Program Analysis: From Qualitative Analysis to Quantitative Analysis

Sheng Liu and Jian Zhang
Chinese Academy of Sciences, China
Program Analysis 2

We propose to combine symbolic execution with volume computation to compute the exact execution frequency of program paths and branches. Given a path, we use symbolic execution to obtain the path condition which is a set of constraints; then we use volume computation to obtain the size of the solution space for the constraints. With such a methodology and supporting tools, we can decide which paths in a program are executed more often than the others. We can also generate certain test cases that are related to the execution frequency, e.g., those covering cold paths.