article

Maximal specification synthesis

Authors:

Aws Albarghouthi,

Arie GurfinkelAuthors Info & Claims

ACM SIGPLAN Notices, Volume 51, Issue 1

Pages 789 - 801

https://doi.org/10.1145/2914770.2837628

Published: 11 January 2016 Publication History

Abstract

Many problems in program analysis, verification, and synthesis require inferring specifications of unknown procedures. Motivated by a broad range of applications, we formulate the problem of maximal specification inference: Given a postcondition Phi and a program P calling a set of unknown procedures F_1,…,F_n, what are the most permissive specifications of procedures F_i that ensure correctness of P? In other words, we are looking for the smallest number of assumptions we need to make about the behaviours of F_i in order to prove that $P$ satisfies its postcondition. To solve this problem, we present a novel approach that utilizes a counterexample-guided inductive synthesis loop and reduces the maximal specification inference problem to multi-abduction. We formulate the novel notion of multi-abduction as a generalization of classical logical abduction and present an algorithm for solving multi-abduction problems. On the practical side, we evaluate our specification inference technique on a range of benchmarks and demonstrate its ability to synthesize specifications of kernel routines invoked by device drivers.

References

[1]

Infer. http://fbinfer.com/.

[2]

The LLVM compiler infrastructure. http://llvm.org.

[3]

Windows driver kit (WDK). https://msdn.microsoft.com/en-us/ library/windows/hardware/ff557573(v=vs.85).aspx.

[4]

A. Albarghouthi, A. Gurfinkel, and M. Chechik. Craig interpretation. In SAS, 2012.

Digital Library

[5]

A. Albarghouthi, A. Gurfinkel, and M. Chechik. From Underapproximations to Over-approximations and Back. In TACAS, 2012.

Digital Library

[6]

A. Albarghouthi, Y. Li, A. Gurfinkel, and M. Chechik. UFO: A framework for abstraction-and interpolation-based software verification. In CAV, 2012.

Digital Library

[7]

R. Alur, P. ˇ Cern`y, P. Madhusudan, and W. Nam. Synthesis of interface specifications for Java classes. In POPL, 2005.

Digital Library

[8]

R. Alur, R. Bodik, G. Juniwal, M. M. Martin, M. Raghothaman, S. A. Seshia, R. Singh, A. Solar-Lezama, E. Torlak, and A. Udupa. Syntaxguided synthesis. In FMCAD, 2013.

[9]

G. Ammons, R. Bod´ık, and J. R. Larus. Mining specifications. In POPL, 2002.

Digital Library

[10]

T. Ball and S. K. Rajamani. The SLAM toolkit. In CAV, 2001.

Digital Library

[11]

M. Barnett and K. R. M. Leino. Weakest-precondition of unstructured programs. In PASTE, 2005.

Digital Library

[12]

O. Bastani, S. Anand, and A. Aiken. Specification inference using context-free language reachability. In POPL, 2015.

Digital Library

[13]

N. E. Beckman and A. V. Nori. Probabilistic, modular and scalable inference of typestate specifications. In PLDI, 2011.

Digital Library

[14]

T. Beyene, S. Chaudhuri, C. Popeea, and A. Rybalchenko. A constraint-based approach to solving games on infinite graphs. In POPL, 2014.

Digital Library

[15]

T. A. Beyene, C. Popeea, and A. Rybalchenko. Solving existentially quantified horn clauses. In CAV, 2013.

Digital Library

[16]

D. Beyer. Status report on software verification - (Competition summary SV-COMP 2014). In TACAS, 2014.

[17]

D. Beyer, T. A. Henzinger, R. Jhala, and R. Majumdar. The software model checker BLAST. STTT, (5-6), 2007.

Digital Library

[18]

D. Beyer, A. Cimatti, A. Griggio, M. E. Keremoglu, and R. Sebastiani. Software Model Checking via Large-Block Encoding. In FMCAD, 2009.

[19]

N. Bjørner. Linear quantifier elimination as an abstract decision procedure. In IJCAR, 2010.

Digital Library

[20]

S. Blackshear and S. K. Lahiri. Almost-correct specifications: A modular semantic framework for assigning confidence to warnings. In PLDI, 2013.

Digital Library

[21]

D. Brumley, H. Wang, S. Jha, and D. X. Song. Creating vulnerability signatures using weakest preconditions. In CSF, 2007.

Digital Library

[22]

C. Calcagno, D. Distefano, P. O’Hearn, and H. Yang. Compositional shape analysis by means of bi-abduction. POPL, (1), 2009.

