State space exploration using feedback constraint generation and Monte-Carlo sampling

Sriram Sankaranarayanan, Richard M. Chang, Guofei Jiang, Franjo Ivancic
2007 Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering - ESEC-FSE '07  
The systematic exploration of the space of all the behaviours of a software system forms the basis of numerous approaches to verification. However, existing approaches face many challenges with scalability and precision. We propose a framework for validating programs based on statistical sampling of inputs guided by statically generated constraints, that steer the simulations towards more "desirable" traces. Our approach works iteratively: each iteration first simulates the system on some
more » ... sampled from a restricted space, while recording facts about the simulated traces. Subsequent iterations of the process attempt to steer the future simulations away from what has already been seen in the past iterations. This is achieved by two separate means: (a) we perform symbolic executions in order to guide the choice of inputs, and (b) we sample from the input space using a probability distribution specified by means of previously observed test data using a Markov Chain Monte-Carlo (MCMC) technique. As a result, the sampled inputs generate traces that are likely to be significantly different from the observations in the previous iterations in some user specified ways. We demonstrate that our approach is effective. It can rapidly isolate rare behaviours of systems that reveal more bugs.
doi:10.1145/1287624.1287670 dblp:conf/sigsoft/SankaranarayananCJI07 fatcat:v7pdkus3zvajthjyf65degqgou