torlak and Daniel Jackson. 2007. Kodkod: A Relational Model Finder. In Tools and Algorithms for the Construction and Analysis of Systems. 632-647.Google Scholar
- Willem Visser, Jaco Geldenhuys, and Matthew B. Dwyer. 2012. Green: Reducing, Reusing and Recycling Constraints in Program Analysis. In International Symposium on the Foundations of Software Engineering. 58.Google Scholar
- Willem Visser, Corina S Paˇsaˇreanu, and Radek Pelánek. 2006. Test Input Generation for Java Containers using State Matching. In International Symposium on Software Testing and Analysis. 37-48.Google Scholar
Digital Library
- Wikipedia. 2020. Eight Queens Puzzle. https://en.wikipedia.org/wiki/Eight_queens_puzzle.Google Scholar
- Kuat T. Yessenov. 2009a. JForge: Eclipse Plug-in for Bounded Code Verification. https://groups.csail.mit.edu/sdg/forge/plugin. html.Google Scholar
- Kuat T. Yessenov. 2009b. A Lightweight Specification Language for Bounded Program Verification. Ph.D. Dissertation. Massachusetts Institute of Technology.Google Scholar
Index Terms
Unifying execution of imperative generators and declarative specifications
Recommendations
Unifying execution of imperative and declarative code
ICSE '11: Proceedings of the 33rd International Conference on Software EngineeringWe present a unified environment for running declarative specifications in the context of an imperative object-Oriented programming language. Specifications are Alloy-like, written in first-order relational logic with transitive closure, and the ...
Declarative specifications for the development of multi-agent systems
The designing and implementation of a multi-agent system (MAS), where autonomous agents collaborate with other agents for solving problems, constitute complex tasks that may become even harder when agents work in new interactive environments such as the ...
Declarative view of imperative programs
IW-FM'98: Proceedings of the 2nd Irish conference on Formal MethodsBy giving a declarative meaning to an imperative program, the verification of the imperative program is switched from the imperative paradigm to the declarative or logic paradigm where one can take advantage of, for example, referential transparency. ...






Comments