Aymeric Fromherz
Abstract
Symbolic Execution is a program analysis technique used to increase software reliability. Modern software often manipulate complex data structures, many of which being similar to arrays. We present a novel approach and implementation in Symbolic PathFinder for handling symbolic arrays in Java. It enables analyzing a broader class of programs that manipulates arrays. We also extend the Symbolic Pathfinder testcase generation to support numeric arrays.
- T. Avgerinos, A. Rebert, S. K. Cha, and D. Brumley. Enhancing symbolic execution with veritesting. ICSE 2014. Google Scholar
Digital Library
- E. Bounimova, P. Godefroid, and D. Molnar. Billions and billions of constraints: Whitebox fuzz testing in production. ICSE '13.Google Scholar
- C. Cadar, P. Godefroid, S. Khurshid, C. S. Păsăreanu, K. Sen, N. Tillmann, and W. Visser. Symbolic execution for software testing in practice: Preliminary assessment. ICSE'11.Google Scholar
- J. Christ, J. Hoenicke, and A. Nutz. SMTInterpol: An interpolating SMT solver. In Proceedings of the 19th International Workshop on Model Checking Software (SPIN), pages 248--254, 2012. Google ScholarDigital Library
- L. Ciortea, C. Zamfir, S. Bucur, V. Chipounov, and G. Candea. Cloud9: A software testing service. SIGOPS Oper. Syst. Rev., 43(4):5--10, Jan. 2010. Google ScholarDigital Library
- L. De Moura and N. Bjørner. Z3: an efficient smt solver. TACAS'08/ETAPS'08.Google Scholar
- L. de Moura and N. Bjørner. Generalized, efficient array decision procedures.Google Scholar
- S. Khurshid, C. S. Păsăreanu, and W. Visser. Generalized symbolic execution for model checking and testing. In Proceedings of the 9th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS), pages 553--568, 2003. Google ScholarCross Ref
- J. C. King. Symbolic execution and program testing. Commun. ACM, 19(7):385--394, July 1976. Google ScholarDigital Library
- K. Luckow, M. Dimjašević, D. Giannakopoulou, F. Howar, M. Isberner, T. Kahsai, Z. Rakamarić, and V. Raman. JDart: A dynamic symbolic analysis framework. In M. Chechik and J.-F. Raskin, editors, Proceedings of the 22nd International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS), 2016. Google ScholarDigital Library
- J. Mccarthy. Towards a mathematical science of computation. In In IFIP Congress, pages 21--28. North-Holland, 1962.Google Scholar
- C. S. Pasareanu, W. Visser, D. H. Bushnell, J. Geldenhuys, P. C. Mehlitz, and N. Rungta. Symbolic pathfinder: integrating symbolic execution with model checking for java bytecode analysis. Automated Software Engineering, 20(3):391--425, 2013. Google ScholarCross Ref
- M. Souza, M. Borges, M. d'Amorim, and C. S. Păsăreanu. CORAL: Solving complex constraints for symbolic Pathfinder. In Proceedings of the 3rd NASA Formal Methods Symposium (NFM), pages 359--374, 2011. Google ScholarCross Ref
Index Terms
- Symbolic Arrays in Symbolic PathFinder
Recommendations
Symbolic PathFinder v7
We describe Symbolic PathFinder v7 in terms of its updated design addressing the changes of Java PathFinder v7 and of its new optimization when computing path conditions. Furthermore, we describe the Symbolic Execution Tree Extension; a newly added ...
Shadow Symbolic Execution with Java PathFinder
Regression testing ensures that a software system when it evolves still performs correctly and that the changes introduce no unintended side-effects. However, the creation of regression test cases that show divergent behavior needs a lot of effort. A ...
Complete Shadow Symbolic Execution with Java PathFinder
Regression testing ensures the correctness of the software during its evolution, with special attention on the absence of unintended side-e ects that might be introduced by changes. However, the manual creation of regression test cases, which expose ...
Comments