Language-Independent Program Verification Using Symbolic Execution
نویسندگان
چکیده
In this paper we present an automatic and language-independent program verification approach based on symbolic execution. The specification formalism we consider is Reachability Logic, a language-independent logic that constitutes an alternative to Hoare logics. Reachability Logic has a sound and relatively complete deduction system, which offers a lot of freedom (but no guidelines) for constructing proofs. Hence, we propose symbolic execution as a strategy for proof construction. We show that, under reasonable conditions on the semantics of programming languages, our symbolic-execution based Reachability-Logic formula verification is sound. We present a prototype implementation of the resulting language-independent verifier as an extension of a generic symbolic execution engine that we are developing in the K framework. The verifier is illustrated on programs written in languages also formally defined in K. Key-words: Program Verification, Reachability Logic, Symbolic Execution. ∗ University of Iasi, Romania † University of Iasi, Romania ‡ Inria Lille Nord Europe ha l-0 08 64 34 1, v er si on 2 26 S ep 2 01 3 Résumé : Nous présentons une méthode automatique pour vérifier des programmes, qui ne dépend pas du langage de programmation dans lequel les programmes à vérifier sont écrits. Pour celà nous nous appuyons sur la Reachability Logic, un formalisme de spécification introduit récemment, qui peut être vu comme une alternative à la logique de Hoare, mais qui, contrairement à cette dernière, ne dépend pas du langage de programmation utilisé. La Reachability Logic a un système déductif qui est correct et relativement complet, qui laisse beaucoup de liberté à l’utilisateur sur la manière d’appliquer les règles de déduction, mais qui n’offre pas de mode d’emploi pour construire des preuves. Nous montrons que l’on peut utiliser une méthode générique d’exécution symbolique de programmes, que nous avons introduite récemment, comme une stratégie de construction de preuves dans ce système déductif. Nous montrons que, moyennant des conditions raisonnables sur la sémantique des langages de programmation, notre méthode de vérification est correcte. Nous présentons une implémentation prototype d’un outil de vérification basé sur ces idées, que nous avons implémenté dans la K framework et que nous illustrons sur des exemples de programmes écrits dans des langages formellement définis en K. Mots-clés : Vérification de programmes, Reachability Logic, exécution symbolique. ha l-0 08 64 34 1, v er si on 2 26 S ep 2 01 3 Program Verification Using Symbolic Execution 3
منابع مشابه
A Generic Framework for Symbolic Execution: Theory and Applications
The modern world is shifting from the traditional workmanship to a more automated work environment, where software systems are increasingly used for automating, controlling and monitoring human activities. In many cases, software systems appear in critical places which may immediately affect our lives or the environment. Therefore, the software that runs on such systems has to be safe. This req...
متن کاملThe Symbolic Execution Debugger: a Productivity Tool for Java Based on Eclipse and KeY
We present the Symbolic Execution Debugger (SED), an extension of the Eclipse debug platform for interactive symbolic execution. Being based on symbolic execution, its functionality goes beyond that of traditional interactive debuggers. For instance, debugging can start directly at any method or statement and all program execution paths are explored simultaneously. To support program comprehens...
متن کاملProtocol-based verification of MPI programs
We present a methodology for the verification of Message Passing Interface (MPI) programs written in C. The aim is to statically verify programs against protocol specifications, enforcing properties such as fidelity and absence of deadlocks. We make use of a protocol language based on a dependent type system for message-passing parallel programs. For the verification of a program against a give...
متن کاملA Dynamic Logic for Unstructured Programs with Embedded Assertions
We present a program logic for an intermediate verification programming language and provide formal definitions of its syntax and semantics. The language is unstructured, indeterministic, and has embedded assertions. A set of sound rewrite rules which allow symbolic execution of programs is given. We prove the soundness of three inference rules using invariants which can be used to deal with lo...
متن کامل