We present \lcsym, a typed $\lambda$-calculus for lenient symbolic execution, where some language constructs do not recognize symbolic values. Its type system, however, ensures safe behavior of all symbolic values in a program. Our calculus extends a base occurrence typing system with symbolic types and mutable state, making it a suitable model for both functional and imperative symbolically executed languages. Naively allowing mutation in this mixed setting introduces soundness issues, however, so we further add concreteness polymorphism, which restores soundness without rejecting too many valid programs. To show that our calculus is a useful model for a real language, we implemented Typed Rosette, a typed extension of the solver-aided Rosette language. We evaluate Typed Rosette by porting a large code base, demonstrating that our type system accommodates a wide variety of symbolically executed programs.
Thu 11 JanDisplayed time zone: Tijuana, Baja California change
13:40 - 15:20 | |||
13:40 25mTalk | Go with the Flow: Compositional Abstractions for Concurrent Data Structures Research Papers Siddharth Krishna New York University, Dennis Shasha New York University, Thomas Wies New York University | ||
14:05 25mTalk | Parametricity versus the Universal Type Research Papers | ||
14:30 25mTalk | Linearity in Higher-Order Recursion Schemes Research Papers Pierre Clairambault CNRS & ENS Lyon, Charles Grellois INRIA Sophia Antipolis & Aix-Marseille Université, Andrzej Murawski University of Oxford | ||
14:55 25mTalk | Symbolic Types for Lenient Symbolic Execution Research Papers Stephen Chang Northeastern University, Alex Knauth Northeastern University, Emina Torlak University of Washington | ||