Finding real bugs in big programs with incorrectness logic
Incorrectness Logic (IL) has recently been advanced as a logical theory for compositionally
proving the presence of bugs—dual to Hoare Logic, which is used to compositionally prove …
proving the presence of bugs—dual to Hoare Logic, which is used to compositionally prove …
Graph-based seed object synthesis for search-based unit testing
Search-based software testing (SBST) generates tests using search algorithms guided by
measurements gauging how far a test case is away from exercising a coverage goal. The …
measurements gauging how far a test case is away from exercising a coverage goal. The …
Enhancing symbolic execution of heap-based programs with separation logic for test input generation
Symbolic execution is a well established method for test input generation. Despite of having
achieved tremendous success over numerical domains, existing symbolic execution …
achieved tremendous success over numerical domains, existing symbolic execution …
Compositional satisfiability solving in separation logic
QL Le - … , Model Checking, and Abstract Interpretation: 22nd …, 2021 - Springer
We introduce a novel decision procedure to the satisfiability problem in array separation
logic combined with general inductively defined predicates and arithmetic. Our proposal …
logic combined with general inductively defined predicates and arithmetic. Our proposal …
[PDF][PDF] Efficient Bounded Exhaustive Input Generation from Program APIs
M Politano, V Bengolea, F Molina… - International …, 2023 - library.oapen.org
Bounded exhaustive input generation (BEG) is an effective approach to reveal software
faults. However, existing BEG approaches require a precise specification of the valid inputs …
faults. However, existing BEG approaches require a precise specification of the valid inputs …
S2TD: A separation logic verifier that supports reasoning of the absence and presence of bugs
Heap-manipulating programs are known to be challenging to reason about. We present a
novel verifier for heap-manipulating programs called S2TD, which encodes programs …
novel verifier for heap-manipulating programs called S2TD, which encodes programs …
Bi-abductive inference for shape and ordering properties
In separation logic, bi-abduction-a combination of abductive inference and frame inference-
is the key enabler for compositional reasoning, helping to scale up verification significantly …
is the key enabler for compositional reasoning, helping to scale up verification significantly …
Compositional verification of heap-manipulating programs through property-guided learning
Analyzing and verifying heap-manipulating programs automatically is challenging. A key for
fighting the complexity is to develop compositional methods. For instance, many existing …
fighting the complexity is to develop compositional methods. For instance, many existing …
[PDF][PDF] Decision procedures for separation logic: beyond symbolic heaps
J Pagel - 2020 - scholar.archive.org
Separation logic is a formalism for the verification of programs that make extensive use of
dynamic resources, such as heap-allocated memory. Separation logic enables modular …
dynamic resources, such as heap-allocated memory. Separation logic enables modular …
Bi-Abduction for Shapes with Ordered Data
C Curry, QL Le - arXiv preprint arXiv:2006.10439, 2020 - arxiv.org
Shape analysis is of great importance for the verification of the correctness and memory-
safety of heap-manipulating programs, yet such analyses have been shown to be highly …
safety of heap-manipulating programs, yet such analyses have been shown to be highly …