Computer Science > Programming Languages
[Submitted on 15 Jul 2024]
Title:Compositional Symbolic Execution for Correctness and Incorrectness Reasoning (Extended Version)
View PDFAbstract:The introduction of separation logic has led to the development of symbolic-execution techniques and tools that are (functionally) compositional with function specifications that can be used in broader calling contexts. Many of the compositional symbolic-execution tools developed in academia and industry have been grounded on a formal foundation, but either the function specifications are not validated concerning the underlying separation logic of the theory, or there is a large gulf between the theory and the tool implementation.
We introduce a formal compositional symbolic-execution engine which creates and uses function specifications from an underlying separation logic and provides a sound theoretical foundation partially inspired by the Gillian symbolic-execution platform. This is achieved by providing an axiomatic interface which describes the properties of the consume and produce operations used in the engine to compositionally update the symbolic state, including, when calling function specifications -- a technique used by VeriFast, Viper, and Gillian but not previously characterised independently of the tool. Our result consume and produce operations inspired by the Gillian implementation that satisfy the properties described by our axiomatic interface. A surprising property of our engine semantics is its ability to underpin both correctness and incorrectness reasoning, with the primary distinction being the choice between satisfiability and validity. We use this property to extend the Gillian platform, which previously only supported correctness reasoning, with incorrectness reasoning and automatic true bug-finding using incorrectness bi-abduction. We evaluate our new Gillian platform through instantiation to C. This instantiation is the first tool grounded on a common formal compositional symbolic-execution engine to support both correctness and incorrectness reasoning.
Submission history
From: Daniele Nantes-Sobrinho [view email][v1] Mon, 15 Jul 2024 15:50:33 UTC (341 KB)
References & Citations
Bibliographic and Citation Tools
Bibliographic Explorer (What is the Explorer?)
Litmaps (What is Litmaps?)
scite Smart Citations (What are Smart Citations?)
Code, Data and Media Associated with this Article
CatalyzeX Code Finder for Papers (What is CatalyzeX?)
DagsHub (What is DagsHub?)
Gotit.pub (What is GotitPub?)
Papers with Code (What is Papers with Code?)
ScienceCast (What is ScienceCast?)
Demos
Recommenders and Search Tools
Influence Flower (What are Influence Flowers?)
Connected Papers (What is Connected Papers?)
CORE Recommender (What is CORE?)
arXivLabs: experimental projects with community collaborators
arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.
Both individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them.
Have an idea for a project that will add value for arXiv's community? Learn more about arXivLabs.