Using symbolic execution to guide test generation: Research Articles

  • Authors:
  • Gareth Lee;John Morris;Kris Parker;Gary A. Bundell;Peng Lam

  • Affiliations:
  • Department of Computer Science and Software Engineering, The University of Western Australia, Crawley, WA 6009, Australia;Department of Electrical Eng., The Univ. of Auckland, Private Bag 92019, Auckland, New Zealand and Dept. of Electrical and Electronics Eng., Chung-Ang Univ., Huksuk-dong 221, Dongjak-gu, Seoul 156 ...;Division of Science and Engineering, Murdoch University, South Street, Murdoch, WA 6150, Australia;Department of Electrical and Electronic Engineering, The University of Western Australia, Crawley, WA 6009, Australia;School of Computer and Information Science, Edith Cowan University, Joondalup, WA 6027, Australia

  • Venue:
  • Software Testing, Verification & Reliability
  • Year:
  • 2005

Quantified Score

Hi-index 0.00

Visualization

Abstract

Although a number of weaknesses of symbolic execution, when used for software testing, have been highlighted in the literature, the recent resurgence of strongly-typed languages has created opportunities for re-examining symbolic execution to determine whether these shortfalls can be overcome. This paper discusses symbolic execution in general and makes two contributions: (a) overcoming one of the key problems, analysing programs with indexed arrays; and (b) describing the incorporation of a symbolic execution module for test case generation into an integrated testing tool. For methods which index arrays, a new approach determines all the possible values of each array index, allowing the generation of equivalence classes for every possible combination of array element aliases. An incremental simplification approach, which converts path expressions to canonical forms in order to identify infeasible paths at the earliest opportunity and thus reduce the analysis time, is also described. Symbolic execution is most effective when included in an integrated test and analysis environment: a component test bench was built with a symbolic execution module integrated into it, providing a toolbox of software component test and code analysis methods aimed at programmers at all levels. Copyright © 2000 John Wiley & Sons, Ltd.