Abstract
We propose an automated technique for inferring software contracts from programs that are written in a non-trivial fragment of C, called KernelC, that supports pointer-based structures and heap manipulation. Starting from the semantic definition of KernelC in the \(\mathbb {K}\) framework, we enrich the symbolic execution facilities recently provided by C with novel capabilities for assertion synthesis that are based on abstract subsumption. Roughly speaking, we define an abstract symbolic technique that explains the execution of a (modifier) C function by using other (observer) routines in the same program. We implemented our technique in the automated tool KindSpec 2.0, which generates logical axioms that define the precise input/output behavior of the C routines.
This work has been partially supported by the EU (FEDER) and Spanish MINECO project TIN2015-69175-C4-1-R, and by Generalitat Valenciana PROMETEOII/2015/013. D. Pardo is supported by FPU-ME grant FPU14/01830.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Symbolic values are preceded by aquestion mark.
- 2.
An object in C is a region of data storage in the execution environment.
- 3.
By abuse, we assume a logical constraint representation \(x_1= v_1 \wedge \ldots \wedge x_n= v_n\) of the symbolic heap \(\{x_1\mapsto v_1, \ldots , x_n\mapsto v_n\}\), where every \(x_i\) refers to a field of a
data object, or to a primitive-type program variable if \(x_i\) occurs in 
.
data object, or to a primitive-type program variable if 
.References
Alpuente, M., Feliú, M.A., Villanueva, A.: Automatic inference of specifications using matching logic. In: Proceedings of PEPM 2013, pp. 127–136. ACM (2013)
Alpuente, M., Pardo, D., Villanueva, A.: Automatic inference of specifications in the K framework. EPTCS 200, 1–17 (2015)
Anand, S., Păsăreanu, C.S., Visser, W.: Symbolic execution with abstraction. STTT 11(1), 53–67 (2008)
Arusoaie, A., Lucanu, D., Rusu, V.: Symbolic execution based on language transformation. Comput. Lang. Syst. Struct. 44(Part A), 48–71 (2015)
Calcagno, C., Distefano, D., O’Hearn, P.W., Yang, H.: Footprint analysis: a shape analysis that discovers preconditions. In: Nielson, H.R., Filé, G. (eds.) SAS 2007. LNCS, vol. 4634, pp. 402–418. Springer, Heidelberg (2007). doi:10.1007/978-3-540-74061-2_25
Claessen, K., Smallbone, N., Hughes, J.: QuickSpec: guessing formal specifications using testing. In: Fraser, G., Gargantini, A. (eds.) TAP 2010. LNCS, vol. 6143, pp. 6–21. Springer, Heidelberg (2010). doi:10.1007/978-3-642-13977-2_3
Cousot, P., Cousot, R., Fähndrich, M., Logozzo, F.: Automatic inference of necessary preconditions. In: Giacobazzi, R., Berdine, J., Mastroeni, I. (eds.) VMCAI 2013. LNCS, vol. 7737, pp. 128–148. Springer, Heidelberg (2013). doi:10.1007/978-3-642-35873-9_10
Ellison, C., Roşu, G.: An executable formal semantics of C with applications. In: Proceedings of POPL 2012, pp. 533–544. ACM (2012)
Gulavani, B.S., Chakraborty, S., Ramalingam, G., Nori, A.V.: Bottom-up shape analysis using LISF. ACM Trans. Program. Lang. Syst. 33(5), 17 (2011)
Henkel, J., Diwan, A.: Discovering algebraic specifications from Java classes. In: Cardelli, L. (ed.) ECOOP 2003. LNCS, vol. 2743, pp. 431–456. Springer, Heidelberg (2003). doi:10.1007/978-3-540-45070-2_19
Khurshid, S., PĂsĂreanu, C.S., Visser, W.: Generalized symbolic execution for model checking and testing. In: Garavel, H., Hatcliff, J. (eds.) TACAS 2003. LNCS, vol. 2619, pp. 553–568. Springer, Heidelberg (2003). doi:10.1007/3-540-36577-X_40
King, J.C.: Symbolic execution and program testing. Comm. ACM 19(7), 385–394 (1976)
Liskov, B., Guttag, J.: Abstraction and Specification in Program Development. MIT Press, Cambridge (1986)
Magill, S., Nanevski, A., Clarke, E., Lee, P.: Inferring invariants in separation logic for imperative list-processing programs. In: Proceedings of SPACE Workshop (2006)
Meyer, B.: Applying ‘design by contract’. Computer 25(10), 40–51 (1992)
Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008). doi:10.1007/978-3-540-78800-3_24
Moy, Y., Marché, C.: Modular inference of subprogram contracts for safety checking. J. Symbolic Comput. 45(11), 1184–1211 (2010)
Roşu, G., Şerbănuţă, T.F.: An overview of the K semantic framework. JLAP 79(6), 397–434 (2010)
Tillmann, N., Chen, F., Schulte, W.: Discovering likely method specifications. In: Liu, Z., He, J. (eds.) ICFEM 2006. LNCS, vol. 4260, pp. 717–736. Springer, Heidelberg (2006). doi:10.1007/11901433_39
Wei, Y., Furia, C.A., Kazmin, N., Meyer, B.: Inferring better contracts. In: Proceedings of the ICSE 2011, 191–200. ACM (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Alpuente, M., Pardo, D., Villanueva, A. (2017). Symbolic Abstract Contract Synthesis in a Rewriting Framework. In: Hermenegildo, M., Lopez-Garcia, P. (eds) Logic-Based Program Synthesis and Transformation. LOPSTR 2016. Lecture Notes in Computer Science(), vol 10184. Springer, Cham. https://doi.org/10.1007/978-3-319-63139-4_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-63139-4_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-63138-7
Online ISBN: 978-3-319-63139-4
eBook Packages: Computer ScienceComputer Science (R0)