Verification Modulo Tested Library Contracts

TL;DR

This paper introduces a framework for verifying client programs using complex libraries by synthesizing modular and contextual contracts that are validated through testing and constraint solving.

Contribution

It presents a novel counterexample-guided learning approach for synthesizing modular and contextual contracts, implemented in the DUALIS tool.

Findings

Effective on benchmarks with large libraries

Synthesizes contracts that pass testing and prove correctness

Uses generalizing CHC solvers with ICE learning algorithms

Abstract

We consider the problem of verification modulo tested library contracts as a step towards automating the verification of client programs that use complex libraries. We formulate this problem as the synthesis of modular contracts for the library methods used by the client that are adequate to prove the client correct, and that also pass the scrutiny of a testing engine that tests the library against these contracts. We also consider a new form of method contracts called contextual contracts that arise in this setting that hold in the context of the client program, and can often be simpler and easier to infer than classical modular contracts. We provide a counterexample-guided learning framework to solve this problem, in which the synthesizer interacts with a constraint solver as well as the testing engine in order to infer adequate modular/contextual method contracts and inductive invariants for the client. The main synthesis engines we use are generalizing CHC solvers that are realized using ICE learning algorithms. We realize this framework in a tool called DUALIS and show its efficacy on benchmarks where clients call large libraries.