Constraint Solving and Symbolic Execution
For many decades, the correctness of programs has been a concern for computer scientists and software engineers. At present, it is still not easy to ensure the correctness of nontrivial programs, although many researchers have made various attempts in this direction.
Recently, the Verifying Compiler is proposed as a grand challenge in computing research . But its goal can be achieved incrementally. The following is quoted from Hoare (page 68 of ):
The progress of the project can be assessed by the number of lines of code that have been verified, and the level of annotation and verification that has been achieved. The relevant levels of annotations are: structural integrity, partial functional specification, total specification. The relevant levels of verification are: by testing, by human proof, by machine assistance, and fully automatic.
KeywordsFalse Alarm Constraint Satisfaction Problem Path Condition Symbolic Execution Generate Test Case
- 1.Boyer, R.S., Elspas, B., Levitt, K.N.: SELECT – A formal system for testing and debugging programs by symbolic execution. In: Proc. of the Int. conf. on Reliable Software, pp. 234–245 (1975)Google Scholar
- 5.Flanagan, C., Leino, K.R.M., Lillibridge, M., Nelson, G., Saxe, J.B., Stata, R.: Extended static checking for Java. In: Proc. of the ACM SIGPLAN Conf. on Programming Language Design and Implementation (PLDI), pp. 234–245 (2002)Google Scholar
- 6.Hoare, C.A.R.: Assertions in modern software engineering practice, Keynote address. In: 26th Int’l Computer Software and Applications Conf (COMPSAC), Oxford, England (August 2002)Google Scholar
- 9.Mackworth, A.K.: Constraint satisfaction. In: Shapiro, S.C. (ed.) Encyclopedia of Artificial Intelligence, vol. 1, pp. 205–211. John Wiley, New York (1990)Google Scholar
- 10.Zhang, J.: Symbolic execution of program paths involving pointer and structure variables. In: Proc. of the 4th Int’l Conf. on Quality Software (QSIC), pp. 87–92 (2004)Google Scholar
- 12.Zhang, J., Xu, C., Wang, X.: Path-oriented test data generation using symbolic execution and constraint solving techniques. In: Proc. 2nd Int’l Conf. on Software Engineering and Formal Methods (SEFM), pp. 242–250 (2004)Google Scholar
- 13.Zitser, M., Lippmann, R., Leek, T.: Testing static analysis tools using exploitable buffer overflows from open source code. In: Proc. of the 12th ACM SIGSOFT Int’l Symp. on Foundations of Software Engineering, pp. 97–106 (2004)Google Scholar