Skip to main content
SpringerLink
Log in

Automated Synthesis of Software Contracts with KindSpec

  • Chapter
  • First Online:
Analysis, Verification and Transformation for Declarative Programming and Intelligent Systems

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13160))

  • 180 Accesses

Abstract

In this paper, we describe KindSpec, an automated tool that synthesizes software contracts from programs that are written in a significant fragment of C that supports pointer-based structures, heap manipulation, and recursion. By relying on a semantic definition of the C language in the \(\mathbb {K}\) semantic framework, KindSpec leverages the symbolic execution capabilities of \(\mathbb {K}\) to axiomatically explain any program function. This is done by using observer routines in the same program to characterize the program states before and after the function execution. The generated contracts are expressed in the form of logical axioms that specify the precise input/output behavior of the C routines, including both general axioms for default behavior and exceptional axioms for the specification error behavior. We summarize the main services provided by KindSpec, which also include a novel refinement facility that improves the quality and accuracy of the synthesized contracts. Finally, we provide an experimental evaluation that assesses its effectiveness.

This research was partially supported by TAILOR, a project funded by EU Horizon 2020 research and innovation programme under GA No 952215, grant RTI2018-094403-B-C32 funded by MCIN/AEI/10.13039/501100011033 and by “ERDF A way of making Europe”, and by Generalitat Valenciana PROMETEO/2019/098.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 109.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 139.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Some standard C syntactic errors such as IRT are not statically detected by \(\mathbb {K}\), thus they show up at (symbolic) execution time.

  2. 2.

    From a model-theoretic viewpoint, this is to say that the solution set of \(c_{1}\) contains the solution set of \(c_{2}\).

  3. 3.

    In separation logic [37], heap predicates are constituted by “separated” sub-formulae which hold for disjoint parts of the heap. They represent either individual memory cells, which are encoded by using points-to heap predicates (i.e., \(e_1 \mapsto e_2\) represents that the heap contains a cell at address \(e_1\) with contents \(e_2\)), or sub-heaps (heaplets), which are encoded by predicates that collapse various heap locations.

  4. 4.

    We tested the tools in Windows (versions 7 and 10), Linux (Ubuntu 18.04) and MacOS X (10.13 High Sierra).

  5. 5.

    In contrast, DySy relied in concolic execution (a combination of symbolic execution with dynamic testing) to obtain more precise (heap-level) axiomatic properties for non-instrumented programs.

References

  1. ANSI/ISO IEC 9899:1999 Standard for C Language (C99), Technical Corrigendo 3 (2007)

    Google Scholar 

  2. Alpuente, M., Pardo, D., Villanueva, A.: Symbolic abstract contract synthesis in a rewriting framework. In: Hermenegildo, M.V., Lopez-Garcia, P. (eds.) LOPSTR 2016. LNCS, vol. 10184, pp. 187–202. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63139-4_11

    Chapter  MATH  Google Scholar 

  3. Alpuente, M., Pardo, D., Villanueva, A.: Abstract contract synthesis and verification in the symbolic K framework. Fundam. Inform. 177(3–4), 235–273 (2020)

    Article  MathSciNet  MATH  Google Scholar 

  4. Anand, S., Păsăreanu, C.S., Visser, W.: Symbolic execution with abstraction. STTT 11(1), 53–67 (2009). https://doi.org/10.1007/s10009-008-0090-1

    Article  Google Scholar 

  5. Baldoni, R., Coppa, E., D’Elia, D., Demetrescu, C., Finocch, I.: A survey of symbolic execution techniques. ACM Comput. Surv. 51(3), 1–39 (2018)

    Article  Google Scholar 

  6. Baudin, P., et al.: ACSL: ANSI/ISO C Specification Language, version 1.4 (2010). https://frama-c.com/download/acsl_1.4.pdf

  7. Berdine, J., et al.: Shape analysis for composite data structures. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol. 4590, pp. 178–192. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-73368-3_22

    Chapter  Google Scholar 

  8. Bidoit, M.: Algebraic specification of exception handling and error recovery by means of declarations and equations. In: Paredaens, J. (ed.) ICALP 1984. LNCS, vol. 172, pp. 95–108. Springer, Heidelberg (1984). https://doi.org/10.1007/3-540-13345-3_8

    Chapter  Google Scholar 

  9. Calcagno, C., Distefano, D.: Infer: an automatic program verifier for memory safety of C programs. In: Bobaru, M., Havelund, K., Holzmann, G.J., Joshi, R. (eds.) NFM 2011. LNCS, vol. 6617, pp. 459–465. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20398-5_33

    Chapter  Google Scholar 

  10. Calcagno, C., et al.: Moving fast with software verification. In: Havelund, K., Holzmann, G., Joshi, R. (eds.) NFM 2015. LNCS, vol. 9058, pp. 3–11. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-17524-9_1

