Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis 2022
DOI: 10.1145/3533767.3534384
|View full text |Cite
|
Sign up to set email alerts
|

Combining static analysis error traces with dynamic symbolic execution (experience paper)

Frank Busse
1
,
Pritam Gharat
2
,
Cristian Cadar
3
et al.

Abstract: This paper reports on our experience implementing a technique for sifting through static analysis reports using dynamic symbolic execution. Our insight is that if a static analysis tool produces a partial trace through the program under analysis, annotated with conditions that the analyser believes are important for the bug to trigger, then a dynamic symbolic execution tool may be able to exploit the trace by (a) guiding the search heuristically so that paths that follow the trace most closely are prioritised … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1

Citation Types

0
2
0

Year Published

2023
2023
2024
2024

Publication Types

Select...
4
2

Relationship

0
6

Authors

Journals

citations
Cited by 7 publications
(2 citation statements)
references
References 42 publications
(41 reference statements)
0
2
0
Order By: Relevance
“…The authors in [13] discuss combining the Clang Static Analyzer with the dynamic symblic analyzer KLEE to refine the analysis. They highlight that traces provided by Clang are not that useful, and that Clang struggles to find non-trivial true positive.…”
Section: Future Workmentioning
confidence: 99%

Uncovering Hidden Dependencies: Constructing Intelligible Path Witnesses using Dataflow Analyses

Umann,
Horváth,
Porkoláb
2024
Acta Cybern
0
0
0
0
View full textAdd to dashboardCite
show abstract
“…The authors in [13] discuss combining the Clang Static Analyzer with the dynamic symblic analyzer KLEE to refine the analysis. They highlight that traces provided by Clang are not that useful, and that Clang struggles to find non-trivial true positive.…”
Section: Future Workmentioning
confidence: 99%

Uncovering Hidden Dependencies: Constructing Intelligible Path Witnesses using Dataflow Analyses

Umann,
Horváth,
Porkoláb
2024
Acta Cybern
0
0
0
0
View full textAdd to dashboardCite
show abstract
“…In this paper, we report our experiences investigating the functionality of directed symbolic execution in vulnerability verification scenario and designing a new heuristic search strategy called Dynamic Critical Constraint Modification (DCCM) search which utilize critical constraint to modify other forward symbolic execution strategy to reach the target program point quickly. As Busse F [7] concludes in their research, while fault injection experiments show the promise of guiding search by static report traces, they also reveal that those traces are not that useful in guiding search, even the same as just giving the vulnerability location as auxiliary. As a result, vulnerability verification problem serves as a line reachability problem, that is, given only a target point and a vulnerability type, generating test cases that can reproduce the vulnerability at the program point.…”
Section: Introductionmentioning
confidence: 98%

Vulnerability verification with the assistance of directed symbolic execution

Sun1,
Tang2,
Wei3
et al. 2023
International Conference on Cryptography, Network Security, and Communication Technology (CNSCT 2023)
0
0
0
0
View full textAdd to dashboardCite
show abstract

Concrete Constraint Guided Symbolic Execution

Sun,
Yang,
Lv
et al. 2024
Proceedings of the IEEE/ACM 46th International Conference on Software Engineering
0
0
0
0
View full textAdd to dashboardCite
scite logo

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Product
Browser ExtensionAssistant by sciteCitation Statement SearchReference CheckVisualizationsDashboardsExplore JournalsExplore OrganizationsExplore FundersEmbedding BadgeEmbedding Citation SearchPricing
Resources
BlogHelp & FAQAccessibility StatementAPI TermsFor Universities & GovernmentsFor ResearchersFor PublishersFor Corporate, Pharma & EnterpriseAuthor MarketingBecome an AffiliateGet an organization trial or quotescite Data & Services
About
News & PressCareersRead our PaperCoverage

BlogTerms and ConditionsAPI TermsPrivacy PolicyContactCookie PreferencesDo Not Sell or Share My Personal Information

Copyright © 2024 scite LLC. All rights reserved.

Made with 💙 for researchers

Part of the Research Solutions Family.