State Merging with Quantifiers in Symbolic Execution

David Trabish, Noam Rinetzky, Sharon Shoham, Vaibhav Sharma

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

We address the problem of constraint encoding explosion which hinders the applicability of state merging in symbolic execution. Specifically, our goal is to reduce the number of disjunctions and if-then-else expressions introduced during state merging. The main idea is to dynamically partition the symbolic states into merging groups according to a similar uniform structure detected in their path constraints, which allows to efficiently encode the merged path constraint and memory using quantifiers. To address the added complexity of solving quantified constraints, we propose a specialized solving procedure that reduces the solving time in many cases. Our evaluation shows that our approach can lead to significant performance gains.

Original languageEnglish
Title of host publicationESEC/FSE 2023 - Proceedings of the 31st ACM Joint Meeting European Software Engineering Conference and Symposium on the Foundations of Software Engineering
EditorsSatish Chandra, Kelly Blincoe, Paolo Tonella
PublisherAssociation for Computing Machinery, Inc
Pages1140-1152
Number of pages13
ISBN (Electronic)9798400703270
DOIs
StatePublished - 30 Nov 2023
Event31st ACM Joint Meeting European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC/FSE 2023 - San Francisco, United States
Duration: 3 Dec 20239 Dec 2023

Publication series

NameESEC/FSE 2023 - Proceedings of the 31st ACM Joint Meeting European Software Engineering Conference and Symposium on the Foundations of Software Engineering

Conference

Conference31st ACM Joint Meeting European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC/FSE 2023
Country/TerritoryUnited States
CitySan Francisco
Period3/12/239/12/23

Funding

FundersFunder number
Blavatnik Family Foundation
Israel Science Foundation1996/18, 1810/18

    Keywords

    • State Merging
    • Symbolic Execution

    Fingerprint

    Dive into the research topics of 'State Merging with Quantifiers in Symbolic Execution'. Together they form a unique fingerprint.

    Cite this