research-article

Correct blame for contracts: no more scapegoating

Authors:

Christos Dimoulas,

Robert Bruce Findler,

Cormac Flanagan,

Matthias FelleisenAuthors Info & Claims

POPL '11: Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages

Pages 215 - 226

https://doi.org/10.1145/1926385.1926410

Published: 26 January 2011 Publication History

Abstract

Behavioral software contracts supplement interface information with logical assertions. A rigorous enforcement of contracts provides useful feedback to developers if it signals contract violations as soon as they occur and if it assigns blame to violators with preciseexplanations. Correct blame assignment gets programmers started with the debugging process and can significantly decrease the time needed to discover and fix bugs.

Sadly the literature on contracts lacks a framework for making statements about the correctness of blame assignment and for validating such statements. This paper fills the gap and uses the framework to demonstrate how one of the proposed semantics for higher-order contracts satisfies this criteria and another semantics occasionally assigns blame to the wrong module.

Concretely, the paper applies the framework to the lax enforcement of dependent higher-order contracts and the picky one. A higher-order dependent contract specifies constraints for the domain and range of higher-order functions and also relates arguments and results in auxiliary assertions. The picky semantics ensures that the use of arguments in the auxiliary assertion satisfies the domain contracts and the lax one does not. While the picky semantics discovers more contract violations than the lax one, it occasionally blames the wrong module. Hence the paper also introduces a third semantics, dubbed indy, which fixes the problems of the picky semantics without giving up its advantages.

Supplementary Material

MP4 File (19-mpeg-4.mp4)

Download
423.34 MB

References

[1]

H. P. Barendregt. phThe Lambda Calculus -- Its Syntax and Semantics, volume 103 of phStudies in Logic and the Foundations of Mathematics. North-Holland, 1984.

[2]

M. Barnett, K. R. M. Leino, and W. Schulte. The Spec# programming system: an overview. In Construction and Analysis of Safe, Secure and Interoperable Smart Devices, pages 49--69, 2004.

Digital Library

[3]

A. Beugnard, J.-M. Jézéquel, N. Plouzeau, and D. Watkins. Making components contract aware. IEEE Computer, 32 (7): 38--45, July 1999.

Digital Library

[4]

M. Blume and D. McAllester. Sound and complete models of contracts. Journal of Functional Programming, 16 (4--5): 375--414, 2006.

Digital Library

[5]

R. Bose and J. Frew. Lineage retrieval for scientific data processing: a survey. ACM Computing Survey, 37 (1): 1--28, 2005.

Digital Library

[6]

J. Cheney, S. Chong, N. Foster, M. Seltzer, and S. Vansummeren. Provenance: a future history. In Proceeding of the 24th ACM SIGPLAN Conference Companion on Object Oriented Programming Systems Languages and Applications: Onward! Session (OOPSLA Onward!), pages 957--964, 2009.

Digital Library

[7]

O. Chitil, D. McNeill, and C. Runciman. Lazy assertions. In Revised Papers of the 15th International Workshop on Implementation of Functional Languages (IFL), pages 1--19, 2003.

Digital Library

[8]

M. Degen, P. Thiemann, and S. Wehr. Eager and delayed contract monitoring for call-by-value and call-by-name evaluation. Journal of Logic and Algebraic Programming, page to appear, 2010.

[9]

D. E. Denning. A lattice model of secure information flow. Communications of the ACM, 19 (5): 236--243, 1976.

Digital Library

[10]

D. L. Detlefs, K. R. M. Leino, G. Nelson, and J. B. Saxe. Extended static checking. Technical Report 158, Compaq SRC Research Report, 1998.

[11]

C. Dimoulas and M. Felleisen. On contract satisfaction in a higher-order world. ACM Transactions on Programming Languages and Systems. accepted (with revisions) for publication.

Digital Library

[12]

M. Felleisen, R. B. Findler, and M. Flatt. Semantics Engineering with PLT Redex. MIT Press, 2009.

Digital Library

[13]

R. B. Findler and M. Blume. Contracts as pairs of projections. In Proceedings of the 8th International Symposium on Functional and Logic Programming (FLOPS), pages 226--241, 2006.

Digital Library

[14]

R. B. Findler and M. Felleisen. Contracts for higher-order functions. In Proceedings of the 7th ACM SIGPLAN International Conference on Functional Programming (ICFP), pages 48--59, 2002.

Digital Library

[15]

R. B. Findler, J. Clements, C. Flanagan, M. Flatt, S. Krishnamurthi, P. Steckler, and M. Felleisen. DrScheme: A programming environment for Scheme. J. Funct. Program., 12 (2): 159--182, Mar. 2002.

Digital Library

[16]

R. B. Findler, M. Felleisen, and M. Blume. An investigation of contracts as projections. Technical Report TR-2004-02, University of Chicago, Computer Science Department, 2004.

