模糊中代码覆盖跟踪的混合方法

2019 IEEE 10th International Conference on Software Engineering and Service Science (ICSESS) Pub Date : 2019-10-01 DOI:10.1109/ICSESS47205.2019.9040815

Hanyi Nie, Xu Zhou, Junnan Zhang

{"title":"模糊中代码覆盖跟踪的混合方法","authors":"Hanyi Nie, Xu Zhou, Junnan Zhang","doi":"10.1109/ICSESS47205.2019.9040815","DOIUrl":null,"url":null,"abstract":"In software testing, code coverage can be one of the major metrics for evaluating the effectiveness of a test. Among all existing software testing methods, coverage-guided fuzzing is widely used nowadays, but the way it uses to obtain path coverage is mostly based on code instrumentation or emulation. However, a tester cannot take targeted measures if have no information about where the progress of the test is stuck. This paper proposes a method to record precise code coverage in a hybrid way which combining static program analysis and dynamic tracing. This work is on the basis of previous work that leverages hardware mechanism (Intel Processor Trace) to collect branch information and implement a tool called CovFuzz. Our approach can achieve an accurate coverage track that can reversibly find the corresponding source code or assembly code to assist program analysis and break through the bottleneck when the progress of software testing gets stuck. Our experiments show that the code coverage can be improved with the help of accurate path information.","PeriodicalId":203944,"journal":{"name":"2019 IEEE 10th International Conference on Software Engineering and Service Science (ICSESS)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Hybrid Way of Code Coverage Tracking in Fuzz\",\"authors\":\"Hanyi Nie, Xu Zhou, Junnan Zhang\",\"doi\":\"10.1109/ICSESS47205.2019.9040815\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In software testing, code coverage can be one of the major metrics for evaluating the effectiveness of a test. Among all existing software testing methods, coverage-guided fuzzing is widely used nowadays, but the way it uses to obtain path coverage is mostly based on code instrumentation or emulation. However, a tester cannot take targeted measures if have no information about where the progress of the test is stuck. This paper proposes a method to record precise code coverage in a hybrid way which combining static program analysis and dynamic tracing. This work is on the basis of previous work that leverages hardware mechanism (Intel Processor Trace) to collect branch information and implement a tool called CovFuzz. Our approach can achieve an accurate coverage track that can reversibly find the corresponding source code or assembly code to assist program analysis and break through the bottleneck when the progress of software testing gets stuck. Our experiments show that the code coverage can be improved with the help of accurate path information.\",\"PeriodicalId\":203944,\"journal\":{\"name\":\"2019 IEEE 10th International Conference on Software Engineering and Service Science (ICSESS)\",\"volume\":\"17 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE 10th International Conference on Software Engineering and Service Science (ICSESS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICSESS47205.2019.9040815\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 10th International Conference on Software Engineering and Service Science (ICSESS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSESS47205.2019.9040815","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

在软件测试中，代码覆盖率是评估测试有效性的主要指标之一。在现有的软件测试方法中，覆盖率引导的模糊测试是目前广泛使用的方法，但是它用于获取路径覆盖率的方法大多是基于代码插接或仿真。然而，如果测试人员没有关于测试进度卡在哪里的信息，则无法采取有针对性的措施。本文提出了一种将静态程序分析和动态跟踪相结合的方法来精确记录代码覆盖率。这项工作是基于以前的工作，利用硬件机制(Intel Processor Trace)来收集分支信息并实现一个名为CovFuzz的工具。我们的方法可以实现精确的覆盖跟踪，可以可逆地找到相应的源代码或汇编代码来辅助程序分析，并在软件测试的进度陷入瓶颈时突破瓶颈。实验表明，准确的路径信息可以提高代码覆盖率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Hybrid Way of Code Coverage Tracking in Fuzz

In software testing, code coverage can be one of the major metrics for evaluating the effectiveness of a test. Among all existing software testing methods, coverage-guided fuzzing is widely used nowadays, but the way it uses to obtain path coverage is mostly based on code instrumentation or emulation. However, a tester cannot take targeted measures if have no information about where the progress of the test is stuck. This paper proposes a method to record precise code coverage in a hybrid way which combining static program analysis and dynamic tracing. This work is on the basis of previous work that leverages hardware mechanism (Intel Processor Trace) to collect branch information and implement a tool called CovFuzz. Our approach can achieve an accurate coverage track that can reversibly find the corresponding source code or assembly code to assist program analysis and break through the bottleneck when the progress of software testing gets stuck. Our experiments show that the code coverage can be improved with the help of accurate path information.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 IEEE 10th International Conference on Software Engineering and Service Science (ICSESS)

自引率

0.00%

发文量