Efficient state merging in symbolic execution
نویسندگان
چکیده
منابع مشابه
Efficient Leveraging of Symbolic Execution
Automatic test data generation (ATG) is a major topic in software engineering. In this paper, we bridge the gap between the coverage criteria supported by state-of-the-art whitebox ATG technologies, especially Dynamic Symbolic Execution, and advanced coverage criteria found in the literature. We define a new testing criterion, label coverage, and prove it to be both expressive and amenable to e...
متن کاملDynamic Symbolic Execution with Interpolation Based Path Merging
This paper presents a dynamic symbolic execution engine for automated bug detection in C code. It uses path merging based on interpolation with unsatisfiable cores to mitigate the exponential path explosion problem. Code coverage can be scaled by varying the interpolation. An algorithm for error and branch coverage is described. The implementation extends Eclipse CDT. It is evaluated on buffer ...
متن کاملA General Lattice Model for Merging Symbolic Execution Branches
Symbolic execution is a software analysis technique that has been used with success in the past years in program testing and verification. A main bottleneck of symbolic execution is the path explosion problem: the number of paths in a symbolic execution tree is exponential in the number of static branches of the executed program. Here we put forward an abstraction-based framework for state merg...
متن کاملEfficient Loop Navigation for Symbolic Execution
Symbolic execution is a successful and very popular technique used in software verification and testing. A key limitation of symbolic execution is in dealing with code containing loops. The problem is that even a single loop can generate a huge number of different symbolic execution paths, corresponding to different number of loop iterations and taking various paths through the loop. We introdu...
متن کاملRedundant State Detection for Dynamic Symbolic Execution
Many recent tools use dynamic symbolic execution to perform tasks ranging from automatic test generation, finding security flaws, equivalence verification, and exploit generation. However, while symbolic execution is promising, it perennially struggles with the fact that the number of paths in a program increases roughly exponentially with both code and input size. This paper presents a techniq...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: ACM SIGPLAN Notices
سال: 2012
ISSN: 0362-1340,1558-1160
DOI: 10.1145/2345156.2254088