Computer Science

Computer Science ›› 2023, Vol. 50 ›› Issue (7): 10-17.doi: 10.11896/jsjkx.220700128

• Computer Software • Previous Articles     Next Articles

Test Cases Generation Techniques for Root Cause Location of Fault

DU Hao, WANG Yunchao, YAN Chenyu, LI Xingwei   

  1. State Key Laboratory of Mathematical Engineering and Advanced Computing,Information Engineering University,Zhengzhou 450001,China
  • Received:2022-07-12 Revised:2022-11-04 Online:2023-07-15 Published:2023-07-05
  • About author:DU Hao,born in 1997,postgraduate.His main research interests include reverse engineering and vulnerability mi-ning.WANG Yunchao,born in 1992,Ph.D.His main research interests include reverse engineering and vulnerability mi-ning and exploitation.
  • Supported by:
    National Key Research and Development Program of China(2019QY0501).

PDF (PC)

1935

Abstract: Vulnerability root cause localization is an important stage of software debugging,and spectrum-based fault root cause localization method is a hot issue in software automation debugging research,but the effectiveness of the positioning depends to a large extent on the quality of the test cases.Test inputs of different types of software are poorly generalized,and randomly gene-rated test inputs lead to large errors in analysis results due to overfitting or too many confounding items,resulting in limited application scenarios of such techniques at present.In this paper,we propose a phased exploration method Dgenerate based on crash paths to address the test case generation problem and implement the prototype tool Dloc.First,we use binary staking to insert staking path information in the basic block during the input stage of program execution,and then classify the original test inputs into common and guided types based on this information.Then,we use the dynamic energy scheduling algorithm to explore crash-related paths to generate high-quality test cases.Finally,the test cases are executed in the original program and execution information is traced to effectively locate the root cause of program fault through statistical analysis.In this paper,15 real CVE vulnerabilities in six different types of software are selected for experiments,and the results show that test cases generated by Dloc can improve location efficiency by 75% on average compared to previous techniques,and Dloc can output the code fragments related to the root causes of defect in the top five positions with an accuracy of 87%,which verifies the feasibility and practicality of the method system in this paper.

Key words: Root cause location, Test case, Program spectrum, Statistical analysis, Directed greybox fuzzing

CLC Number: 

