2013 | OriginalPaper | Buchkapitel
Lazy Symbolic Execution through Abstraction and Sub-space Search
verfasst von : Guodong Li, Indradeep Ghosh
Erschienen in: Hardware and Software: Verification and Testing
Verlag: Springer International Publishing
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
We present an approach to address a main performance bottleneck in symbolic execution. Despite a powerful method to produce test cases with high coverage, symbolic execution often suffers from the problem of exploring a huge number of paths without (1) significantly increasing the coverage, and (2) going deep enough to hit hot spots. The situation becomes worse for modern programming languages such as C/C++ which extensively use library calls and shared code. In this paper we use a novel “lazy” execution approach to evaluate functions, library calls, and other entities commonly used in a high level language. Specifically, the symbolic executor uses high level abstractions and sub-space search to control and guide symbolic execution so that only necessary paths are visited to produce valid test cases. This method is able to avoid exploring many useless or duplicate paths. Experimental results show that it can help solve path constraints and produce test cases in much less time. For many programs, it can improve the performance by several orders of magnitude while maintaining the same source code coverage.