Lazy Initialization (LI) allows symbolic execution to effectively deal with heap-allocated data structures, thanks to a significant reduction in spurious and redundant symbolic structures. Bounded lazy initialization (BLI) improves on LI by taking advantage of precomputed relational bounds on the interpretation of class fields in order to reduce the number of spurious structures even further. In this paper we present bounded lazy initialization with SAT support (BLISS), a novel technique that refines the search for valid structures during the symbolic execution process. BLISS builds upon BLI, extending it with field bound refinement and satisfiability checks. Field bounds are refined while a symbolic structure is concretized, avoiding cases...
Propositionalization of a first-order theory followed by satisfiability testing has proved to be a r...
Abstract. Concurrent systems are notoriously difficult to analyze, and technological advances such a...
Symbolic execution is a well established technique for software testing and analysis. However, scala...
In this article we present BLISS, a novel technique that builds upon BLI, extending it with field bo...
Lazy initialization enables symbolic execution for programs with heap-allocated inputs. In this arti...
Symbolic execution is a well established method for test input generation. Despite of having achieve...
Programs that manipulate dynamic heap objects are difficult to analyze due to issues like aliasing. ...
This paper presents Kiasan, a bounded technique to reason about open systems based on a path sensiti...
Software model checkers are able to exhaustively explore different bounded program executions arisin...
This paper presents a big-step operational semantics for distributed lazy evaluation. Our semantics ...
Symbolic execution is a popular program analysis technique that allows seeking for bugs by reasoning...
We present a new approach for specifying and verifying resource utilization of higher-order function...
Programs that concurrently access shared data are ubiquitous: bank accounts, shopping carts, invento...
Concurrent systems are notoriously difficult to analyze, and technological advances such as weak mem...
First order logic with transitive closure, and separation logic enable elegant interactive verificat...
Propositionalization of a first-order theory followed by satisfiability testing has proved to be a r...
Abstract. Concurrent systems are notoriously difficult to analyze, and technological advances such a...
Symbolic execution is a well established technique for software testing and analysis. However, scala...
In this article we present BLISS, a novel technique that builds upon BLI, extending it with field bo...
Lazy initialization enables symbolic execution for programs with heap-allocated inputs. In this arti...
Symbolic execution is a well established method for test input generation. Despite of having achieve...
Programs that manipulate dynamic heap objects are difficult to analyze due to issues like aliasing. ...
This paper presents Kiasan, a bounded technique to reason about open systems based on a path sensiti...
Software model checkers are able to exhaustively explore different bounded program executions arisin...
This paper presents a big-step operational semantics for distributed lazy evaluation. Our semantics ...
Symbolic execution is a popular program analysis technique that allows seeking for bugs by reasoning...
We present a new approach for specifying and verifying resource utilization of higher-order function...
Programs that concurrently access shared data are ubiquitous: bank accounts, shopping carts, invento...
Concurrent systems are notoriously difficult to analyze, and technological advances such as weak mem...
First order logic with transitive closure, and separation logic enable elegant interactive verificat...
Propositionalization of a first-order theory followed by satisfiability testing has proved to be a r...
Abstract. Concurrent systems are notoriously difficult to analyze, and technological advances such a...
Symbolic execution is a well established technique for software testing and analysis. However, scala...