ISSTA/ECOOP 2024
Mon 16 - Fri 20 September 2024 Vienna, Austria
ISSTA/ECOOP 2024 (series) / FUZZING 2024 (series) / FUZZING 2024 /

Sparse Symbolic Loop Execution

Frank Busse, Martin Nowack, Cristian Cadar
FUZZING 2024
Mon 16 Sep 2024 15:30 - 15:45 at EI 9 Hlawka - Bach Session

Dynamic symbolic execution is a powerful program analysis technique but often limited by the path-explosion problem, particularly in the presence of heavily branching loops. In this paper, we introduce sparse symbolic loop execution (SSLE), a novel approach aimed at mitigating this issue.

In symbolic execution, program paths are internally represented by states. SSLE observes the edge patterns of sibling states, spawned from the same loop, at program branches up to a pre-computed loop-impact barrier. States that exhibit unique patterns of taken edges are selected for further exploration, while others are postponed.

We implemented SSLE in a prototype called SparKLE and evaluated it on a set of 8 benchmarks against the popular symbolic execution engine KLEE. SSLE shows promising results and could increase line coverage by up to 55% in 1 hour runs using a depth-first-search heuristic. In other cases up to 99.997% of states could be postponed without any loss in coverage. Our planned evaluation will include a diverse set of 50 real-world benchmarks and will aim to better understand the effectiveness of SparKLE in handling symbolic loops, and how it compares with less complex approaches.

small-avatar
Frank Busse
Imperial College London
United Kingdom
Martin Nowack
Martin Nowack
Imperial College London
United Kingdom
Cristian Cadar
Cristian Cadar
Imperial College London
United Kingdom

Mon 16 Sep

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

15:30 - 17:00
Bach SessionFUZZING at EI 9 Hlawka
15:30
15m
Talk
Sparse Symbolic Loop Execution
FUZZING
Frank Busse Imperial College London, Martin Nowack Imperial College London, Cristian Cadar Imperial College London
15:45
15m
Talk
LOOL: Low-Overhead, Optimization-Log-Guided Compiler Fuzzing
FUZZING
Florian Schwarcz Johannes Kepler University Linz, Felix Berlakovich μCSRL, CODE Research Institute, University of the Bundeswehr Munich, Gergö Barany Oracle Labs, Hanspeter Mössenböck JKU Linz
16:00
15m
Talk
The Havoc Paradox in Generator-Based Fuzzing
FUZZING
Ao Li Carnegie Mellon University, Madonna Huang University of British Columbia, Caroline Lemieux University of British Columbia, Rohan Padhye Carnegie Mellon University
16:15
15m
Talk
Understanding and Improving Coverage Tracking with AFL++
FUZZING
Vasil Sarafov μCSRL, CODE Research Institute, University of the Bundeswehr Munich, David Markvica μCSRL, CODE Research Institute, University of the Bundeswehr Munich, Felix Berlakovich μCSRL, CODE Research Institute, University of the Bundeswehr Munich, Matthias Bernad μCSRL, CODE Research Institute, University of the Bundeswehr Munich, Stefan Brunthaler μCSRL, CODE Research Institute, University of the Bundeswehr Munich
16:30
30m
Day closing
Concluding Remarks
FUZZING


Information for Participants
Mon 16 Sep 2024 15:30 - 17:00 at EI 9 Hlawka - Bach Session
Info for room EI 9 Hlawka:

Map: https://tuw-maps.tuwien.ac.at/?q=CAEG17

Room tech: https://raumkatalog.tiss.tuwien.ac.at/room/13939