English
Related papers

Related papers: Divide, Conquer and Verify: Improving Symbolic Exe…

200 papers

Dynamic symbolic execution (DSE) is a powerful method for path exploration during hybrid fuzzing and automatic bug detection. We propose security predicates to effectively detect undefined behavior and memory access violation errors.…

Cryptography and Security · Computer Science 2022-03-23 Alexey Vishnyakov , Vlada Logunova , Eli Kobrin , Daniil Kuts , Darya Parygina , Andrey Fedotov

We describe a technique for systematic testing of multi-threaded programs. We combine Quasi-Optimal Partial-Order Reduction, a state-of-the-art technique that tackles path explosion due to interleaving non-determinism, with symbolic…

Programming Languages · Computer Science 2020-07-23 Daniel Schemmel , Julian Büning , César Rodríguez , David Laprell , Klaus Wehrle

We propose a symbolic execution method for programs that can draw random samples. In contrast to existing work, our method can verify randomized programs with unknown inputs and can prove probabilistic properties that universally quantify…

Programming Languages · Computer Science 2022-09-19 Zachary Susag , Sumit Lahiri , Justin Hsu , Subhajit Roy

Hybrid testing approaches that involve fuzz testing and symbolic execution have shown promising results in achieving high code coverage, uncovering subtle errors and vulnerabilities in a variety of software applications. In this paper we…

Software Engineering · Computer Science 2018-06-11 Yannic Noller , Rody Kersten , Corina S. Păsăreanu

We introduce a novel copy-protection method for industrial control software. With our method, a program executes correctly only on its target hardware and behaves differently on other machines. The hardware-software binding is based on…

Cryptography and Security · Computer Science 2026-03-12 Daniel Dorfmeister , Flavio Ferrarotti , Bernhard Fischer , Evelyn Haslinger , Rudolf Ramler , Markus Zimmermann

Recently virtual platforms and virtual prototyping techniques have been widely applied for accelerating software development in electronics companies. It has been proved that these techniques can greatly shorten time-to-market and improve…

Software Engineering · Computer Science 2016-01-25 Bin Lin , Dejun Qian

Symbolic execution is an SMT-based software verification and testing technique. Symbolic execution requires tracking performed computations during software simulation to reason about branches in the software under test. The prevailing…

Software Engineering · Computer Science 2025-05-27 Sören Tempel , Tobias Brandt , Christoph Lüth , Christian Dietrich , Rolf Drechsler

Symbolic execution is a program analysis technique executing programs with symbolic instead of concrete inputs. This principle allows for exploring many program paths at once. Despite its wide adoption -- in particular for program testing…

Programming Languages · Computer Science 2023-10-13 Arthur Correnson , Dominic Steinhoefel

Symbolic execution is an important software analysis technique which benefits downstream tasks such as software testing and debugging. However, several limitations hinder symbolic execution from application on real-world software. One of…

Software Engineering · Computer Science 2025-11-25 Wenhan Wang , Kaibo Liu , Zeyu Sun , An Ran Chen , Ge Li , Gang Huang , Lei Ma

Symbolic execution now becomes an indispensable technique for software testing and program analysis. There are several symbolic execution tools available off-the-shelf, and we need a practical benchmark approach to learn their capabilities.…

Software Engineering · Computer Science 2018-05-28 Hui Xu , Zirui Zhao , Yangfan Zhou , Michael R. Lyu

In previous work, we presented a symbolic execution method which starts with a concrete model of the program but progressively abstracts away details only when these are known to be irrelevant using interpolation. In this paper, we extend…

Programming Languages · Computer Science 2011-03-11 Joxan Jaffar , Jorge A. Navas , Andrew E. Santosa

In permission logics such as separation logic, the iterated separating conjunction is a quantifier denoting access permission to an unbounded set of heap locations. In contrast to recursive predicates, iterated separating conjunctions do…

Programming Languages · Computer Science 2016-05-09 Peter Müller , Malte Schwerhoff , Alexander J. Summers

Symbolic execution is a classical program analysis technique used to show that programs satisfy or violate given specifications. In this work we generalize symbolic execution to support program analysis for relational specifications in the…

Programming Languages · Computer Science 2019-08-05 Gian Pietro Farina , Stephen Chong , Marco Gaboardi

Gradual verification, which supports explicitly partial specifications and verifies them with a combination of static and dynamic checks, makes verification more incremental and provides earlier feedback to developers. While an abstract,…

Programming Languages · Computer Science 2023-11-14 Conrad Zimmerman , Jenna DiVincenzo , Jonathan Aldrich

Symbolic execution is a key technology in software testing, which generates test cases by collecting symbolic path constraints and then solving constraints with SMT solvers. Symbolic execution has been proven helpful in generating…

Software Engineering · Computer Science 2024-09-17 Wenhan Wang , Kaibo Liu , An Ran Chen , Ge Li , Zhi Jin , Gang Huang , Lei Ma

In semi-symbolic (control-explicit data-symbolic) model checking the state-space explosion problem is fought by representing sets of states by first-order formulas over the bit-vector theory. In this model checking approach, most of the…

Programming Languages · Computer Science 2017-11-27 Jan Mrázek , Martin Jonáš , Jiří Barnat

Static analysis is the analysis of a program without executing it, usually carried out by an automated tool. Symbolic execution is a popular static analysis technique used both in program verification and in bug detection software. It works…

Software Engineering · Computer Science 2024-08-06 Gabor Horvath , Reka Kovacs , Zoltan Porkolab

Symbolic execution is a powerful program analysis technique that can formally reason the correctness of program behaviors and detect software bugs. It can systematically explore the execution paths of the tested program. But it suffers from…

Cryptography and Security · Computer Science 2025-05-07 Shuangjie Yao , Dongdong She

Conventional tools for formal hardware/software co-verification use bounded model checking techniques to construct a single monolithic propositional formula. Formulas generated in this way are extremely complex and contain a great deal of…

Formal Languages and Automata Theory · Computer Science 2020-01-07 Rajdeep Mukherjee , Saurabh Joshi , John O'Leary , Daniel Kroening , Tom Melham

Fuzzing and symbolic execution are popular techniques for finding vulnerabilities and generating test-cases for programs. Fuzzing, a blackbox method that mutates seed input values, is generally incapable of generating diverse inputs that…

Software Engineering · Computer Science 2017-12-13 Saahil Ognawala , Thomas Hutzelmann , Eirini Psallida , Alexander Pretschner