This is an evolving document describing the meta-theory, the implementation, and the instantiations of Gillian, a multi-language symbolic analysis platform.The set of GIL values, ∈ Val, contains numbers, strings, booleans, uninterpreted symbols 1 , simple types (e.g. types for numbers, strings, booleans and lists), function identifiers, and lists of values. The set of GIL expressions, ∈ Expr, contains values, program variables, and various unary and binary operators such as those used for number, string, boolean, and list manipulation. The set of GIL symbolic expressions, ˆ ∈ Êxpr, is constructed in the same way as for GIL expressions, except that it is built from symbolic variables, ˆ ∈ X, instead of program variables, and we assume it contains the standard set of symbolic Boolean expressions.GIL commands, ∈ Cmd , contain variable assignment, conditional goto, procedure call, memory actions, commands for allocation of uninterpreted and interpreted symbols, function return, error termination and path cutting. Their semantics will be explained in more detail in §2.5. A GIL procedure, ( ){ }, comprises an identifier ∈ F , a formal parameter 2 , and a body given by a list of commands . A GIL program is a set of GIL procedures.
Execution Memory ModelsThe execution memory models defined below are designed for whole-program execution. They differ from those introduced in [4] in that they unify the concrete and symbolic memory models of [4] and also introduce memory well-formedness. An execution memory model is parametric on a value set, V ∈ v, and an action set, ∈ . The value set must contain the GIL values: that is, Val ⊆ V. We distinguish the Boolean value set, Π ⊂ V, and refer to ∈ Π as a context. For example, for concrete execution, the contexts are the Booleans true and false whereas, for symbolic execution, they are Boolean symbolic expressions such as ˆ ∧ ˆ .1 Uninterpreted symbols can be used to represent, for example, memory locations, given by a dedicated subset L ⊂ US , or TL-specific constants. 2 Without loss of generality, we describe one-parameter procedures for convenience in the Gillian theory, using multiple parameters in the Gillian implementation.
