DeltaFuzz: Historical Version Information Guided Fuzz Testing  被引量：1

作　　者：Jia-Ming Zhang Zhan-Qi Cui Xiang Chen Huan-Huan Wu Li-Wei Zheng Jian-Bin Liu 张家铭;崔展齐;陈翔;吴欢欢;郑丽伟;刘建宾(Computer School,Beijing Information Science and Technology University,Beijing 100101,China;School of Information Science and Technology,Nantong University,Nantong 226019,China)

机构地区：[1]Computer School,Beijing Information Science and Technology University,Beijing 100101,China [2]School of Information Science and Technology,Nantong University,Nantong 226019,China

出　　处：《Journal of Computer Science & Technology》2022年第1期29-49,共21页计算机科学技术学报（英文版）

基　　金：supported by the Leading-Edge Technology Program of Jiangsu Natural Science Foundation of China under Grant No.BK20202001;the National Natural Science Foundation of China under Grant No.61702041;the Beijing Information Science and Technology University“Qin-Xin Talent”Cultivation Project under Grant No.QXTCP C201906.

摘　　要：With the widespread use of agile software development methods,such as agile and scrum,software is iteratively updated more frequently.To ensure the quality of the software,regression testing is conducted before new versions are released.Moreover,to improve the efficiency of regression testing,testing efforts should be concentrated on the modified and impacted parts of a program.However,the costs of manually constructing new test cases for the modified and impacted parts are relatively expensive.Fuzz testing is an effective method for generating test data automatically,but it is usually devoted to achieving higher code coverage,which makes fuzz testing unsuitable for direct regression testing scenarios.For this reason,we propose a fuzz testing method based on the guidance of historical version information.First,the differences between the program being tested and the last version are analyzed,and the results of the analysis are used to locate change points.Second,change impact analysis is performed to find the corresponding impacted basic blocks.Finally,the fitness values of test cases are calculated according to the execution traces,and new test cases are generated iteratively by the genetic algorithm.Based on the proposed method,we implement a prototype tool DeltaFuzz and conduct experiments on six open-source projects.Compared with the fuzzing tool AFLGo,AFLFast and AFL,DeltaFuzz can reach the target faster,and the time taken by DeltaFuzz was reduced by 20.59%,30.05%and 32.61%,respectively.

关 键 词：fuzz testing regression testing change impact analysis fitness function 

分 类 号：TP311[自动化与计算机技术—计算机软件与理论]