留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

基于懒替换的C符号执行

林梦香 陈胤立 陈 睿 周 刚

林梦香, 陈胤立, 陈 睿, 等 . 基于懒替换的C符号执行[J]. 北京航空航天大学学报, 2009, 35(6): 687-691.
引用本文: 林梦香, 陈胤立, 陈 睿, 等 . 基于懒替换的C符号执行[J]. 北京航空航天大学学报, 2009, 35(6): 687-691.
Lin Mengxiang, Chen Yinli, Chen Rui, et al. Lazy-substitution based symbolic execution for C programs[J]. Journal of Beijing University of Aeronautics and Astronautics, 2009, 35(6): 687-691. (in Chinese)
Citation: Lin Mengxiang, Chen Yinli, Chen Rui, et al. Lazy-substitution based symbolic execution for C programs[J]. Journal of Beijing University of Aeronautics and Astronautics, 2009, 35(6): 687-691. (in Chinese)

基于懒替换的C符号执行

基金项目: 国家863计划资助项目(2007AA010301)
详细信息
    作者简介:

    林梦香(1968-),女,江苏苏州人,博士生,mxlin@nlsde.buaa.edu.cn.

  • 中图分类号: TP 311.5

Lazy-substitution based symbolic execution for C programs

  • 摘要: 针对传统符号执行中的动态地址计算问题,提出了基于懒替换的符号执行方法.通过引入尽可能替换的策略,基于懒替换的符号执行在无法静态确定变量的地址或符号表达式过长时不做符号替换.首先给出了基于懒替换的符号执行算法,在此基础上,详细分析了C语言主要结构尤其是数组和指针的懒符号执行语义.LazySEC是一个面向C程序的懒符号执行系统原型,初步实验表明,它可以有效地处理含有指针和结构体等涉及动态地址计算的程序语言结构.

     

  • [1] King J C. Symbolic execution and program testing [J]. Commun ACM,1976,19(7):385-394 [2] Godefroid P, Klarlund N, Sen K. DART: Directed automated random testing ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI-05). New York:ACM,2005:213-223 [3] Godefroid P. Compositional dynamic test generation 34th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL-07). New York: ACM, 2007:47-54 [4] Coen-Porisini A, Denaro G, Ghezzi C, et al. Using symbolic execution for verifying safety-critical systems 8th European Software Engineering Conference. New York: ACM, 2001:142-151 [5] 单锦辉, 王戟, 齐治昌. 面向路径的测试数据自动生成方法述评[J]. 电子学报, 2004, 32(1):109-113 Shan Jinhui, Wang Ji, Qi Zhichang. Survey on path-wise automatic generation of test data[J]. Acta Electronica Sinica,2004,32(1):109-113(in Chinese) [6] Boyer R S, Elspas B, Levitt K N. SELECT-a formal system for testing and debugging programs by symbolic execution Proceeding of the International Conference on Reliable Software. New York: ACM, 1975:234-245 [7] Clarke L A. A system to generate test data and symbolically execute programs [J]. IEEE Transactions Software Engineering, 1976, SE-2(3):215-222 [8] Ramamoorthy C V, Ho S B, Chen W T. On the automated generation of program test data [J]. IEEE Transactions on Software Engineering, 1976, SE-2(4):293-300 [9] Zhang Jian, Wang Xiaoxu. A constraint solver and its application to path feasibility analysis [J]. International Journal of Software Engineering and Knowledge Engineering,2001,11(2):139-156 [10] Zhang Jian. Symbolic execution of program paths involving pointer and structure variables Proc of the Fourth Int Conf on Quality Software (QSIC-04). Los Alamitos: IEEE Computer Society, 2004:87-92 [11] Khurshid S, Pasareanu C, Visser W. Generalized symbolic execution for model checking and testing Tools and Algorithms for Construction and Analysis of Systems (TACAS’03). Heidelberg: Springer, 2003:553-568 [12] Coward P D. Symbolic execution and testing [J]. Information and Software Technology,1991,33(1):53-64
  • 加载中
计量
  • 文章访问数:  3253
  • HTML全文浏览量:  95
  • PDF下载量:  1645
  • 被引次数: 0
出版历程
  • 收稿日期:  2008-05-05
  • 网络出版日期:  2009-06-30

目录

    /

    返回文章
    返回
    常见问答