A Generic Framework for Symbolic Execution

Arusoaie, Andrei; Lucanu, Dorel; Rusu, Vlad

doi:10.1007/978-3-319-02654-1_16

Cited by 21 publications

(56 citation statements)

References 30 publications

(28 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In related work [15] we prove that the above assumption can always be satisfied, by implementing unification with the rules of L by the matching with the rules of a language L sym , which extends the syntax of and semantics of L, such that the programs in L sym are exactly the symbolic programs of L (and the symbolic execution of programs in L is the usual execution of programs in L sym ). We illustrate how this is done via an example; other examples follow in the paper.…”

Section: Inriamentioning

confidence: 96%

“…One component of the framework is a compiler of K definitions to Maude [17] specifications, which can then be used for executing programs and for analysing them. K also offers some support for symbolic calculus [18] (in progress), including a connection to the Z3 SMT solver [19]. We have used these components in a prototype tool implementing our deductive system for program equivalence.…”

Section: A Prototype Implementationmentioning

confidence: 99%

See 1 more Smart Citation

Program equivalence by circular reasoning

Lucanu

Rusu

2015

Form. Asp. Comput.

Self Cite

View full text Add to dashboard Cite

We propose a logic and a deductive system for stating and automatically proving the equivalence of programs in deterministic languages having a rewriting-based operational semantics. The deductive system is circular in nature and is proved sound and weakly complete; together, these results say that, when it terminates, our system correctly solves the program-equivalence problem as we state it. We show that our approach is suitable for proving the equivalence of both terminating and non-terminating programs, and also the equivalence of both concrete and symbolic programs. The latter are programs in which some statements or expressions are symbolic variables. By proving the equivalence between symbolic programs, one proves in one shot the equivalence of (possibly, infinitely) many concrete programs obtained by replacing the variables by concrete statements or expressions. We also report on a prototype implementation of the proposed deductive system in the K Framework.Key-words: Program Equivalence, Circular Reasoning, K framework. * University of Iasi, Romania † Inria Lille Nord Europe Equivalence de Programmes par Raisonnement Circulaire Résumé :Nous proposons une logique et un système déductif pour exprimer et prouver automatiquement l'équivalence de programmes dans des langages déterministes munis de sé-mantiques opérationnelles définies par réécriture. Le système déductif proposé est de nature circulaire; nous démontrons qu'il est correct et faiblement complet. Ces deux résultats signifient que notre système résout correctement le problème d'équivalence de programmes tels que nous l'avons posé. Nous montrons que ce système fonctionne autant pour des programmes qui terminent que pour des programmes qui ne terminent pas. Les programmes dits symboliques, dans lesquels certaines expressions ou instructions restent non-interprétés, peuvent également être traités par notre approche. La démonstration d'une équivalence entre deux programmes symboliques revient à démontrer l'équivalence entre une infinité potentielle de programmes concrets, qui sont des instances des programmes symboliques obtenues en remplaçant les variables symboliques par des instructions ou des expressions concrètes. Enfin, nous décrivons une implé-mentation prototype de notre système déductif dans la K framework.

show abstract

Section: Inriamentioning

confidence: 96%

Section: A Prototype Implementationmentioning

confidence: 99%

Program equivalence by circular reasoning

Lucanu

Rusu

2015

Form. Asp. Comput.

Self Cite

View full text Add to dashboard Cite

show abstract

“…The process of computing the one-step rewrites of a given constrained term (t ; ϕ) under R • is decomposed into two conceptual steps using Maude's metalevel. First, all possible triples (u ; θ ; φ) such that t → u(R • ) u is witnessed by a matching substitution θ and a rule with constraint φ are computed 4 . Second, these triples are filtered out by keeping only those for which the quantifier-free formula ϕ ∧ φθ is E + 0 -satisfiable.…”

Section: Reflective Implementation Of R •mentioning

confidence: 99%

“…Last but not least, recently, A. Arusoaie et al [4] have proposed a language-independent symbolic execution framework, within the K framework [44], for languages endowed with a formal operational semantics based on term rewriting. There, the builtin subtheories are the datatypes of a programming language and symbolic analysis is performed on constrained terms (called patterns); unification is also implemented by matching for a restricted class of rewrite rules and uses SMT solvers to check constraints.…”

Section: Related Work and Concluding Remarksmentioning

confidence: 99%

Rewriting modulo SMT and open system analysis

Rocha

Meseguer

Muñoz

2017

Journal of Logical and Algebraic Methods in Programming

View full text Add to dashboard Cite

Abstract. This paper proposes rewriting modulo SMT, a new technique that combines the power of SMT solving, rewriting modulo theories, and model checking. Rewriting modulo SMT is ideally suited to model and analyze reachability properties of infinite-state open systems, i.e., systems that interact with a nondeterministic environment. Such systems exhibit both internal nondeterminism, which is proper to the system, and external nondeterminism, which is due to the environment. In a reflective formalism, such as rewriting logic, rewriting modulo SMT can be reduced to standard rewriting. Hence, rewriting modulo SMT naturally extends rewriting-based reachability analysis techniques, which are available for closed systems, to open systems. The proposed technique is illustrated with the formal analysis of: (i) a real-time system that is beyond the scope of timed-automata methods and (ii) automatic detection of reachability violations in a synchronous language developed to support autonomous spacecraft operations.

show abstract

“…The most significant difference with our approach is that narrowing-based techniques only allow unconditional rewrite rules, which we do allow (and intensively use) in this paper; on the other hand, they deal with linear-temporal logic, which is more expressive than reachability logic. Last but not least, rewriting modulo smt [34,35] is a theory and implementation of symbolic execution in Maude, essentially isomorphic to the one we developed for K [36] -an example of simultaneous discovery and materialisation of concepts that are "in the air" at a certain moment in time.…”

Section: Introductionmentioning

confidence: 99%

Executing and verifying higher-order functional-imperative programs in Maude

Rusu¹,

Arusoaie²

2017

Journal of Logical and Algebraic Methods in Programming

Self Cite

View full text Add to dashboard Cite

We incorporate higher-order functions and state monads in Maude, thereby embedding a higher-order functional language with imperative features in the Maude framework. We illustrate, via simple programs in the resulting language: the concrete and symbolic execution of programs; their verification with respect to properties expressed in Reachability Logic, a languageparametric generalisation of Hoare Logic; and the verification of programequivalence properties. Our approach is proved sound and is implemented in Full Maude by taking advantage of its reflective features and module system.

show abstract

A Generic Framework for Symbolic Execution

Cited by 21 publications

References 30 publications

Program equivalence by circular reasoning

Program equivalence by circular reasoning

Rewriting modulo SMT and open system analysis

Executing and verifying higher-order functional-imperative programs in Maude

Contact Info

Product

Resources

About