An executable formal semantics of C with applications

Ellison, Chucky; Roşu, Grigore

doi:10.1145/2103656.2103719

Cited by 158 publications

(89 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Functional big-step semantics can do this out-of-the-box, as can many small-step approaches [13,14]. Where semantics are defined in a relational bigstep style, one needs to build an interpreter that corresponds to the relation and verify that they are equivalent -essentially, building a functional big-step semantics anyway.…”

Section: Discussion and Related Workmentioning

confidence: 99%

Functional Big-Step Semantics

Owens

Myreen

Kumar

et al. 2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. When doing an interactive proof about a piece of software, it is important that the underlying programming language's semantics does not make the proof unnecessarily difficult or unwieldy. Both smallstep and big-step semantics are commonly used, and the latter is typically given by an inductively defined relation. In this paper, we consider an alternative: using a recursive function akin to an interpreter for the language. The advantages include a better induction theorem, less duplication, accessibility to ordinary functional programmers, and the ease of doing symbolic simulation in proofs via rewriting. We believe that this style of semantics is well suited for compiler verification, including proofs of divergence preservation. We do not claim the invention of this style of semantics: our contribution here is to clarify its value, and to explain how it supports several language features that might appear to require a relational or small-step approach. We illustrate the technique on a simple imperative language with C-like for-loops and a break statement, and compare it to a variety of other approaches. We also provide ML and lambda-calculus based examples to illustrate its generality.

show abstract

Section: Discussion and Related Workmentioning

confidence: 99%

Functional Big-Step Semantics

Owens

Myreen

Kumar

et al. 2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…. , a n ]); 6. eq ret := (ret = v); 7. axiomSet := axiomSet ∪ {eqs pre ⇒ (eqs post ∪ eq ret )}; 8. end for 9. spec := simplify(axiomSet) 10. return spec of interest m is symbolically executed with fresh symbolic variables a 1 , .…”

Section: Inferring Specifications Using K's Symbolic Executionmentioning

confidence: 99%

Automatic Inference of Specifications in the K Framework

Alpuente¹,

Pardo²,

Villanueva³

2015

Electron. Proc. Theor. Comput. Sci.

View full text Add to dashboard Cite

Despite its many unquestionable benefits, formal specifications are not widely used in industrial software development. In order to reduce the time and effort required to write formal specifications, in this paper we propose a technique for automatically discovering specifications from real code. The proposed methodology relies on the symbolic execution capabilities recently provided by the K framework that we exploit to automatically infer formal specifications from programs that are written in a non-trivial fragment of C, called KERNELC. Roughly speaking, our symbolic analysis of KERNELC programs explains the execution of a (modifier) function by using other (observer) routines in the program. We implemented our technique in the automated tool KINDSPEC 2.0, which generates axioms that describe the precise input/output behavior of C routines that handle pointerbased structures (i.e., result values and state change). We describe the implementation of our system and discuss the differences w.r.t. our previous work on inferring specifications from C code.

show abstract

“…A final limitations of our work is the lack of formal correctness proofs of the basic C translation and of the reengineering steps. While the evaluation (discussed in Section 5) extensively tested the translated applications without finding any unexpected behavior-which gives us good confidence in the robustness of the results-this still falls short of a fully formal approach such as [4]. This is planned as future work.…”

Section: Limitationsmentioning

confidence: 99%

“…4 In fact, to highlight the generality of the reengineering, the presentation will use a Java-like syntax; this will be palatable to readers familiar only with C-based programming languages without misrepresenting any conceptually relevant aspect. We assume knowledge of the standard terminology and notions of object-oriented programming [15].…”

Section: Introductionmentioning

confidence: 99%

“…For ease of presentation, we will use the name AutoOO to denote not only the tool but also the reengineering technique it implements. 5 4 The only two features used by AutoOO that may not be universally available are contracts and member renaming during inheritance. Contracts, however, are increasingly provided in other languages as libraries or assertions (e.g., CodeContracts for C#, assert in Java).…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Really Automatic Scalable Object-Oriented Reengineering

Trudel

Furia

Nordio

et al. 2013

ECOOP 2013 – Object-Oriented Programming

View full text Add to dashboard Cite

Abstract. Even when implemented in a purely procedural programming language, properly designed programs possess elements of good design that are expressible through object-oriented constructs and concepts. For example, placing structured types and the procedures operating on them together in the same module achieves a weak form of encapsulation that reduces inter-module coupling. This paper presents a novel technique, and a supporting tool AutoOO, that extracts such implicit design elements from C applications and uses them to build reengineered object-oriented programs. The technique is completely automatic: users only provide a source C program, and the tool produces an object-oriented application written in Eiffel with the same input/output behavior as the source. An extensive evaluation on 10 open-source programs (including the editor vim and the math library libgsl) demonstrates that our technique works on applications of significant size and builds reengineered programs exhibiting elements of good object-oriented design, such as low coupling and high cohesion of classes, and proper encapsulation. The reengineered programs also leverage advanced features such as inheritance, contracts, and exceptions to achieve a better usability and a clearer design. The tool AutoOO is freely available for download.

show abstract

An executable formal semantics of C with applications

Cited by 158 publications

References 20 publications

Functional Big-Step Semantics

Functional Big-Step Semantics

Automatic Inference of Specifications in the K Framework

Really Automatic Scalable Object-Oriented Reengineering

Contact Info

Product

Resources

About