TY - GEN
T1 - Dynamic symbolic execution for the analysis of web server applications in Java
AU - Balasubramanian, Daniel
AU - Zhang, Zhenkai
AU - McDermet, Dan
AU - Karsai, Gabor
N1 - Publisher Copyright:
© 2019 Copyright held by the owner/author(s). Publication rights licensed to ACM.
PY - 2019
Y1 - 2019
N2 - Symbolic execution is a well-known program analysis technique that explores multiple program paths simultaneously. Among other things, it is used to uncover subtle bugs and corner cases in programs, as well as to produce high-coverage test suites. Even though symbolic execution has seen successful use in practice, there remain challenges in applying it to programs like web servers that use features such as multithreading and callbacks. This paper describes our dynamic symbolic execution framework for Java that was designed with these types of features in mind. Our framework uses bytecode instrumentation combined with a run-time agent to perform the symbolic execution. We give a detailed description of the challenges we faced along with our design choices. We also present benchmark results on various examples including programs that use web server frameworks.
AB - Symbolic execution is a well-known program analysis technique that explores multiple program paths simultaneously. Among other things, it is used to uncover subtle bugs and corner cases in programs, as well as to produce high-coverage test suites. Even though symbolic execution has seen successful use in practice, there remain challenges in applying it to programs like web servers that use features such as multithreading and callbacks. This paper describes our dynamic symbolic execution framework for Java that was designed with these types of features in mind. Our framework uses bytecode instrumentation combined with a run-time agent to perform the symbolic execution. We give a detailed description of the challenges we faced along with our design choices. We also present benchmark results on various examples including programs that use web server frameworks.
KW - Program analysis
KW - Symbolic execution
KW - Testing
UR - http://www.scopus.com/inward/record.url?scp=85065643290&partnerID=8YFLogxK
U2 - 10.1145/3297280.3297494
DO - 10.1145/3297280.3297494
M3 - Conference contribution
AN - SCOPUS:85065643290
SN - 9781450359337
T3 - Proceedings of the ACM Symposium on Applied Computing
SP - 2178
EP - 2185
BT - Proceedings of the ACM Symposium on Applied Computing
PB - Association for Computing Machinery
T2 - 34th Annual ACM Symposium on Applied Computing, SAC 2019
Y2 - 8 April 2019 through 12 April 2019
ER -