Crash Processing for Selection of Unique Defects

Nowadays, software developers often face the following problem: there is a large amount of inputs that cause the program to crash. In practice, this amount of inputs is too large to be analyzed manually in a reasonable time. This paper contains an overview and analysis of existing methods for this problem. A new method for analyzing crashes to select unique defects is proposed. The method is based on comparison of control flow graphs (CFGs). For this purpose, a special metric is introduced: the graphs are considered similar if the metric does not exceed a certain threshold, which is a filtering parameter. Information about the graphs is collected dynamically at runtime through instrumentation of the program’s binary code. The method is applicable to binary executables and does not require any debugging information. The developers, having estimated their time and effort, can significantly reduce the number of crashes to be analyzed. In addition, an effective algorithm for fixing software bugs that cause crashes is proposed. The method is implemented as part of the fuzzer developed at the Institute for System Programming of the Russian Academy of Sciences (ISP RAS) and tested on a set of programs for x86-64/Linux. The test results show that the number of crashes to be analyzed can be reduced by several times.