Journal of Software:2016.27(5):1230-1245

(计算机软件新技术国家重点实验室(南京大学), 江苏南京 210046;南京大学计算机科学与技术系, 江苏南京 210046)
Dynamic Symbolic Execution Method Oriented to Critical Operation
WANG Wei-Guang,ZENG Qing-Kai,SUN Hao
(State Key Laboratory for Novel Software Technology(Nanjing University), Nanjing 210046, China;Department of Computer Science and Technology, Nanjing University, Nanjing 210046, China)
Chart / table
Similar Articles
Article :Browse 1888   Download 2053
Received:July 29, 2015    Revised:December 22, 2015
> 中文摘要: 针对缺陷检测的需求,提出了面向危险操作的动态符号执行方法.依据所关注的缺陷类型,定义危险操作及危险操作相关路径,通过计算覆盖不同上下文中危险操作的能力,协助动态符号执行选择高效初始输入,并利用危险操作相关信息引导测试流程.缺陷检测成为定位待测程序内危险操作以及对危险操作相关路径进行检测的过程.实现了面向Linux平台二进制可执行程序的原型系统CrashFinder,实验结果表明,该方法能够更快地发现更多缺陷.
Abstract:Addressing the requirement for defect detection, this paper proposes critical operation oriented dynamic symbolic execution. First, based on the defined critical operations and the relevant critical paths, a set of initial inputs are evaluated by computing the ability of covering critical operations under different contexts, and efficient initial inputs can be selected for the following dynamic symbolic execution. Second, leveraging the critical operations, dynamic symbolic execution is guided to explore paths which are more prone to defects. In this way, defect detection becomes a process of locating critical operations and exploring critical paths. A prototype system called CrashFinder is implemented and tested on a number of Linux x86 executables. The experimental results show that this approach is effective in initial input evaluation and efficient in defect detection.
文章编号:     中图分类号:    文献标志码:
基金项目:国家自然科学基金(61170070,61572248,61431008,61321491);国家科技支撑计划(2012BAK26B01) 国家自然科学基金(61170070,61572248,61431008,61321491);国家科技支撑计划(2012BAK26B01)
Foundation items:National Natural Science Foundation of China (61170070, 61572248, 61431008, 61321491); National Key Technology R&D Program of China (2012BAK26B01)
Reference text:


WANG Wei-Guang,ZENG Qing-Kai,SUN Hao.Dynamic Symbolic Execution Method Oriented to Critical Operation.Journal of Software,2016,27(5):1230-1245