Skip to main content

Table 1 Test case generation grammar rules

From: A dynamic taint tracking optimized fuzz testing method based on multi-modal sensor data fusion

Node xiDIF(xi)CDC(xi)Constraint(xi)Valid grammarGrammar after fuzzificationTest grammar
31IøøI = 0x0000I ≠ 0x0000I = 0x0000
I ≠ 0x0000
81I~C(31,F)I = 0x0000Crc(I ~ D) = CCrc(I ~ D) ≠ CCrc(I ~ D) = C
Crc(I ~ D) ≠ C
131F(81,F)I = 0x0000
crc(I ~ D) = C
F = 0x01F ≠ 0x01F = 0x01
F ≠ 0x01
141F(131,F)I = 0x0000
crc(I ~ D) = C
F ≠ 0x01
SkipSkipSkip
171S, E(141,T)I = 0x0000
crc(I ~ D) = C
F = 0x05
S ≤ ES > ES ≤ E
S > E
211S, E(171,F)I = 0x0000
crc(I ~ D) = C
F = 0x05
S ≤ E
SkipSkipSkip
211L, S, E(211,T)I = 0x0000
crc(I ~ D) = C
F3 = {1},
F4 ≤ F5
Input size is validInput size is validInput size is valid