[17]

C. Flanagan. Hybrid type checking. In Proceedings of the 33th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), pages 245--256, 2006.

Digital Library

[18]

M. Flatt and PLT. Reference: Racket. Technical Report PLT-TR-2010-1, PLT Inc., 2010. http://racket-lang.org/tr1/.

[19]

M. Greenberg, B. C. Pierce, and S. Weirich. Contracts made manifest. In Proceedings of the 37th Annual ACM SIGPLAN-SIGACT Symposium on Programming Languages (POPL), pages 353--364, 2010.

Digital Library

[20]

J. Gronski and C. Flanagan. Unifying hybrid types and contracts. In Proceedings of the 8th Symposium on Trends in Functional Programming (TFP), pages 54--69, 2007.

[21]

R. Hinze, J. Jeuring, and A. Löh. Typed contracts for functional programming. In In Proceedings of the 8th International Symposium on Functional and Logic Programming (FLOPS), pages 208--235, 2006.

Digital Library

[22]

K. Knowles, A. Tomb, J. Gronski, S. N. Freund, and C. Flanagan. Sage: Unified hybrid checking for first-class types, general refinement types, and dynamic, 2006. URL http://sage.soe.ucsc.edu/.

[23]

G. T. Leavens, A. L. Baker, and C. Ruby. JML: A notation for detailed design. In H. Kilov, B. Rumpe, and I. Simmonids, editors, Behavioral Specifications of Businesses and Systems, pages 175--188. Kluwer Academic Publishers, 1999.

[24]

B. Meyer. Design by contract. In Advances in Object-Oriented Software Engineering, pages 1--50. Prentice Hall, 1991.

[25]

B. Meyer. Eiffel: The Language. Prentice Hall, 1992.

Digital Library

[26]

B. Meyer. Object-oriented Software Construction. Prentice Hall, 1988.

Digital Library

[27]

G. D. Plotkin. Call-by-name, call-by-value, and the λ-calculus. Theoretical Computer Science, 1 (2): 125--159, 1975.

[28]

G. D. Plotkin. LCF considered as a programming language. Theoretical Computer Science, 5 (3): 223--255, 1977.

[29]

A. Rudich, A. Darvas, and P. Müller. Checking well-formedness of pure-method specifications. In Proceedings of the 15th International Symposium on Formal Methods (FM), pages 68--83, 2008.

Digital Library

[30]

D. S. Scott. Data types as lattices. SIAM Journal of Computing, 5 (3): 522--587, 1976.

[31]

Y. L. Simmhan, B. Plale, and D. Gannon. A survey of data provenance in e-science. ACM SIGMOD Record, 34 (3): 31--36, 2005.

Digital Library

[32]

T. S. Strickland and M. Felleisen. Contracts for first-class modules. In Proceedings of the 5th Symposium on Dynamic Languages (DLS), pages 27--38. ACM, 2009.

Digital Library

[33]

S. Tobin-Hochstadt and M. Felleisen. Logical types for untyped languages. In Proceedings of the 15th ACM SIGPLAN Internation Conference on Functional Programming (ICFP), pages 117--128, 2010.

Digital Library

[34]

S. Tobin-Hochstadt and M. Felleisen. The design and implementation of Typed Scheme. In Proceedings of the 35th Annual ACM SIGPLAN-SIGACT Symposium on the Pronciples of Programming Languages (POPL), pages 395--407, 2008.

Digital Library

[35]

D. Xu, S. Peyton Jones, and K. Claessen. Static contract checking for Haskell. In Proceedings of the 36th Annual ACM SIGPLAN-SIGACT Symposium on Programming Languages (POPL), pages 41--52, 2009.

Digital Library

[36]

S. Zdancewic, D. Grossman, and G. Morrisett. Principals in programming languages: A syntactic proof technique. In Proceedings of the 4th ACM SIGPLAN International Conference on Functional Programming (ICFP), pages 197--207, 1999.

Digital Library

Cited By

Bowman WAllais GLiu Y(2025)The Ethical Compiler: Addressing the Is-Ought Gap in Compilation (Invited Talk)Proceedings of the 2025 ACM SIGPLAN International Workshop on Partial Evaluation and Program Manipulation10.1145/3704253.3706135(1-9)Online publication date: 10-Jan-2025
https://dl.acm.org/doi/10.1145/3704253.3706135
Vandenbogaerde BStiévenart QDe Roover C(2024)Blame-Correct Support for Receiver Properties in Recursively-Structured Actor ContractsProceedings of the ACM on Programming Languages10.1145/36746438:ICFP(515-543)Online publication date: 15-Aug-2024
https://dl.acm.org/doi/10.1145/3674643
Vandenbogaerde BChristakis MPradel M(2024)Soft Verification for Actor Contract SystemsProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3685551(1891-1895)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3685551
Show More Cited By