    Chapter  Google Scholar 

  11. Calcagno, C., Distefano, D., O’Hearn, P.W., Yang, H.: Footprint analysis: a shape analysis that discovers preconditions. In: Nielson, H.R., Filé, G. (eds.) SAS 2007. LNCS, vol. 4634, pp. 402–418. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74061-2_25

    Chapter  Google Scholar 

  12. Calcagno, C., Distefano, D., O’Hearn, P.W., Yang, H.: Compositional shape analysis by means of bi-abduction. J. ACM 58(6), 26:1–26:66 (2011). https://doi.org/10.1145/2049697.2049700

  13. Claessen, K., Smallbone, N., Hughes, J.: QuickSpec: guessing formal specifications using testing. In: Fraser, G., Gargantini, A. (eds.) TAP 2010. LNCS, vol. 6143, pp. 6–21. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13977-2_3

    Chapter  Google Scholar 

  14. Csallner, C., Tillmann, N., Smaragdakis, Y.: DySy: dynamic symbolic execution for invariant inference. In: Proceedings of the ICSE 2008, pp. 281–290. ACM (2008). https://doi.org/10.1145/1368088.1368127

  15. Dallmeier, V., Lindig, C., Wasylkowski, A., Zeller, A.: Mining object behavior with ADABU. In: Proceedings of the WODA 2006, pp. 17–24. ACM (2006). https://doi.org/10.1145/1138912.1138918

  16. Das, A., Lahiri, S.K., Lal, A., Li, Y.: Angelic verification: precise verification modulo unknowns. In: Kroening, D., Păsăreanu, C.S. (eds.) CAV 2015. LNCS, vol. 9206, pp. 324–342. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21690-4_19

    Chapter  Google Scholar 

  17. Distefano, D., O’Hearn, P.W., Yang, H.: A local shape analysis based on separation logic. In: Hermanns, H., Palsberg, J. (eds.) TACAS 2006. LNCS, vol. 3920, pp. 287–302. Springer, Heidelberg (2006). https://doi.org/10.1007/11691372_19

    Chapter  MATH  Google Scholar 

  18. Ellison, C., Roşu, G.: An executable formal semantics of C with applications. In: Proceedings of the POPL 2012, pp. 533–544. ACM (2012). https://doi.org/10.1145/2103656.2103719

  19. Ernst, M.D., et al.: The daikon system for dynamic detection of likely invariants. Sci. Comput. Prog. 69(1–3), 35–45 (2007). https://doi.org/10.1016/j.scico.2007.01.015

    Article  MathSciNet  MATH  Google Scholar 

  20. Gazzola, L., Micucci, D., Mariani, L.: Automatic software repair: a survey. IEEE Trans. Soft. Eng. 45, 34–67 (2018). https://doi.org/10.1109/TSE.2017.2755013

  21. Gehani, N.H.: Exceptional C or C with exceptions. Softw.: Pract. Exp. 22(10), 827–848 (1992). https://doi.org/10.1002/spe.4380221003, https://onlinelibrary.wiley.com/doi/abs/10.1002/spe.4380221003

  22. Gherghina, C., David, C.: A specification logic for exceptions and beyond. In: Bouajjani, A., Chin, W.-N. (eds.) ATVA 2010. LNCS, vol. 6252, pp. 173–187. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-15643-4_14

    Chapter  MATH  Google Scholar 

  23. Giannakopoulou, D., Rakamarić, Z., Raman, V.: Symbolic learning of component interfaces. In: Miné, A., Schmidt, D. (eds.) SAS 2012. LNCS, vol. 7460, pp. 248–264. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33125-1_18

    Chapter  Google Scholar 

  24. Gogolla, M., Drosten, K., Lipeck, U.W., Ehrich, H.D.: Algebraic and operational semantics of specifications allowing exceptions and errors. Theor. Comput. Sci. 34(3), 289–313 (1984). https://doi.org/10.1016/0304-3975(84)90056-2, http://www.sciencedirect.com/science/article/pii/0304397584900562

  25. Goguen, J.: Abstract errors for abstract data types. In: Formal Description of Programming Concepts, pp. 491–522. North-Holland (1979)

    Google Scholar 

  26. Goguen, J.A., Meseguer, J.: Order-sorted algebra I: equational deduction for multiple inheritance, overloading, exceptions and partial operations. Theor. Comput. Sci. 105(2), 217–273 (1992). https://doi.org/10.1016/0304-3975(92)90302-V, http://www.sciencedirect.com/science/article/pii/030439759290302V

  27. Gulavani, B.S., Chakraborty, S., Ramalingam, G., Nori, A.V.: Bottom-up shape analysis using LISF. TOPLAS 2011 33(5), 17:1–17:41 (2011). https://doi.org/10.1145/2039346.2039349

