A directed greybox fuzzing tool for continuous integration
Wenwei Lan,
Jiaming Zhang,
Huiwen Yang,
Zhanqi Cui
Affiliations
Wenwei Lan
School of Computer Science, Beijing Information Science and Technology University, Beijing, China; Key Laboratory of Safety-Critical Software (Nanjing University of Aeronautics and Astronautics) Ministry of Industry and Information, Nanjing, China
Jiaming Zhang
School of Computer and Communication Engineering, University of Science and Technology Beijing, Beijing, China
Huiwen Yang
College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing, China
Zhanqi Cui
School of Computer Science, Beijing Information Science and Technology University, Beijing, China; Key Laboratory of Safety-Critical Software (Nanjing University of Aeronautics and Astronautics) Ministry of Industry and Information, Nanjing, China; Corresponding author at: School of Computer Science, Beijing Information Science and Technology University, Beijing, China.
Changes are occurred frequently during continuous integration. Existing testing methods often suffer from weak specificity or insufficiency when applied to continuous integration. To solve this problem, we implement a fuzzing tool called CIDFuzz for continuous integration. First, difference analysis is performed to locate the change points, and the distances between basic blocks and the change points are calculated. Then, the distances are instrumented into the program under test. During fuzz testing, testing resources are allocated according to the coverage of seeds to test the change points effectively.
