Feedback-directed unit test generation for C/C++ using concolic execution

Pranav Garg, Franjo Ivančić, Gogul Balakrishnan, Naoto Maeda, Aarti Gupta
[doi] [ISBN] [Google Scholar] [DBLP] [Citeseer]
Read: 07 September 2020

Proceedings of the 2013 International Conference on Software Engineering
ICSE '13
San Francisco, CA, USA
IEEE Press
Pages 132-141
2013
Note(s): fuzz testing, symbolic execution, unit tests

This paper describes a test generation tool based on a hybrid of symbolic execution and fuzz testing. The goal is to generate high coverage sequences of method calls.

An interesting technical detail is that use unsat core to generate “conflict sequences”: unsatisfiable branch sequences. This is used to reduce the number of SMT queries required.

The tool is evaluated on eight benchmarks based primarily on coverage metrics.


  • Study of integrating random and symbolic testing for object-oriented software [dimjasevic:ifm:2018]