Compact Symbolic Execution
Ji\v{r}\'i Slab\'y, Jan Strej\v{c}ek, Marek Trt\'ik
TL;DR
This paper introduces compact symbolic execution, a technique that analyzes cyclic paths to create templates, resulting in smaller, often finite symbolic execution trees that retain all information of traditional methods.
Contribution
It generalizes King's symbolic execution by incorporating cyclic path templates, enabling more efficient and potentially finite symbolic execution trees.
Findings
Compact trees are significantly smaller than classic trees.
For some programs, compact trees are finite while classic trees are infinite.
The method preserves all information of traditional symbolic execution.
Abstract
We present a generalisation of King's symbolic execution technique called compact symbolic execution. It proceeds in two steps. First, we analyse cyclic paths in the control flow graph of a given program, independently from the rest of the program. Our goal is to compute a so called template for each such a cyclic path. A template is a declarative parametric description of all possible program states, which may leave the analysed cyclic path after any number of iterations along it. In the second step, we execute the program symbolically with the templates in hand. The result is a compact symbolic execution tree. A compact tree always carry the same information in all its leaves as the corresponding classic symbolic execution tree. Nevertheless, a compact tree is typically substantially smaller than the corresponding classic tree. There are even programs for which compact symbolic…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSoftware Testing and Debugging Techniques · Software Engineering Research · Software Reliability and Analysis Research