{"title":"FuzzNT : Checking for Program Non-termination","authors":"Hrishikesh Karmarkar, Raveendra Kumar Medicherla, Ravindra Metta, Prasanth Yeduru","doi":"10.1109/ICSME55016.2022.00049","DOIUrl":null,"url":null,"abstract":"Unintended non-termination of programs could lead to attacks such as Denial-of-Service(DoS). Current testing techniques are not geared to detect such errors. Towards this, we present FuzzNT, a hybrid testing technique to check non-termination of C programs by combining Coverage Guided Fuzzing (CGF) and abstract interpretation based static analysis. Given a program P and the coverage test inputs generated using CGF, P is transformed into a set of specialized programs, each of which under-approximates P. Abstract interpretation is then used to check each of these smaller programs for non-termination. The key advantage of this approach for checking non-termination is that it reuses the test case corpus created during software development and maintenance. Our preliminary experimental evaluation of FuzzNT shows highly promising results.","PeriodicalId":300084,"journal":{"name":"2022 IEEE International Conference on Software Maintenance and Evolution (ICSME)","volume":"83 1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE International Conference on Software Maintenance and Evolution (ICSME)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSME55016.2022.00049","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Unintended non-termination of programs could lead to attacks such as Denial-of-Service(DoS). Current testing techniques are not geared to detect such errors. Towards this, we present FuzzNT, a hybrid testing technique to check non-termination of C programs by combining Coverage Guided Fuzzing (CGF) and abstract interpretation based static analysis. Given a program P and the coverage test inputs generated using CGF, P is transformed into a set of specialized programs, each of which under-approximates P. Abstract interpretation is then used to check each of these smaller programs for non-termination. The key advantage of this approach for checking non-termination is that it reuses the test case corpus created during software development and maintenance. Our preliminary experimental evaluation of FuzzNT shows highly promising results.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
