DyTa: dynamic symbolic execution guided with static verification results

Authors:
Xi Ge;Kunal Taneja;Tao Xie;Nikolai Tillmann
Affiliations:
North Carolina State University, Raleigh, NC, USA;North Carolina State University, Raleigh, NC, USA;North Carolina State University, Raleigh, NC, USA;Microsoft Research, Redmond, WA, USA
Venue:
Proceedings of the 33rd International Conference on Software Engineering
Year:
2011

Citing 7
Cited 4

Finding bugs is easy

OOPSLA '04 Companion to the 19th annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications
Check 'n' crash: combining static checking and testing

Proceedings of the 27th international conference on Software engineering
DART: directed automated random testing

Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
CUTE: a concolic unit testing engine for C

Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering
Effective typestate verification in the presence of aliasing

Proceedings of the 2006 international symposium on Software testing and analysis
Pex: white box test generation for .NET

TAP'08 Proceedings of the 2nd international conference on Tests and proofs
Practical verification for the working programmer with codecontracts and abstract interpretation

VMCAI'11 Proceedings of the 12th international conference on Verification, model checking, and abstract interpretation

Program slicing enhances a verification technique combining static and dynamic analysis

Proceedings of the 27th Annual ACM Symposium on Applied Computing
Verifying systems rules using rule-directed symbolic execution

Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Dynamically validating static memory leak warnings

Proceedings of the 2013 International Symposium on Software Testing and Analysis
Behind the scenes in SANTE: a combination of static and dynamic analyses

Automated Software Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Software-defect detection is an increasingly important research topic in software engineering. To detect defects in a program, static verification and dynamic test generation are two important proposed techniques. However, both of these techniques face their respective issues. Static verification produces false positives, and on the other hand, dynamic test generation is often time consuming. To address the limitations of static verification and dynamic test generation, we present an automated defect-detection tool, called DyTa, that combines both static verification and dynamic test generation. DyTa consists of a static phase and a dynamic phase. The static phase detects potential defects with a static checker; the dynamic phase generates test inputs through dynamic symbolic execution to confirm these potential defects. DyTa reduces the number of false positives compared to static verification and performs more efficiently compared to dynamic test generation.