Safely reducing the cost of unit level symbolic execution through read/write analysis

Authors:
Eric F. Rizzi;Mathew B. Dwyer;Sebastian Elbaum
Affiliations:
University of Nebraska - Lincoln;University of Nebraska - Lincoln;University of Nebraska - Lincoln
Venue:
ACM SIGSOFT Software Engineering Notes
Year:
2014

Citing 12
Cited 0

Reduction: a method of proving properties of parallel programs

Communications of the ACM
Partial-Order Methods for the Verification of Concurrent Systems: An Approach to the State-Explosion Problem

Partial-Order Methods for the Verification of Concurrent Systems: An Approach to the State-Explosion Problem
Exploiting Object Escape and Locking Information in Partial-Order Reductions for Concurrent Object-Oriented Programs

Formal Methods in System Design
Dynamic partial-order reduction for model checking software

Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
DART: directed automated random testing

Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Supporting Controlled Experimentation with Testing Techniques: An Infrastructure and its Potential Impact

Empirical Software Engineering
Test input generation for java containers using state matching

Proceedings of the 2006 international symposium on Software testing and analysis
Heuristics for Scalable Dynamic Test Generation

ASE '08 Proceedings of the 2008 23rd IEEE/ACM International Conference on Automated Software Engineering
JPF-SE: a symbolic execution extension to Java PathFinder

TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
RWset: attacking path explosion in constraint-based test generation

TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Symbolic execution for software testing: three decades later

Communications of the ACM
Hybrid learning: interface generation through static, dynamic, and symbolic analysis

Proceedings of the 2013 International Symposium on Software Testing and Analysis

Quantified Score

Hi-index	0.00

Visualization

Abstract

Symbolic execution is a powerful tool to systematically explore programs, but it must be applied judiciously to be cost-effective, particularly with large program units. This work focuses on symbolically executing classes. While this technique can lead to a complete exploration, it can also be very expensive, combining the costs of symbolic execution with those of exploring the resulting method tree. Existing approaches addressing this problem either incur considerable overhead or can skip valuable sequences. We propose reducing this cost by leveraging a read/write analysis to track possible changes between methods. By identifying calls to a class's fields, sequences involving methods that cannot interact with accesses by previous methods may be pruned. This drastically reduces the cost to determine whether a method call could lead to unique states while considerably reducing the method tree. Preliminary evaluations show our technique can be more efficient than alternative approaches that guarantee complete path coverage.