Dynamic symbolic execution is a program analysis technique that can automatically explore and analyse paths through a program. It is now a key ingredient in many computer science areas, such as software engineering, computer security, and software systems, to name just a few.

For many tasks, such as failure reproduction, coverage augmentation and patch testing, many parts of the code are irrelevant and could be safely skipped. Chopped symbolic execution is a technique that can aggressively skip potentially irrelevant parts of the code, lazily executing paths through them if and only if they are needed later on. In this talk, I will introduce chopped symbolic execution, show how its precision can be improved via a novel past-sensitive pointer analysis, and present promising preliminary results on failure reproduction and coverage augmentation.

The talk is based on joint work with David Trabish, Noam Rinetzky, Timotej Kapus and Andrea Mattavelli.

Cristian Cadar is Professor of Software Reliability in the Department of Computing at Imperial College London, where he leads the Software Reliability Group, working on automatic techniques for increasing the reliability and security of software systems. Cristian’s research has been recognised by several prestigious awards, including the EuroSys Jochen Liedtke Award, the HVC Award, the BCS Roger Needham Award, the ACM SIGOPS Hall of Fame Award, and the ACM CCS Test of Time Award. He also received an ERC Consolidator Grant and an EPSRC Early-Career Fellowship. Many of the research techniques he co-authored have been open-sourced and used by several groups in both academia and industry. In particular, he is co-author and the principal maintainer of the KLEE symbolic execution system, a popular system with a large user base. Cristian has a PhD in Computer Science from Stanford University, and undergraduate and Master’s degrees from the Massachusetts Institute of Technology.