Abstract
We present a technique to automatically generate search heuristics for concolic testing. A key challenge in concolic testing is how to effectively explore the program's execution paths to achieve high code coverage in a limited time budget. Concolic testing employs a search heuristic to address this challenge, which favors exploring particular types of paths that are most likely to maximize the final coverage. However, manually designing a good search heuristic is nontrivial and typically ends up with suboptimal and unstable outcomes. The goal of this paper is to overcome this shortcoming of concolic testing by automatically generating search heuristics. We define a class of search heuristics, namely a parameterized heuristic, and present an algorithm that efficiently finds an optimal heuristic for each subject program. Experimental results with open-source C programs show that our technique successfully generates search heuristics that significantly outperform existing manually-crafted heuristics in terms of branch coverage and bug-finding.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 40th International Conference on Software Engineering, ICSE 2018 |
| Publisher | IEEE Computer Society |
| Pages | 1244-1254 |
| Number of pages | 11 |
| ISBN (Electronic) | 9781450356381 |
| DOIs | |
| Publication status | Published - 2018 May 27 |
| Event | 40th International Conference on Software Engineering, ICSE 2018 - Gothenburg, Sweden Duration: 2018 May 27 → 2018 Jun 3 |
Publication series
| Name | Proceedings - International Conference on Software Engineering |
|---|---|
| ISSN (Print) | 0270-5257 |
Conference
| Conference | 40th International Conference on Software Engineering, ICSE 2018 |
|---|---|
| Country/Territory | Sweden |
| City | Gothenburg |
| Period | 18/5/27 → 18/6/3 |
Bibliographical note
Publisher Copyright:© 2018 ACM.
ASJC Scopus subject areas
- Software