Digital Library

[23]

A. Cimatti, A. Griggio, S. Mover, and S. Tonetta. Parameter synthesis with IC3. In FMCAD, 2013.

[24]

E. Clarke, D. Kroening, and F. Lerda. A Tool for Checking ANSI-C Programs. In TACAS, pages 168–176, 2004.

[25]

D. Cooper. Theorem proving in arithmetic without multiplication. Machine Intelligence, (91-99), 1972.

[26]

M. Costa, M. Castro, L. Zhou, L. Zhang, and M. Peinado. Bouncer: Securing software by blocking bad input. In SOSP, 2007.

Digital Library

[27]

A. Das, S. K. Lahiri, A. Lal, and Y. Li. Angelic verification: Precise verification modulo unknowns. In CAV, 2015.

[28]

L. de Moura and N. Bjrner. Z3: An efficient SMT solver. In TACAS. 2008.

Digital Library

[29]

M. Denecker and A. C. Kakas. Abduction in logic programming. In Computational Logic: Logic Programming and Beyond, Essays in Honour of Robert A. Kowalski, Part I, 2002.

Digital Library

[30]

I. Dillig, T. Dillig, and A. Aiken. Automated error diagnosis using abductive inference. PLDI, 2012.

Digital Library

[31]

R. Giacobazzi. Abductive analysis of modular logic programs. In ISLP, 1994.

Digital Library

[32]

S. Grebenshchikov, A. Gupta, N. P. Lopes, C. Popeea, and A. Rybalchenko. HSF (C): a software verifier based on Horn clauses. In TACAS. 2012.

Digital Library

[33]

S. Grebenshchikov, N. P. Lopes, C. Popeea, and A. Rybalchenko. Synthesizing software verifiers from proof rules. In PLDI, 2012.

Digital Library

[34]

S. Gulwani. Synthesis from examples. WAMBSE, (2), 2012.

[35]

T. A. Henzinger, R. Jhala, and R. Majumdar. Permissive interfaces. In ESEC/SIGSOFT FSE, 2005.

Digital Library

[36]

K. Hoder and N. Bjørner. Generalized property directed reachability. In SAT, 2012.

Digital Library

[37]

B. Jobstmann, A. Griesmayer, and R. Bloem. Program repair as a game. In CAV, 2005.

Digital Library

[38]

V. Kuncak, M. Mayer, R. Piskac, and P. Suter. Complete functional synthesis. In PLDI, 2010.

Digital Library

[39]

A. Lal. personal communication, 2015.

[40]

A. Lal, S. Qadeer, and S. Lahiri. Corral: A solver for reachability modulo theories. In CAV, 2012.

Digital Library

[41]

B. Livshits, A. V. Nori, S. K. Rajamani, and A. Banerjee. Merlin: Specification inference for explicit information flow problems. In PLDI, 2009.

Digital Library

[42]

F. Long, S. Sidiroglou-Douskos, D. Kim, and M. Rinard. Sound input filter generation for integer overflow errors. 2014.

[43]

S. McIlraith. Logic-based abductive inference. Technical Report KSL- 98-19, Knowledge Systems Laboratory, July 1998.

[44]

K. L. McMillan. Lazy abstraction with interpolants. In CAV, 2006.

Digital Library

[45]

J. W. Nimmer and M. D. Ernst. Automatic generation of program specifications. In ISSTA, 2002.

Digital Library

[46]

W. Pugh. The Omega Test: a fast and practical integer programming algorithm for dependence analysis. CACM, 1992.

[47]

S. Qin, C. Luo, G. He, F. Craciun, and W. Chin. Verifying heapmanipulating programs with unknown procedure calls. In ICFEM, 2010.

Digital Library

[48]

M. K. Ramanathan, A. Grama, and S. Jagannathan. Static specification inference using predicate mining. PLDI ’07, 2007.

Digital Library

[49]

M. N. Seghir and D. Kroening. Counterexample-guided precondition inference. In ESOP, 2013.

Digital Library

[50]

S. Shoham, E. Yahav, S. Fink, and M. Pistoia. Static specification mining using automata-based abstractions. ISSTA, 2007.

Digital Library

[51]

A. Solar Lezama. Program Synthesis By Sketching. PhD thesis, EECS Department, University of California, Berkeley, Dec 2008.

[52]

M. Veanes, N. Bjørner, L. Nachmanson, and S. Bereg. Monadic decomposition. In CAV, 2014.

Digital Library

[53]

J. Yang, D. Evans, D. Bhardwaj, T. Bhat, and M. Das. Perracotta: mining temporal api rules from imperfect traces. ICSE, 2006.

Digital Library

[54]

H. Zhu, T. Dillig, and I. Dillig. Automated inference of library specifications for source-sink property verification. In APLAS, 2013.