  28. Henkel, J., Diwan, A.: Discovering algebraic specifications from java classes. In: Cardelli, L. (ed.) ECOOP 2003. LNCS, vol. 2743, pp. 431–456. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45070-2_19

    Chapter  Google Scholar 

  29. Henkel, J., Reichenbach, C., Diwan, A.: Discovering documentation for java container classes. IEEE Trans. Softw. Eng. 33(8), 526–543 (2007). https://doi.org/10.1109/TSE.2007.70705

    Article  Google Scholar 

  30. King, J.C.: Symbolic execution and program testing. Commun. ACM 19(7), 385–394 (1976). https://doi.org/10.1145/360248.360252

  31. Liskov, B., Guttag, J.: Abstraction and Specification in Program Development. MIT Press, Cambridge (1986)

    MATH  Google Scholar 

  32. Logozzo, F., Ball, T.: Modular and verified automatic program repair. In: Proceedings of the OOPSLA 2012, pp. 133–146. ACM (2012). https://doi.org/10.1145/2384616.2384626

  33. Magill, S., Nanevski, A., Clarke, E., Lee, P.: Inferring invariants in separation logic for imperative list-processing programs. In: Proceedings of the 3rd SPACE Workshop (2006)

    Google Scholar 

  34. Meyer, B.: Applying ‘design by contract’. Computer 25(10), 40–51 (1992). https://doi.org/10.1109/2.161279

    Article  Google Scholar 

  35. Padmanabhuni, S., Ghose, A.K.: Inductive constraint logic programming: an overview. In: Antoniou, G., Ghose, A.K., Truszczyński, M. (eds.) PRICAI 1996. LNCS, vol. 1359, pp. 1–8. Springer, Heidelberg (1998). https://doi.org/10.1007/3-540-64413-X_25

    Chapter  Google Scholar 

  36. Poigné, A.: Partial algebras, subsorting, and dependent types. In: Sannella, D., Tarlecki, A. (eds.) ADT 1987. LNCS, vol. 332, pp. 208–234. Springer, Heidelberg (1988). https://doi.org/10.1007/3-540-50325-0_11

    Chapter  Google Scholar 

  37. Reynolds, J.C.: Separation logic: a logic for shared mutable data structures. In: Proceedings of the LICS 2002, pp. 55–74 (2002). https://doi.org/10.1109/LICS.2002.1029817

  38. Roşu, G., Şerbănuţă, T.F.: An overview of the K semantic framework. J. Logic Algebraic Program. 79(6), 397–434 (2010). https://doi.org/10.1016/j.jlap.2010.03.012, http://www.sciencedirect.com/science/article/pii/S1567832610000160

  39. Schulz, S.: Simple and efficient clause subsumption with feature vector indexing. In: Bonacina, M.P., Stickel, M.E. (eds.) Automated Reasoning and Mathematics. LNCS (LNAI), vol. 7788, pp. 45–67. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36675-8_3

    Chapter  Google Scholar 

  40. Tillmann, N., Chen, F., Schulte, W.: Discovering likely method specifications. In: Liu, Z., He, J. (eds.) ICFEM 2006. LNCS, vol. 4260, pp. 717–736. Springer, Heidelberg (2006). https://doi.org/10.1007/11901433_39

    Chapter  Google Scholar 

  41. van Tonder, R., Goues, C.: Static automated program repair for heap properties. In: Proceedings of the ICSE 2018, pp. 151–162. ACM (2018). https://doi.org/10.1145/3180155.3180250

  42. Wei, Y., Furia, C.A., Kazmin, N., Meyer, B.: Inferring better contracts. In: Proceedings of the ICSE 2011, pp. 191–200. ACM (2011). https://doi.org/10.1145/1985793.1985820

Download references

Author information

Authors and Affiliations

  1. Valencian Research Institute for Artificial Intelligence, VRAIN, Universitat Politècnica de València, Valencia, Spain

    María Alpuente & Alicia Villanueva

Authors
  1. María Alpuente
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alicia Villanueva
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alicia Villanueva .

Editor information

Editors and Affiliations

  1. IMDEA Software Institute, Pozuelo de Alarcón, Madrid, Spain

    Pedro Lopez-Garcia

  2. Roskilde University, Roskilde, Denmark

    John P. Gallagher

  3. Università di Verona, Verona, Italy

    Roberto Giacobazzi

Rights and permissions

Reprints and permissions

Copyright information

© 2023 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Alpuente, M., Villanueva, A. (2023). Automated Synthesis of Software Contracts with KindSpec. In: Lopez-Garcia, P., Gallagher, J.P., Giacobazzi, R. (eds) Analysis, Verification and Transformation for Declarative Programming and Intelligent Systems. Lecture Notes in Computer Science, vol 13160. Springer, Cham. https://doi.org/10.1007/978-3-031-31476-6_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-31476-6_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-31475-9

  • Online ISBN: 978-3-031-31476-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation