EXE: Automatically Generating Inputs of Death

@article{Cadar2008EXEAG,
  title={EXE: Automatically Generating Inputs of Death},
  author={Cristian Cadar and Vijay Ganesh and Peter M. Pawlowski and D. Dill and D. Engler},
  journal={ACM Trans. Inf. Syst. Secur.},
  year={2008},
  volume={12},
  pages={10:1-10:38}
}
  • Cristian Cadar, Vijay Ganesh, +2 authors D. Engler
  • Published 2008
  • Computer Science
  • ACM Trans. Inf. Syst. Secur.
  • This article presents EXE, an effective bug-finding tool that automatically generates inputs that crash real code. Instead of running code on manually or randomly constructed input, EXE runs it on symbolic input initially allowed to be anything. As checked code runs, EXE tracks the constraints on each symbolic (i.e., input-derived) memory location. If a statement uses a symbolic value, EXE does not run it, but instead adds it as an input-constraint; all other statements run as usual. If code… CONTINUE READING
    Automated Whitebox Fuzz Testing
    • 1,038
    • Highly Influenced
    • Open Access
    Directed Symbolic Execution
    • 158
    • Open Access
    Catchconv : Symbolic execution and run-time type inference for integer conversion errors
    • 47
    • Highly Influenced
    • Open Access
    Verifying systems rules using rule-directed symbolic execution
    • 46
    • Open Access
    KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs
    • 2,397
    • Open Access
    Test Input Generation for Programs with Pointers
    • 14
    • Highly Influenced
    • Open Access
    A Survey of Symbolic Execution Techniques
    • 152
    • Highly Influenced
    • Open Access
    Cause clue clauses: error localization using maximum satisfiability
    • 198
    • Open Access

    References

    Publications referenced by this paper.
    SHOWING 1-10 OF 10 REFERENCES
    Model Checking Programs
    • 850
    • Highly Influential
    • Open Access
    Bandera: extracting finite-state models from Java source code
    • 800
    • Highly Influential
    Model checking for programming languages using VeriSoft
    • 839
    • Highly Influential
    • Open Access
    Cogent: Accurate Theorem Proving for Program Verification
    • 57
    • Highly Influential
    • Open Access
    Automatically validating temporal safety properties of interfaces
    • 682
    • Highly Influential
    • Open Access
    From code to models
    • 47
    • Highly Influential
    • Open Access
    The Model Checker SPIN
    • 4,099
    • Highly Influential
    • Open Access
    Flow-sensitive type qualifiers
    • 366
    • Highly Influential
    • Open Access
    SMTLIB competition
    • 2006
    The model checker SPIN. Software Engineering
    • 1997