CHALUPA, Marek a Jan STREJČEK. Backward Symbolic Execution with Loop Folding. Online. In Cezara Dragoi, Suvam Mukherjee, and Kedar S. Namjoshi. Static Analysis - 28th International Symposium, SAS 2021, Chicago, IL, USA, October 17-19, 2021, Proceedings. Cham (Switzerland): Springer, 2021, s. 49-76. ISBN 978-3-030-88805-3. Dostupné z: https://dx.doi.org/10.1007/978-3-030-88806-0_3. |
Další formáty:
BibTeX
LaTeX
RIS
@inproceedings{1799589, author = {Chalupa, Marek and Strejček, Jan}, address = {Cham (Switzerland)}, booktitle = {Static Analysis - 28th International Symposium, SAS 2021, Chicago, IL, USA, October 17-19, 2021, Proceedings}, doi = {http://dx.doi.org/10.1007/978-3-030-88806-0_3}, editor = {Cezara Dragoi, Suvam Mukherjee, and Kedar S. Namjoshi}, keywords = {symbolic execution;k-induction;backward symbolic execution;inductive invariants;invariants}, howpublished = {elektronická verze "online"}, language = {eng}, location = {Cham (Switzerland)}, isbn = {978-3-030-88805-3}, pages = {49-76}, publisher = {Springer}, title = {Backward Symbolic Execution with Loop Folding}, url = {https://link.springer.com/chapter/10.1007%2F978-3-030-88806-0_3}, year = {2021} }
TY - JOUR ID - 1799589 AU - Chalupa, Marek - Strejček, Jan PY - 2021 TI - Backward Symbolic Execution with Loop Folding PB - Springer CY - Cham (Switzerland) SN - 9783030888053 KW - symbolic execution;k-induction;backward symbolic execution;inductive invariants;invariants UR - https://link.springer.com/chapter/10.1007%2F978-3-030-88806-0_3 N2 - Symbolic execution is an established program analysis tech- nique that aims to search all possible execution paths of the given pro- gram. Due to the so-called path explosion problem, symbolic execution is usually unable to analyze all execution paths and thus it is not convenient for program verification as a standalone method. This paper focuses on backward symbolic execution (BSE), which searches program paths backwards from the error location whose reachability should be proven or refuted. We show that this technique is equivalent to performing k-induction on control-flow paths. While standard BSE simply unwinds all program loops, we present an extension called loop folding that aims to derive loop invariants during BSE that are sufficient to prove the unreachability of the error location. The resulting technique is called backward symbolic execution with loop folding (BSELF). Our experiments show that BSELF performs better than BSE and other tools based on k-induction when non-trivial benchmarks are considered. Moreover, a sequential combination of symbolic execution and BSELF achieved very competitive results compared to state-of-the-art verification tools. ER -
CHALUPA, Marek a Jan STREJČEK. Backward Symbolic Execution with Loop Folding. Online. In Cezara Dragoi, Suvam Mukherjee, and Kedar S. Namjoshi. \textit{Static Analysis - 28th International Symposium, SAS 2021, Chicago, IL, USA, October 17-19, 2021, Proceedings}. Cham (Switzerland): Springer, 2021, s.~49-76. ISBN~978-3-030-88805-3. Dostupné z: https://dx.doi.org/10.1007/978-3-030-88806-0\_{}3.
|