skip to main content
10.1145/1181775.1181809acmconferencesArticle/Chapter ViewAbstractPublication PagesfseConference Proceedingsconference-collections
Article

Lightweight extraction of syntactic specifications

Published: 05 November 2006 Publication History

Abstract

A method for extracting syntactic specifications from heap-manipulating code is described. The state of the heap is represented as an environment mapping each variable or field to a relational expression. A procedure is executed symbolically, obtaining an environment for the post-state that gives the value of each variable and field in terms of the values of variables and fields of the pre-state. Approximation is introduced by forming relational unions at merge points in the control flow graph, and by widening union-of-join expressions to transitive closures. The resulting analysis is linear in the length of the code and the number of fields, but capable of producing non-trivial specifications of surprising accuracy.

References

[1]
I. Balaban, A. Pnueli, and L. Zuck. Shape analysis by predicate abstraction. In Proc. of VMCAI 2005.
[2]
J. Choi, M. Burke, and P. Carini. Efficient flow-sensitive interprocedural computation of pointer-induced aliases and side effects. In Proc. of POPL 1993.
[3]
P. Cousot and R. Cousot. Abstract interpretation:a unified lattice model for static analysis of programs by construction or approximation of fixpoints.In Proc. of POPL pages 238--252, Jan 1977.
[4]
T. Freeman and F. Pfenning. Refinement types for ML. In Proc. of Programming Languages Design and Implementation 1991.
[5]
M. Hind and A. Pioli. Which pointer analysis should I use? In Proc. of International Symposium on Software Testing and Analysis 2000.
[6]
D. Jackson, I. Shlyakhter, and M. Sridharan. A micromodularity mechanism. In Proc. of Foundations of Software Engineering pages 62--73, Sep 2001.
[7]
B. Jeannet, A. Loginov, T. Reps, and M. Sagiv. A relational approach to interprocedural shape analysis. In Proc. of SAS pages 246--264, 2004.
[8]
A. Milanova, A. Rountev, and B. G. Ryder. Parameterized object sensitivity for points-to and side-effect analyses for Java. In Proc. of International Symposium on Software Testing and Analysis 2002.
[9]
OpenJGraph. http://openjgraph.sourceforge.net/.
[10]
A. Podelski and T. Wies. Boolean heaps. In Proc. of Static Analysis Symposium 2005.
[11]
A. Rountev. Precise identification of side-effect-free methods in java. IEEE International Conference on Software Maintenance 2004.
[12]
M. Sagiv, T. Reps, and R. Wilhelm. Solving shape-analysis problems in languages with destructive updating. ACM Transactions on Programming Languages and Systems 20(1):1--50, 1998.
[13]
M. Sagiv, T. Reps, and R. Wilhelm. Parametric shape analysis via 3-valued logic. ACM Transactions on Programming Languages and Systems 24(3):217--298, 2002.
[14]
A. D. Salcianu and M. Rinard. Purity and side effect analysis for Java programs. In Proc. of VMCAI 2005.
[15]
M. Taghdiri. Inferring specifications to detect errors in code. In Proc. of Automated Software Engineering pages 144--153, Sep 2004.
[16]
O. Tkachuk and M. Dwyer. Adapting side effects analysis for modular program model checking. In Proc. of Foundations of Software Engineering 2003.
[17]
R. Valle-Rai, L. Hendren, V. Sundaresan, P. Lam, E. Gagnon, and P. Co. Soot -a Java optimization framework. In Proc. of CASCON 1999.
[18]
T. Wies, V. Kuncak, P. Lam, A. Podelski, and M. Rinard.On field constraint analysis. In Proc. of VMCAI 2006.

Cited By

View all

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
SIGSOFT '06/FSE-14: Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering
November 2006
298 pages
ISBN:1595934685
DOI:10.1145/1181775
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 November 2006

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. modular abstraction
  2. symbolic execution
  3. symbolic summary
  4. syntactic specification

Qualifiers

  • Article

Conference

SIGSOFT06/FSE-14
Sponsor:

Acceptance Rates

Overall Acceptance Rate 17 of 128 submissions, 13%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)4
  • Downloads (Last 6 weeks)0
Reflects downloads up to 11 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2016)Correlating Structured Inputs and Outputs in Functional SpecificationsSoftware Engineering and Formal Methods10.1007/978-3-319-41591-8_7(85-103)Online publication date: 23-Jun-2016
  • (2015)Alias calculus, change calculus and frame inferenceScience of Computer Programming10.1016/j.scico.2013.11.00697:P1(163-172)Online publication date: 1-Jan-2015
  • (2015)TacoFlowSoftware and Systems Modeling (SoSyM)10.1007/s10270-014-0401-914:1(45-63)Online publication date: 1-Feb-2015
  • (2013)Applications and extensions of Alloy: past, present and futureMathematical Structures in Computer Science10.1017/S096012951200029123:4(915-933)Online publication date: 8-Jul-2013
  • (2011)A dataflow analysis to improve SAT-based bounded program verificationProceedings of the 9th international conference on Software engineering and formal methods10.5555/2075679.2075692(138-154)Online publication date: 14-Nov-2011
  • (2011)A Dataflow Analysis to Improve SAT-Based Bounded Program VerificationSoftware Engineering and Formal Methods10.1007/978-3-642-24690-6_11(138-154)Online publication date: 2011
  • (2010)Exploiting program dependencies for scalable multiple-path symbolic executionProceedings of the 19th international symposium on Software testing and analysis10.1145/1831708.1831733(195-206)Online publication date: 12-Jul-2010
  • (2010)Program Behavior Discovery and VerificationIEEE Transactions on Software Engineering10.1109/TSE.2010.336:3(431-448)Online publication date: 1-May-2010
  • (2009)Experience on knowledge-based software engineeringJournal of Systems and Software10.1016/j.jss.2009.03.01982:10(1578-1587)Online publication date: 1-Oct-2009
  • (2008)Dynamic inference of likely data preconditions over predicates by tree learningProceedings of the 2008 international symposium on Software testing and analysis10.1145/1390630.1390666(295-306)Online publication date: 20-Jul-2008
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media