Digital Library

Cited By

Pailoor SWang YDillig I(2024)Semantic Code Refactoring for Abstract Data TypesProceedings of the ACM on Programming Languages10.1145/36328708:POPL(816-847)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632870
Wu RHe YHuang JWang CTang WShi QXiao XZhang CRoychoudhury APaiva AAbreu RStorey M(2024)LibAlchemy: A Two-Layer Persistent Summary Design for Taming Third-Party Libraries in Static Bug-Finding SystemsProceedings of the IEEE/ACM 46th International Conference on Software Engineering10.1145/3597503.3639132(1-13)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3597503.3639132
Sumanth Prabhu SFedyukovich GD’Souza D(2024)Maximal Quantified Precondition Synthesis for Linear Array LoopsProgramming Languages and Systems10.1007/978-3-031-57267-8_10(245-274)Online publication date: 5-Apr-2024
https://doi.org/10.1007/978-3-031-57267-8_10
Show More Cited By

Index Terms

Maximal specification synthesis
1. Theory of computation
  1. Logic
  2. Semantics and reasoning
    1. Program reasoning

Recommendations

Maximal specification synthesis
POPL '16: Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages

Many problems in program analysis, verification, and synthesis require inferring specifications of unknown procedures. Motivated by a broad range of applications, we formulate the problem of maximal specification inference: Given a postcondition Phi ...
A formal requirements engineering method for specification, synthesis, and verification
SEE '97: Proceedings of the 8th International Conference on Software Engineering Environments (SEE '97)

This paper presents a formal requirements engineering method capturing specification, synthesis, and verification. Being multi-paradigm, our approach integrates individual established formal methods: temporal logics are used to express abstract ...
Specification, Refinement and Verification of Concurrent Systems—An Integration of Object-Z and CSP

This paper presents a method of formally specifying, refining and verifying concurrent systems which uses the object-oriented state-based specification language Object-Z together with the process algebra CSP. Object-Z provides a convenient way of ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGPLAN Notices

ACM SIGPLAN Notices Volume 51, Issue 1

POPL '16

January 2016

815 pages

ISSN:0362-1340

EISSN:1558-1160

DOI:10.1145/2914770

Editor:
Andy Gill
University of Kansas, Lawrence, KS

Issue’s Table of Contents

POPL '16: Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
January 2016
815 pages
ISBN:9781450335492
DOI:10.1145/2837614
General Chair:
Rastislav Bodik
UC Berkeley, USA
,
Program Chair:
Rupak Majumdar
MPI-SWS, Germany

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 January 2016

Published in SIGPLAN Volume 51, Issue 1

Check for updates

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

53
Total Citations
View Citations
539
Total Downloads

Downloads (Last 12 months)45
Downloads (Last 6 weeks)1

Reflects downloads up to 25 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Pailoor SWang YDillig I(2024)Semantic Code Refactoring for Abstract Data TypesProceedings of the ACM on Programming Languages10.1145/36328708:POPL(816-847)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632870
Wu RHe YHuang JWang CTang WShi QXiao XZhang CRoychoudhury APaiva AAbreu RStorey M(2024)LibAlchemy: A Two-Layer Persistent Summary Design for Taming Third-Party Libraries in Static Bug-Finding SystemsProceedings of the IEEE/ACM 46th International Conference on Software Engineering10.1145/3597503.3639132(1-13)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3597503.3639132
Sumanth Prabhu SFedyukovich GD’Souza D(2024)Maximal Quantified Precondition Synthesis for Linear Array LoopsProgramming Languages and Systems10.1007/978-3-031-57267-8_10(245-274)Online publication date: 5-Apr-2024
https://doi.org/10.1007/978-3-031-57267-8_10
Sumanth Prabhu SD’Souza DChakraborty SVenkatesh RFedyukovich G(2024)Weakest Precondition Inference for Non-Deterministic Linear Array ProgramsTools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-031-57249-4_9(175-195)Online publication date: 5-Apr-2024
https://doi.org/10.1007/978-3-031-57249-4_9
Gu YTsukada TUnno H(2023)Optimal CHC Solving via Termination ProofsProceedings of the ACM on Programming Languages10.1145/35712147:POPL(604-631)Online publication date: 11-Jan-2023
https://doi.org/10.1145/3571214
Frenkel HGrumberg ORothenberg BSheinvald S(2022)Automated Program Repair Using Formal Verification TechniquesPrinciples of Systems Design10.1007/978-3-031-22337-2_25(511-534)Online publication date: 29-Dec-2022
https://doi.org/10.1007/978-3-031-22337-2_25
Beckert BBubel RHähnle RUlbrich M(2022)Towards a Usable and Sustainable Deductive Verification ToolLeveraging Applications of Formal Methods, Verification and Validation. Software Engineering10.1007/978-3-031-19756-7_16(281-300)Online publication date: 22-Oct-2022
https://dl.acm.org/doi/10.1007/978-3-031-19756-7_16
Zhou ZDickerson RDelaware BJagannathan S(2021)Data-driven abductive inference of library specificationsProceedings of the ACM on Programming Languages10.1145/34854935:OOPSLA(1-29)Online publication date: 20-Oct-2021
https://doi.org/10.1145/3485493
Prabhu SFedyukovich GMadhukar KD'Souza DFreund SYahav E(2021)Specification synthesis with constrained Horn clausesProceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3453483.3454104(1203-1217)Online publication date: 19-Jun-2021
https://dl.acm.org/doi/10.1145/3453483.3454104
Farzan ANicolet VFreund SYahav E(2021)Phased synthesis of divide and conquer programsProceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3453483.3454089(974-986)Online publication date: 19-Jun-2021
https://dl.acm.org/doi/10.1145/3453483.3454089
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Issue’s Table of Contents