摘要
相关路径生成,是程序动态分析中的一种重要方法.通过对目标执行路径的获取和分析来生成与其相关的近邻执行路径,在程序行为特征分析、编译优化和调试等研究方向有重要的作用.现有的方法主要通过改变路径节点序列来生成近邻的路径集合,由于缺乏关键节点的路径引导信息,导致生成大量冗余或者无效的路径集合.提出采用协同式逆向分析的近邻路径生成方法,针对目标路径的后置条件,采用逆向符号分析方法产生程序各个基本块的前置条件作为执行路径的引导信息.同时,通过调整距离因子k的取值,可以有针对性地生成与目标路径的编辑距离不超过k的近邻路径集合.实验结果表明:与现有方法相比,该方法在准确性和效率方面有明显的优势.
Related execution path generation, which generates the similar execution path according to the acquisition and analysis of the target execution path, is a key technique in the dynamic program analysis, and it is important to the domain of program characteristic analysis, compilation optimization and debugging. Current analysis mainly generates the similar execution path by altering the node list of the path, but lacks the guiding information of the key node, and thus a lot of redundant and infeasible paths are generated. A technique of k similar paths generation based on cooperative reverse analysis is proposed. Aiming at the post-condition of the target paths, the pre-condition of the basic block of the program is calculated by the reverse symbolic analysis, which can be used as the guidance information of the execution paths. Meanwhile, the similar paths that are k distance from the target execution path can be obtained. Experimental results show that the proposed method has an obvious advantage in the aspects of accuracy and efficiency.
出处
《软件学报》
EI
CSCD
北大核心
2015年第1期1-13,共13页
Journal of Software
基金
国家自然科学基金(61173138,61272452,91118003,61003268)
湖北省自然科学基金(2014CFB144)
中央高校基本科研业务费专项资金(0900206154)
武汉大学博士研究生短期出国(境)研修专项经费
关键词
逆向分析
近邻路径
最弱前置条件
符号执行
reverse analysis
similar path
weakest precondition
symbolic execution
