EXE: A system for automatically generating inputs of death using symbolic execution

@inproceedings{Cadar2006EXEAS,
  title={EXE: A system for automatically generating inputs of death using symbolic execution},
  author={Cristian Cadar and Paul Twohey and V. Ganesh and Dawson R. Engler},
  booktitle={CCS 2006},
  year={2006}
}
Systems code defines an error-prone execution state space built from deeply nested conditionals and function call chains, massive amounts of code, and enthusiastic use of casting and pointer operations. Such code is hard to test and difficult to inspect, yet a single error can crash a machine or form the basis of a security breach. This paper presents EXE, a system designed to automatically find bugs in such code using symbolic execution. At a high level, rather than running the code on… CONTINUE READING
Highly Influential
This paper has highly influenced 10 other papers. REVIEW HIGHLY INFLUENTIAL CITATIONS
Highly Cited
This paper has 117 citations. REVIEW CITATIONS

Citations

Publications citing this paper.
SHOWING 1-10 OF 43 CITATIONS, ESTIMATED 37% COVERAGE

118 Citations

01020'08'11'14'17
Citations per Year
Semantic Scholar estimates that this publication has 118 citations based on the available data.

See our FAQ for additional information.

References

Publications referenced by this paper.
SHOWING 1-10 OF 29 REFERENCES

Discovering malicious disks with symbolic execution

  • C. Sar, P. Twohey, J. Yang, C. Cadar, D. Engler
  • In IEEE Symposium on Security and Privacy,
  • 2006
Highly Influential
4 Excerpts

A theory of predicate-complete test coverage and generation

  • T. Ball
  • In FMCO’: Symp. on Formal Methods for Components…
  • 2004
Highly Influential
7 Excerpts

Similar Papers

Loading similar papers…