All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Backward Symbolic Execution with Loop Folding

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F21%3A00122663" target="_blank" >RIV/00216224:14330/21:00122663 - isvavai.cz</a>

  • Result on the web

    <a href="https://link.springer.com/chapter/10.1007%2F978-3-030-88806-0_3" target="_blank" >https://link.springer.com/chapter/10.1007%2F978-3-030-88806-0_3</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1007/978-3-030-88806-0_3" target="_blank" >10.1007/978-3-030-88806-0_3</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Backward Symbolic Execution with Loop Folding

  • Original language description

    Symbolic execution is an established program analysis tech- nique that aims to search all possible execution paths of the given pro- gram. Due to the so-called path explosion problem, symbolic execution is usually unable to analyze all execution paths and thus it is not convenient for program verification as a standalone method. This paper focuses on backward symbolic execution (BSE), which searches program paths backwards from the error location whose reachability should be proven or refuted. We show that this technique is equivalent to performing k-induction on control-flow paths. While standard BSE simply unwinds all program loops, we present an extension called loop folding that aims to derive loop invariants during BSE that are sufficient to prove the unreachability of the error location. The resulting technique is called backward symbolic execution with loop folding (BSELF). Our experiments show that BSELF performs better than BSE and other tools based on k-induction when non-trivial benchmarks are considered. Moreover, a sequential combination of symbolic execution and BSELF achieved very competitive results compared to state-of-the-art verification tools.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    10200 - Computer and information sciences

Result continuities

  • Project

  • Continuities

    S - Specificky vyzkum na vysokych skolach<br>I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace

Others

  • Publication year

    2021

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Static Analysis - 28th International Symposium, SAS 2021, Chicago, IL, USA, October 17-19, 2021, Proceedings

  • ISBN

    9783030888053

  • ISSN

    0302-9743

  • e-ISSN

  • Number of pages

    28

  • Pages from-to

    49-76

  • Publisher name

    Springer

  • Place of publication

    Cham (Switzerland)

  • Event location

    Chicago

  • Event date

    Jan 1, 2021

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

    000720084200003

Similar results(10)

Abstracting Path ConditionsEfficient Loop Navigation for Symbolic ExecutionSymbiotic 9: String Analysis and Backward Symbolic Execution with Loop Folding