Symbolic execution formally explained
نویسندگان
چکیده
Abstract In this paper, we provide a formal explanation of symbolic execution in terms transition system and prove its correctness completeness with respect to an operational semantics which models the on concrete values.We first introduce formalmodel for basic programming languagewith statically fixed number variables. This model is extended language recursive procedures are called by call-by-value parameter mechanism. Finally, present more general framework proving soundness object-oriented features dynamically allocated
منابع مشابه
Symbolic Techniques for Formally Verifying Industrial Systems
The design of correct computer systems is extremely difficult. However, it is also a very important task. Such systems are frequently used in applications where failures can have catastrophic consequences, or cause significant financial losses. Simulation and testing are the most widely used verification techniques, but they can only show the presence of errors and cannot demonstrate correctnes...
متن کاملSymbolic Execution with CEGAR
Symbolic execution, a standard technique in program analysis, is a particularly successful and popular component in systems for test-case generation. One of the open research problems is that the approach suffers from the path-explosion problem. We apply abstraction to symbolic execution, and refine the abstract model using counterexampleguided abstraction refinement (Cegar), a standard techniq...
متن کاملRelational Symbolic Execution
Symbolic execution is a classical program analysis technique, widely used for program testing and bug finding. In this work we generalize symbolic execution to support program analysis for relational properties, namely properties about two programs, or about two executions of a single program on different inputs. We design a relational symbolic execution engine, named RelSym, which supports tes...
متن کاملNoninterference via Symbolic Execution
Noninterference is a high-level security property that guarantees the absence of illicit information flow at runtime. Noninterference can be enforced statically using information flow type systems; however, these are criticized for being overly conservative and rejecting secure programs. More precision can be achieved by using program logics, but such an approach lacks its own verification tool...
متن کاملSymbolic Execution for Verification
In previous work, we presented a symbolic execution method which starts with a concrete model of the program but progressively abstracts away details only when these are known to be irrelevant using interpolation. In this paper, we extend the technique to handle unbounded loops. The central idea is to progressively discover the strongest invariants through a process of loop unrolling. The key f...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Formal Aspects of Computing
سال: 2021
ISSN: ['1433-299X', '0934-5043']
DOI: https://doi.org/10.1007/s00165-020-00527-y