摘要： 传统混合执行测试方法无法对源代码不可见函数进行符号执行。针对该问题,将符号执行、分段式符号执行以及具体执行按需结合,提出一种分段式混合执行测试方法,将源代码不可见函数以分段式分析法截取为单独代码片段,结合动态执行和回归分析方法推导其相应的程序语义。为验证该方法的有效性,实现sCREST 原型系统,并对5 个应用广泛的开源系统进行测试。实验结果表明,该方法能够产生比传统方法覆盖更多分支数的测试数据。
Abstract: Function calls with unavailable source codes can not be appropriately handled by symbolic execution in
traditional concolic testing. To solve this problem, this paper proposes a segmented concolic testing method, which weaves,by demand,symbolic execution,segmented symbolic execution and concrete execution throughout the testing process. These function calls are treated as separate code segments,dynamically executed and analyzed to derive their corresponding program semantics. To demonstrate the effectiveness of the proposed method, this paper implements sCREST,a segmented concolic testing system based on CREST, and experiments with five open source systems. Experimental results show that segmente concolic testing is able to generate test data that covers more branches than that of the traditional approaches.
segmented symbolic analysis,
test data generation,