Reduction: a method of proving properties of parallel programs
Communications of the ACM
Partial-Order Methods for the Verification of Concurrent Systems: An Approach to the State-Explosion Problem
Formal Methods in System Design
Dynamic partial-order reduction for model checking software
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
DART: directed automated random testing
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Empirical Software Engineering
Test input generation for java containers using state matching
Proceedings of the 2006 international symposium on Software testing and analysis
Heuristics for Scalable Dynamic Test Generation
ASE '08 Proceedings of the 2008 23rd IEEE/ACM International Conference on Automated Software Engineering
JPF-SE: a symbolic execution extension to Java PathFinder
TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
RWset: attacking path explosion in constraint-based test generation
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Symbolic execution for software testing: three decades later
Communications of the ACM
Hybrid learning: interface generation through static, dynamic, and symbolic analysis
Proceedings of the 2013 International Symposium on Software Testing and Analysis
Hi-index | 0.00 |
Symbolic execution is a powerful tool to systematically explore programs, but it must be applied judiciously to be cost-effective, particularly with large program units. This work focuses on symbolically executing classes. While this technique can lead to a complete exploration, it can also be very expensive, combining the costs of symbolic execution with those of exploring the resulting method tree. Existing approaches addressing this problem either incur considerable overhead or can skip valuable sequences. We propose reducing this cost by leveraging a read/write analysis to track possible changes between methods. By identifying calls to a class's fields, sequences involving methods that cannot interact with accesses by previous methods may be pruned. This drastically reduces the cost to determine whether a method call could lead to unique states while considerably reducing the method tree. Preliminary evaluations show our technique can be more efficient than alternative approaches that guarantee complete path coverage.