Sound reasoning about unchecked exceptions

B. Jacobs, Peter Müller, F. Piessens
{"title":"Sound reasoning about unchecked exceptions","authors":"B. Jacobs, Peter Müller, F. Piessens","doi":"10.1109/SEFM.2007.36","DOIUrl":null,"url":null,"abstract":"In most software development projects, it is not feasible for developers to handle explicitly all possible unusual events which may occur during program execution, such as arithmetic overflow, highly unusual environment conditions, heap memory or call stack exhaustion, or asynchronous thread cancellation. Modern programming languages provide unchecked exceptions to deal with these circumstances safely and with minimal programming overhead. However, reasoning about programs in the presence of unchecked exceptions is difficult, especially in a multithreaded setting where the system should survive the failure of a subsystem. We propose a static verification approach for multithreaded programs with unchecked exceptions. Our approach is an extension of the Spec# verification methodology for object-oriented programs. It verifies that objects encapsulating shared resources are always ready to be disposed of, by allowing ownership transfers to other threads only through well-nested parallel execution operations. Also, the approach prevents developers from relying on invariants that may have been broken by a failure. We believe the programming style enforced by our approach leads to better programs, even in the absence of formal verification. The proposed approach enables developers using mainstream languages to gain some of the benefits of approaches based on isolated sub-processes. We believe this is the first verification approach that soundly verifies common exception handling and locking patterns in the presence of unchecked exceptions.","PeriodicalId":212544,"journal":{"name":"Fifth IEEE International Conference on Software Engineering and Formal Methods (SEFM 2007)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Fifth IEEE International Conference on Software Engineering and Formal Methods (SEFM 2007)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SEFM.2007.36","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 18

Abstract

In most software development projects, it is not feasible for developers to handle explicitly all possible unusual events which may occur during program execution, such as arithmetic overflow, highly unusual environment conditions, heap memory or call stack exhaustion, or asynchronous thread cancellation. Modern programming languages provide unchecked exceptions to deal with these circumstances safely and with minimal programming overhead. However, reasoning about programs in the presence of unchecked exceptions is difficult, especially in a multithreaded setting where the system should survive the failure of a subsystem. We propose a static verification approach for multithreaded programs with unchecked exceptions. Our approach is an extension of the Spec# verification methodology for object-oriented programs. It verifies that objects encapsulating shared resources are always ready to be disposed of, by allowing ownership transfers to other threads only through well-nested parallel execution operations. Also, the approach prevents developers from relying on invariants that may have been broken by a failure. We believe the programming style enforced by our approach leads to better programs, even in the absence of formal verification. The proposed approach enables developers using mainstream languages to gain some of the benefits of approaches based on isolated sub-processes. We believe this is the first verification approach that soundly verifies common exception handling and locking patterns in the presence of unchecked exceptions.
关于未检查异常的合理推理
在大多数软件开发项目中,开发人员不可能显式地处理程序执行期间可能发生的所有异常事件,例如算术溢出、高度异常的环境条件、堆内存或调用堆栈耗尽或异步线程取消。现代编程语言提供了未经检查的异常,以安全地处理这些情况,并以最小的编程开销。然而,在存在未检查异常的情况下对程序进行推理是困难的,特别是在多线程设置中,系统应该在子系统故障中幸存下来。我们提出了一种静态验证方法,用于多线程程序的未检查异常。我们的方法是对面向对象程序的spec#验证方法的扩展。它只允许通过嵌套良好的并行执行操作将所有权转移到其他线程,从而验证封装共享资源的对象总是准备好被处置的。此外,该方法还可以防止开发人员依赖可能因失败而被破坏的不变量。我们相信,即使在没有正式验证的情况下,我们的方法所强制的编程风格也会带来更好的程序。所建议的方法使使用主流语言的开发人员能够获得基于隔离子过程的方法的一些好处。我们相信,这是第一个在未检查异常的情况下可靠地验证常见异常处理和锁定模式的验证方法。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信