Efficient Loop Navigation for Symbolic Execution

Warning

This publication doesn't include Faculty of Economics and Administration. It includes Faculty of Informatics. Official publication website can be found on muni.cz.
Authors

OBDRŽÁLEK Jan TRTÍK Marek

Year of publication 2011
Type Article in Proceedings
Conference Automated Technology for Verification and Analysis, 9th International Symposium, ATVA 2011
MU Faculty or unit

Faculty of Informatics

Citation
Doi http://dx.doi.org/10.1007/978-3-642-24372-1_34
Field Informatics
Keywords symbolic execution; loops in programs; program verification; bug-finding
Description Symbolic execution is a successful technique used in software verification and testing. A key limitation of symbolic execution is in dealing with code containing loops. We introduce a technique which, given a start location above some loops and a target location anywhere below these loops, returns a feasible path between these two locations, if such a path exists. The technique infers a collection of constraint systems from the program and uses them to steer the symbolic execution towards the target. On reaching a loop it iteratively solves the appropriate constraint system to find out which path through this loop to take, or, alternatively, whether to continue below the loop. To construct the constraint systems we express the values of variables modified in a loop as functions of the number of times a given path through the loop was executed.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.