  • TP311
[1]SASAKI Y,HIGO Y,MATSUMOTO S,et al.SBFL-Suitabili-ty:A Software Characteristic for Fault Localization[C]//IEEE International Conference on Software Maintenance and Evolution(ICSME).2020:702-706.
[2]ERIC W,GAO R Z,LI Y H,et al.A Survey on Software Fault Localization[C]//IEEE Transactions on Software Engineering.2016:707-740.
[3]XIE X,CHEN T Y,KUO F C,et al.A theoretical analysis of the risk evaluation formulas for spectrum-based fault localization[J].ACM Transactions on Software Engineering and Me-thodology(TOSEM),2013,22(4):1-40.
[4]HIGOR A,MARCOS L,FABIO K.Spectrum-based softwarefault localization:A survey of techniques,advances,and challenges[J].arXiv:1607.04347,2016.
[5]WEN W Z,LI B X,SUN X B,et al.Technique of software fault localization based on hierarchical slicing spectrum[J].Journal of Software,2013,24(5):977-992.
[6]LIU C,YAN X,FEI L,et al.SOBER:statistical model-basedbug localization[J].ACM SIGSOFT Software Engineering Notes,2005,30(5):286-295.
[7]JONES J A,HARROLD M J.Empirical evaluation of the tarantula automatic fault-localization technique[C]//Proceedings of the 20th IEEE/ACM International Conference on Automated Software Engineering.2005:273-282.
[8]ABREU R,ZOETEWEIJ P,VAN GEMUND A J C.On the accuracy of spectrum-based fault localization[C]//Testing:Academic and Industrial Conference Practice and Research Techniques-Mttation(TAIC PART-Mutation 2007).IEEE,2007:89-98.
[9]WONG W E,DEBROY V,GAO R,et al.The DStar method for effective software fault localization[J].IEEE Transactions on Reliability,2013,63(1):290-308.
[10]ARTZI S,DOLBY J,TIP F,et al.Directed test generation foreffective fault localization[C]//Proceedings of the 19th International Symposium on Software Testing and Analysis.2010:49-60.
[11]SCHWARTZ E J,AVGERINOS T,BRUMLEY D.All you ever wanted to know about dynamic taint analysis and forward symbolic execution(but might have been afraid to ask)[C]//2010 IEEE Symposium on Security and Privacy.IEEE,2010:317-331.
[12]BLAZYTKO T,SCHLÖGEL M,ASCHERMANN C,et al.AURORA:Statistical Crash Analysis for Automated Root Cause Explanation[C]//29th USENIX Security Symposium(USENIX Security 20).2020:235-252.
[13]MICHAEL Z.afl-fuzz:crash exploration mode[EB/OL].https://lcamtuf.blogspot.com/2014/11/afl-fuzz-crash-exploration-mode.html.
[14]SHEN S Q,KOLLURI A,DONG Z,et al.Localizing Vulnerabilities Statistically From One Exploit[C]//Proceedings of the ACM Asia Conference on Computer and Communications Secu-rity.2021:537-549.
[15]MICHAŁ Z.American fuzzy lop[EB/OL].http://lcamtuf.coredump.cx/afl/.
[16]BÖHME M,PHAM V T,NGUYEN M D,et al.Directed greybox fuzzing[C]//Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security.2017:2329-2344.
[17]LYU C,JI S,ZHANG C,et al.MOPT:Optimized mutationscheduling for fuzzers[C]//28th USENIX Security Symposium(USENIX Security 19).2019:1949-1966.
[18]Intel Corporation.Pin-a dynamic binary instrumentation tool[EB/OL].https://software.intel.com/en-us/articles/pin-a-dynamic-binary-instrumentation-tool.
[1] LIU Ziwen, YU Lijuan, SU Yixing, ZHAO Yao, SHI Zhu. Test Case Generation Based on Web Application Front-end Behavior Model [J]. Computer Science, 2023, 50(7): 18-26.
[2] YANG Yi, WANG Xi, ZHAO Chun-lei, BU Zhi-liang. Overview of Android GUI Automated Testing [J]. Computer Science, 2022, 49(11A): 210900231-10.
[3] ZHANG Da-lin, ZHANG Zhe-wei, WANG Nan, LIU Ji-qiang. AutoUnit:Automatic Test Generation Based on Active Learning and Prediction Guidance [J]. Computer Science, 2022, 49(11): 39-48.
[4] XIAO Lei, CHEN Rong-shang, MIAO Huai-kou, HONG Yu. Test Case Prioritization Combining Clustering Approach and Fault Prediction [J]. Computer Science, 2021, 48(5): 99-108.
[5] WANG Wen-xuan, HU Jun, HU Jian-cheng, KANG Jie-xiang, WANG Hui, GAO Zhong-jie. Test Case Generation Method Oriented to Tabular Form Formal Requirement Model [J]. Computer Science, 2021, 48(5): 16-24.
[6] LIU Fang, HONG Mei, WANG Xiao, GUO Dan, YANG Zheng-hui, HUANG Xiao-dan. Performance Analysis of Randoop Automated Unit Test Generation Tool for Java [J]. Computer Science, 2020, 47(9): 24-30.
[7] JI Shun-hui, ZHANG Peng-cheng. Test Case Generation Approach for Data Flow Based on Dominance Relations [J]. Computer Science, 2020, 47(9): 40-46.
[8] XIA Chun-yan, WANG Xing-ya, ZHANG Yan. Test Case Prioritization Based on Multi-objective Optimization [J]. Computer Science, 2020, 47(6): 38-43.
[9] FENG Shen-feng, GAO Jian-hua. Test Case Prioritization Method Based on AHP for Regression Testing [J]. Computer Science, 2019, 46(8): 233-238.
[10] HUANG Zhao,HUANG Shu-guang,DENG Zhao-kun,HUANG Hui. Automatic Vulnerability Detection and Test Cases Generation Method for Vulnerabilities Caused by SEH [J]. Computer Science, 2019, 46(7): 133-138.
[11] ZHANG Na,TENG Sai-na,WU Biao,BAO Xiao-an. Test Case Generation Method Based on Particle Swarm Optimization Algorithm [J]. Computer Science, 2019, 46(7): 146-150.
[12] ZHANG Na, XU Hai-xia, BAO Xiao-an, XU Lu, WU Biao. Multi-objective Test Case Prioritization Method Combined with Dynamic Reduction [J]. Computer Science, 2019, 46(12): 208-212.
[13] BAO Xiao-an, XIONG Zi-jian, ZHANG Wei, WU Biao, ZHANG Na. Approach for Path-oriented Test Cases Generation Based on Improved Genetic Algorithm [J]. Computer Science, 2018, 45(8): 174-178.
[14] CHENG Jing, ZHANG Tao, WANG Tao, DONG Zhan-wei. Graphic Complexity-based Prioritizing Technique for Regression Testing of Mobile Navigation Service [J]. Computer Science, 2018, 45(6): 141-144.
[15] YANG Hong, HONG Mei, QU Yuan-yuan. Approach of Mutation Test Case Generation Based on Model Checking [J]. Computer Science, 2018, 45(11A): 488-493.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.