Closed morangeous closed 4 years ago
@jawline
Hi! We implement symbolic execution by instrumentation, so you can use the real JavaScript stack trace (where applicable) to find out what called a method along a trace. If you collect that stack trace for all paths, you will have a complete list of stack traces that can lead to that event. To add the trace modify the program you are testing and add something like console.log((new Error()).stack)
If you want the symbolic trace (the logical constraints on the symbolic inputs to the program), then you can use the _stringPC method in the Analyser to get that info.
Hi, bro! Well, really glad to see your reply! So you mean that I still need to trace a function manually instead of automatically ? Maybe while dealing a large js file, it will be a really hard work.
Sorry about the delay, you can add a log to invokeFun or invokeFunPre to track each function executed per-trace. We currently don't store each complete trace for every path (It causes memory issues in large applications) and instead just keep track of parts of a program that have been covered at least once.
For now I'd like to talk something about tracing function. I just wonder how I can use expoSE to trace a function in js file, so that I can know that which button or other action can call a certain function. Any hint will be appreciate, thanks for your help!