{"title":"Using Fuzzing to Help Abstract Interpretation Based Program Verification","authors":"Renjie Huang, Banghu Yin, Liqian Chen","doi":"10.1109/QRS-C57518.2022.00133","DOIUrl":null,"url":null,"abstract":"Interpretation has been successfully applied to static analysis, by computing over-approximation of the concrete semantics of various program for many years. However, in the context of program verification, abstract interpretation is not apt to generate counter-examples when the property does not hold. Dynamic analysis is known for its ability to generate inputs to find program vulnerabilities. In this paper, we propose an method that uses fuzzing to help abstract interpretation based program verification, especially to help generating inputs that violate the target property. During the verification process, we feed the fuzzer with the necessary precondition of violating the target assertion computed by abstract interpretation, and then run the fuzzer to generate inputs satisfying the necessary precondition but violating the target assertion. The result shows promising ability of our approach in generating counter-example for target property in comparison with other state-of-the-art tools.","PeriodicalId":183728,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability, and Security Companion (QRS-C)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE 22nd International Conference on Software Quality, Reliability, and Security Companion (QRS-C)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/QRS-C57518.2022.00133","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Interpretation has been successfully applied to static analysis, by computing over-approximation of the concrete semantics of various program for many years. However, in the context of program verification, abstract interpretation is not apt to generate counter-examples when the property does not hold. Dynamic analysis is known for its ability to generate inputs to find program vulnerabilities. In this paper, we propose an method that uses fuzzing to help abstract interpretation based program verification, especially to help generating inputs that violate the target property. During the verification process, we feed the fuzzer with the necessary precondition of violating the target assertion computed by abstract interpretation, and then run the fuzzer to generate inputs satisfying the necessary precondition but violating the target assertion. The result shows promising ability of our approach in generating counter-example for target property in comparison with other state-of-the-art tools.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
