Enhancing symbolic execution with veritesting

Thanassis Avgerinos, Alexandre Rebert, Sang Kil Cha, David Brumley
2014 Proceedings of the 36th International Conference on Software Engineering - ICSE 2014  
We present MergePoint, a new binary-only symbolic execution system for large-scale testing of commodity off-the-shelf (COTS) software. MergePoint introduces veritesting, a new technique that employs static symbolic execution to amplify the effect of dynamic symbolic execution. Veritesting allows MergePoint to find twice as many bugs, explore orders of magnitude more paths, and achieve higher code coverage than previous dynamic symbolic execution systems. MergePoint is currently running daily on
more » ... a 100 node cluster analyzing 33,248 Linux binaries; has generated more than 15 billion SMT queries, 200 million test cases, 2,347,420 crashes, and found 11,687 bugs in 4,379 distinct applications.
doi:10.1145/2568225.2568293 dblp:conf/icse/AvgerinosRCB14 fatcat:lju5ctb2dbfpnp6cbdyvpox4ka