Skip to main content

Table 1 Test case generation grammar rules

From: A dynamic taint tracking optimized fuzz testing method based on multi-modal sensor data fusion

Node xi

DIF(xi)

CDC(xi)

Constraint(xi)

Valid grammar

Grammar after fuzzification

Test grammar

31

I

ø

ø

I = 0x0000

I ≠ 0x0000

I = 0x0000

I ≠ 0x0000

81

I~C

(31,F)

I = 0x0000

Crc(I ~ D) = C

Crc(I ~ D) ≠ C

Crc(I ~ D) = C

Crc(I ~ D) ≠ C

131

F

(81,F)

I = 0x0000

crc(I ~ D) = C

F = 0x01

F ≠ 0x01

F = 0x01

F ≠ 0x01

141

F

(131,F)

I = 0x0000

crc(I ~ D) = C

F ≠ 0x01

Skip

Skip

Skip

171

S, E

(141,T)

I = 0x0000

crc(I ~ D) = C

F = 0x05

S ≤ E

S > E

S ≤ E

S > E

211

S, E

(171,F)

I = 0x0000

crc(I ~ D) = C

F = 0x05

S ≤ E

Skip

Skip

Skip

211

L, S, E

(211,T)

I = 0x0000

crc(I ~ D) = C

F3 = {1},

F4 ≤ F5

Input size is valid

Input size is valid

Input size is valid