Parikh's Theorem is a fundamental result in automata theory with numerous applications in
computer science. These include software verification (eg infinite-state verification, string …

Symbolic execution is a well established method for test input generation. Despite of having
achieved tremendous success over numerical domains, existing symbolic execution …

We introduce a novel decision procedure to the satisfiability problem in array separation
logic combined with general inductively defined predicates and arithmetic. Our proposal …

Concolic testing is a test generation technique which works effectively by integrating random
testing generation and symbolic execution. Existing concolic testing engines focus on …

Developers of widely used Java Virtual Machines (JVMs) implement and test the Java
Reflection API based on a Javadoc, which is specified using a natural language. However …

Heap-manipulating programs are known to be challenging to reason about. We present a
novel verifier for heap-manipulating programs called S2TD, which encodes programs …

One processing task in Ethernet nodes is to manage Media Access Control (MAC)
addresses: search, insert new, and delete old ones. For this purpose, Content-Addressable …

Software systems are often shipped and deployed with both known and unknown bugs. On-
the-fly program repairs, which handle runtime errors and allow programs to continue …

Analyzing and verifying heap-manipulating programs automatically is challenging. A key for
fighting the complexity is to develop compositional methods. For instance, many existing …

Backward symbolic execution (BSE), also known as weakest precondition computation, is a
useful technique to determine validity of assertions in program code by transforming its …