Abstract
Dynamic symbolic execution, or concolic execution,
is a program testing technique that systematically executes a
program with the aim of exploring all feasible program paths,
and locating and reporting all errors encountered in these paths.
However, as the complexity of the program grows, the number of
program paths explodes, making it infeasible for concolic testers
to explore all of them. To reduce the number of paths to explore,
several concolic testing tools have recently started employing
static analysis to prune paths guaranteed by the static analysis
to be safe. The concolic tester must then only focus on those
paths that might contain an error, as reported by the analysis.
However, due to imprecisions in the analysis’ result, the reported
errors may just be false positives, and it is up to the tester to
verify whether a reported alarm is an actual error or merely a
false positive. In this position paper, we propose to increase the
precision of these analyses by not only performing an initial static
analysis before starting concolic testing of the program, but also
by launching incremental static analyses over the program at run
time, and incorporating into the analyses run-time information
observed by the tester. The increased precision that results from
incorporating such run-time information should enable further
pruning of the program paths that must be explored by the
concolic tester.
is a program testing technique that systematically executes a
program with the aim of exploring all feasible program paths,
and locating and reporting all errors encountered in these paths.
However, as the complexity of the program grows, the number of
program paths explodes, making it infeasible for concolic testers
to explore all of them. To reduce the number of paths to explore,
several concolic testing tools have recently started employing
static analysis to prune paths guaranteed by the static analysis
to be safe. The concolic tester must then only focus on those
paths that might contain an error, as reported by the analysis.
However, due to imprecisions in the analysis’ result, the reported
errors may just be false positives, and it is up to the tester to
verify whether a reported alarm is an actual error or merely a
false positive. In this position paper, we propose to increase the
precision of these analyses by not only performing an initial static
analysis before starting concolic testing of the program, but also
by launching incremental static analyses over the program at run
time, and incorporating into the analyses run-time information
observed by the tester. The increased precision that results from
incorporating such run-time information should enable further
pruning of the program paths that must be explored by the
concolic tester.
Original language | English |
---|---|
Title of host publication | BElgian-NEtherlands Software eVOLution Symposium |
Publisher | CEUR Workshop Proceedings |
Pages | 26-29 |
Number of pages | 4 |
Volume | 2047 |
ISBN (Electronic) | 1613-0073 |
Publication status | Published - 5 Dec 2017 |
Event | BElgian-NEtherlands software eVOLution symposium 2017 (BENEVOL) - Hof Van Liere - Prinsstraat 13 - BE 2000 Antwerp (Belgium), Antwerp, Belgium Duration: 4 Dec 2017 → 5 Dec 2017 http://ansymore.uantwerpen.be/events/benevol2017 https://ansymore.uantwerpen.be/events/benevol2017 |
Publication series
Name | CEUR Workshop Proceedings |
---|---|
Publisher | RWTH Aachen |
ISSN (Print) | 1613-0073 |
Workshop
Workshop | BElgian-NEtherlands software eVOLution symposium 2017 (BENEVOL) |
---|---|
Abbreviated title | BENEVOL 2017 |
Country/Territory | Belgium |
City | Antwerp |
Period | 4/12/17 → 5/12/17 |
Internet address |
Keywords
- Blended Analysis
- Concolic Testing
- Static Analysis