Divide, Conquer and Verify: Improving Symbolic Execution Performance
Christopher Scherb, Luc Bryan Heitz, Hermann Grieder, Olivier Mattmann
TL;DR
This paper proposes a divide-and-conquer method for symbolic execution that improves performance by executing program slices separately and then combining results, addressing the path explosion and SMT solving challenges.
Contribution
It introduces a novel divide-and-conquer approach that enhances symbolic execution efficiency by modularizing analysis and reducing complexity.
Findings
Significant reduction in execution time on large programs
Effective mitigation of path explosion problem
Improved scalability of symbolic execution tools
Abstract
Symbolic Execution is a formal method that can be used to verify the behavior of computer programs and detect software vulnerabilities. Compared to other testing methods such as fuzzing, Symbolic Execution has the advantage of providing formal guarantees about the program. However, despite advances in performance in recent years, Symbolic Execution is too slow to be applied to real-world software. This is primarily caused by the \emph{path explosion problem} as well as by the computational complexity of SMT solving. In this paper, we present a divide-and-conquer approach for symbolic execution by executing individual slices and later combining the side effects. This way, the overall problem size is kept small, reducing the impact of computational complexity on large problems.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSoftware Testing and Debugging Techniques · Advanced Malware Detection Techniques · Software Reliability and Analysis Research