Index Terms

Correct blame for contracts: no more scapegoating
1. Software and its engineering
  1. Software notations and tools
    1. Formal language definitions
      1. Semantics
    2. General programming languages
      1. Language features
        Constraints
2. Theory of computation
  1. Semantics and reasoning
    1. Program semantics

Recommendations

Correct blame for contracts: no more scapegoating
POPL '11

Behavioral software contracts supplement interface information with logical assertions. A rigorous enforcement of contracts provides useful feedback to developers if it signals contract violations as soon as they occur and if it assigns blame to ...
Complete monitors for behavioral contracts
ESOP'12: Proceedings of the 21st European conference on Programming Languages and Systems

A behavioral contract in a higher-order language may invoke methods of unknown objects. Although this expressive power allows programmers to formulate sophisticated contracts, it also poses a problem for language designers. Indeed, two distinct ...
Temporal higher-order contracts
ICFP '11

Behavioral contracts are embraced by software engineers because they document module interfaces, detect interface violations, and help identify faulty modules (packages, classes, functions, etc). This paper extends prior higher-order contract systems to ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

POPL '11: Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages

January 2011

652 pages

ISBN:9781450304900

DOI:10.1145/1926385

General Chair:
Thomas Ball
Microsoft Research, USA
,
Program Chair:
Mooly Sagiv
Tel Aviv University, Israel

ACM SIGPLAN Notices Volume 46, Issue 1
POPL '11
January 2011
624 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/1925844
Issue’s Table of Contents

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGPLAN: ACM Special Interest Group on Programming Languages

In-Cooperation

SIGACT: ACM Special Interest Group on Algorithms and Computation Theory

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 26 January 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

POPL '11

Sponsor:

SIGPLAN

POPL '11: The 38th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages

January 26 - 28, 2011

Texas, Austin, USA

Acceptance Rates

Overall Acceptance Rate 860 of 4,328 submissions, 20%

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

67
Total Citations
View Citations
583
Total Downloads

Downloads (Last 12 months)21
Downloads (Last 6 weeks)1

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Bowman WAllais GLiu Y(2025)The Ethical Compiler: Addressing the Is-Ought Gap in Compilation (Invited Talk)Proceedings of the 2025 ACM SIGPLAN International Workshop on Partial Evaluation and Program Manipulation10.1145/3704253.3706135(1-9)Online publication date: 10-Jan-2025
https://dl.acm.org/doi/10.1145/3704253.3706135
Vandenbogaerde BStiévenart QDe Roover C(2024)Blame-Correct Support for Receiver Properties in Recursively-Structured Actor ContractsProceedings of the ACM on Programming Languages10.1145/36746438:ICFP(515-543)Online publication date: 15-Aug-2024
https://dl.acm.org/doi/10.1145/3674643
Vandenbogaerde BChristakis MPradel M(2024)Soft Verification for Actor Contract SystemsProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3685551(1891-1895)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3685551
Moy CDimoulas CFelleisen M(2024)Effectful Software ContractsProceedings of the ACM on Programming Languages10.1145/36329308:POPL(2639-2666)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632930
Greenman BDimoulas CFelleisen M(2023)Typed–Untyped Interactions: A Comparative AnalysisACM Transactions on Programming Languages and Systems10.1145/357983345:1(1-54)Online publication date: 5-Mar-2023
https://dl.acm.org/doi/10.1145/3579833
MOY CFELLEISEN M(2023)Trace contractsJournal of Functional Programming10.1017/S095679682300009633Online publication date: 13-Dec-2023
https://doi.org/10.1017/S0956796823000096
Lennon-Bertrand MMaillard KTabareau NTanter É(2022)Gradualizing the Calculus of Inductive ConstructionsACM Transactions on Programming Languages and Systems10.1145/349552844:2(1-82)Online publication date: 6-Apr-2022
https://dl.acm.org/doi/10.1145/3495528
Gommerstadt HJia LPfenning F(2022)Session-typed concurrent contractsJournal of Logical and Algebraic Methods in Programming10.1016/j.jlamp.2021.100731124(100731)Online publication date: Jan-2022
https://doi.org/10.1016/j.jlamp.2021.100731
Freund THamdaoui YSpiwack AGuha A(2021)Union and intersection contracts are hard, actuallyProceedings of the 17th ACM SIGPLAN International Symposium on Dynamic Languages10.1145/3486602.3486767(1-11)Online publication date: 19-Oct-2021
https://dl.acm.org/doi/10.1145/3486602.3486767
SIEK JTHIEMANN PWADLER P(2021)Blame and coercion: Together again for the first timeJournal of Functional Programming10.1017/S095679682100010131Online publication date: 13-Oct-2021
https://doi.org/10.1017/S0956796821000101
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten