CN110096439A - A kind of method for generating test case towards solidity language - Google Patents

A kind of method for generating test case towards solidity language Download PDF

Info

Publication number
CN110096439A
CN110096439A CN201910341716.0A CN201910341716A CN110096439A CN 110096439 A CN110096439 A CN 110096439A CN 201910341716 A CN201910341716 A CN 201910341716A CN 110096439 A CN110096439 A CN 110096439A
Authority
CN
China
Prior art keywords
program
variable
test case
dup
node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910341716.0A
Other languages
Chinese (zh)
Other versions
CN110096439B (en
Inventor
张鹏程
于佳男
吉顺慧
肖锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hohai University HHU
Original Assignee
Hohai University HHU
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hohai University HHU filed Critical Hohai University HHU
Priority to CN201910341716.0A priority Critical patent/CN110096439B/en
Publication of CN110096439A publication Critical patent/CN110096439A/en
Application granted granted Critical
Publication of CN110096439B publication Critical patent/CN110096439B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3684Test management for test design, e.g. generating new test cases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/12Computing arrangements based on biological models using genetic models
    • G06N3/126Evolutionary algorithms, e.g. genetic algorithms or genetic programming

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Biophysics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Evolutionary Biology (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Physiology (AREA)
  • Genetics & Genomics (AREA)
  • Artificial Intelligence (AREA)
  • Biomedical Technology (AREA)
  • Quality & Reliability (AREA)
  • Computer Hardware Design (AREA)
  • Evolutionary Computation (AREA)
  • General Health & Medical Sciences (AREA)
  • Molecular Biology (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Software Systems (AREA)
  • Debugging And Monitoring (AREA)
  • Test And Diagnosis Of Digital Computers (AREA)

Abstract

The invention discloses a kind of method for generating test case towards solidity language, the intelligent contract program realized for application solidity language, corresponding controlling stream graph (CFG) is obtained according to program, the recalls information in the intelligence contract program between functional based method is covered in controlling stream graph;The definition-use pair (dup) of variable present in program is obtained according to program CFG;During generating test case, accelerate the formation speed of validity test use-case using genetic algorithm.On the other hand, consider integer overflow safety issue existing for solidity, it emphasizes that test case realizes covering to the definition and use of the variable that can cause Integer overflow when designing the fitness function of genetic algorithm, the fitness value of the test case of covering can be relatively large to be realized to dup relevant to Integer overflow.The method of the present invention is practical, on the basis of realizing to traditional variables operation progress coverage test in program, realizes integer overflow coverage test.

Description

A kind of method for generating test case towards solidity language
Technical field
The present invention relates to a kind of method for generating test case towards solidity language, more particularly to application heredity to calculate Method and method for generating test case based on data current test, belong to software testing technology field.
Background technique
Over the past two years, with the continuous development of block chain technology, digital cash, intelligent contract become the heat of many researchs Point, wherein ether mill is one of the typical platform for supporting intelligent contract deployment compiling, and solidity is even more to become current intelligence to close The popular language about write.Why intelligent contract is referred to as, and main feature, which is that, automatically or to be had certain Intelligence, by the execution conditional sum logic pre-defined, when condition meets, treaty content is automatically executed, is realized Desired function;Particularly by block platform chain decentralization, go to trust, the characteristics such as anti-tamper, intelligent contract it is excellent Gesture is preferably amplified, and has bigger application prospect.It therefore, is also that a need are deeper to the test of solidity this language Enter the problem of studying.
It, can not be complete in the process of implementation with the intelligent contract that solidity language is write due to the characteristic of block platform chain It is tested at dynamic, therefore, the test analysis of solidity language is concentrated mainly at present, static analysis is carried out to source code On.In addition to program error common in conventional language, be also possible to cause because of programming defect etc. in solidity language it is some its Distinctive mistake.For solidity Programming with Pascal Language, Tsankov et al. develops a program analyzer Securify, this point Program is predefined as both of which by parser: scale formula and violation mode is closed, then by the dependency graph of analysis contract from code In obtain language message, by predefined condition, determining program closes rule or in violation of rules and regulations or warning;Based on attack is reentried, this is wrong Accidentally, Liu et al. proposes a model ReGuard, and the model is by the way that solidity program to be converted into passing through by intermediate representation Then language C++ has found mistake by the random and different transaction of the generation for executing fuzz testing iteration to obtained C++ program Accidentally.
With to being intelligently roughly equal to using more and more extensive, be not only in moneytary operations field, it is at other general The fields such as information industry will also have very extensive use, and the test towards solidity language is still at an early stage, because It is necessary to the Test cases technology technologies towards program integrated testability of considering for this.
Summary of the invention
Goal of the invention: in view of the novelty of solidity language, and occurred in use some more tight The Security Error of weight;At the same time, as the application field of intelligent contract is more and more wider, in existing some static codes point On the basis of analysis, the universal test of program is also a demand.It is an object of the present invention to provide a kind of towards solidity language Method for generating test case is realized based on the method for data current test and is carried out globality to variable operation in program process Test, and the test operated to the variable that can cause Integer overflow in implementation procedure is highlighted simultaneously.
Technical solution: for achieving the above object, the present invention adopts the following technical scheme:
A kind of method for generating test case towards solidity language, includes the following steps:
(1) according to the types of variables of solidity language, control flow statement, function body structure, intrinsic function require And the use of function modifier the intelligent contract program to be tested that solidity language is realized is analyzed to obtain it is corresponding Controlling stream graph CFG;
(2) each nodal information is traversed according to the CFG of step (1) figure, judgement there are the node of uint type variable uses whether There are the safety issues of Integer overflow, and if it exists, the vertex ticks of Integer overflow then will be present;
(3) each nodal information is traversed according to the CFG of step (1) figure, counts the definition-of all numeric type variables in program Using pair, it is denoted as dup, and if judging result is that will include the mark in step (2) there are Integer overflow in step (2) The definition-use pair of variable existing for note node comes out, and is denoted as dup ';
(4) dup counted according to step (3) generates initial packet for all numeric type variables in program at random The test use cases of the test case containing several groups;
(5) fitness function in genetic algorithm is designed for choosing preferably test case to drive algorithm to execute;Its The quantity that the fitness value of middle test case is the dup of test case covering is related to the dup ' of Integer overflow with covering The ratio of the quantity and all dup ' quantity weighted sums of the weighted sum of quantity and all dup;
(6) according to the execution boundary of fitness function and algorithm in step (5), initial testing in step (4) is acquired The fitness value of use-case starts genetic algorithm iteration and executes, obtains optimal result in algorithm.
In preferred embodiments, in the step (1) when the CFG figure of analysis program to be tested, in consideration program The use of location type variable considers the definition that its dependent variable is drawn by address variable;Consider require and assert condition in program The use for judging sentence is handled require sentence as an if construction of condition sentence;Function modifier is regarded as A kind of form of function call when encountering function body, analyzes whether the function has used function modifier first, if having used letter Number modifier is then first transferred to function modifier, carries out the connection relationship between node according to function modifier content and shifts.
In preferred embodiments, include the following steps: in the step (2)
(21) it whether there is Integer overflow in the CFG analysis program obtained according to step (1), specifically: traversal CFG Node of graph, for there are the nodes of uint type variable uses, wherein variable uses include executing add, subtract, multiplying or except calculating, judging Whether have the sentence node for overflow judgement to relevant variable operating result before variable uses node to sentence if not having Determining program will appear Integer overflow;
(22) Integer overflow if it exists, to be related to causing in CFG the variable running node of Integer overflow into Rower note.
In preferred embodiments, include the following steps: in the step (3)
(31) schemed according to CFG, node by node anolytic sentence information, find the definition section of numeric type variable present in program Point;
(32) for the definition node of each variable found in step (31), it is corresponding all using section to find its Point;
(33) step (31), (32) are combined, the definition-use pair of variable present in program: dup=(d, u, v) is obtained, Its total quantity is calculated, n is denoted as;Wherein v indicates that a certain variable, d indicate a certain definition node of v, and u indicates that v's is a certain using section Point;
(34) content of step (22) and step (31), (32) is combined to obtain the variable-definition-that there are problems that integer overflow Using pair, is indicated here with dup ', calculate its total quantity, be denoted as m, if result is not have integer overflow problem in step (22), It does not make marks, then m statistical value is 0 herein.
In preferred embodiments, it is generated at random just in the step (4) for all numeric type variables in program The test use cases comprising 4 groups of test cases to begin.
In preferred embodiments, in the step (5), fitness function formulaWherein piIndicate the quantity of the dup of i-th of test case covering, qiIt indicates i-th Dup ' the quantity for being related to Integer overflow of test case covering, the quantity of all dup, m representation program in n representation program In all dup ' quantity for being related to Integer overflow, ε is weight parameter, 0 < ε < 1.
In preferred embodiments, in the step (6), the setting that algorithm executes boundary includes two parts: (1) hereditary Algorithm iteration number, if reaching the limitation of highest algebra, fitness value is still not up to 1, also terminates;(2) in the genetic algebra upper limit, Current Test cases technology is saved if fitness value reaches 1 as a result, carrying out next-generation experiment again, if the fitness of experimental result Value is small compared with parent, then terminates, take previous generation result.
In preferred embodiments, include the following steps: in the step (6)
(61) ideal adaptation angle value calculates in population: for each individual of generation, i.e., each test case will be corresponding Test data is put into program and executes, and the dup quantity of its covering is calculated by way of carrying out pitching pile to source program in advance, is denoted as P, and covering dup ' quantity, are denoted as q, and when counting the value of q, precondition is the variable under current individual execution state Operation meet overflow condition, be just denoted as primary effective covering to Integer overflow, according to fitness function, calculated Ideal adaptation angle value;
(62) genetic algorithm iteration executes, optimal result in Algorithms of Selecting: according in genetic algorithm roulette wheel selection, Uniformity crossover and variation execute iteration and execute genetic algorithm, and genetic algorithm executes fitness value calculation all as walked each time Suddenly (61) finally obtain arithmetic result until executing boundary until reaching algorithm.
The utility model has the advantages that a kind of test case based on data current test towards solidity language provided by the invention is raw At method, it is contemplated that be related to more function call in program execution, and execute the definition of variable in calling process in function With use and be its key link, therefore use the method based on data current test, according to the definition and use of variable in program Situation analyzes the variation of state.It is highlighted while realizing to variable operation progress globality test in program process To the test that the variable that can cause Integer overflow in implementation procedure operates, the premise for carrying out this operation is flowed by control Analysis is overflow to causing whether integer overflow operation has been carried out spilling judgement therefore, it is determined that whether will appear integer in program execution Out the problem of.Compared with prior art, the present invention is generating field towards solidity language testing use-case, proposes one and cuts Real feasible algorithm, realize to traditional variables operation carries out coverage test in program on the basis of, further contemplate pair The coverage test that the variable of the Integer overflow of serious problems can be caused to operate in solidity language.And the present invention uses Genetic algorithm Test cases technology process is optimized, preferably test case can be generated in a short time.
Detailed description of the invention
Fig. 1 is the overall step figure of the embodiment of the present invention;
Fig. 2 is the method flow diagram of the embodiment of the present invention.
Specific embodiment
Combined with specific embodiments below, the present invention is furture elucidated, it should be understood that these embodiments are merely to illustrate the present invention Rather than limit the scope of the invention, after the present invention has been read, those skilled in the art are to various equivalences of the invention The modification of form falls within the application range as defined in the appended claims.
As shown in Figure 1, a kind of method for generating test case towards solidity language provided in an embodiment of the present invention, packet Include following steps:
Step S1: the CFG of program to be tested is drawn.It (especially include address class according to the types of variables of solidity language Type address and unsigned int uint);Control flow statement including if-else, while, for etc.;Pass through keyword Function defined function body structure;Distinctive intrinsic function require's and function modifier Function Modifier It uses etc. and to obtain accurate CFG.This step main attention the following contents when drawing CFG figure: (1) when (usually letter in program In number) when encountering condition as require (or assert) and judging sentence, by require () as being an if judgement knot Structure, the sentence that needs are judged is as a condition node processing.When the condition in () meets, continue to execute under the sentence The content in face directly jumps out function if condition is unsatisfactory for.(2) calling function present in program to be located Reason.The sentence node of existence function method call will be schemed to realize to the calling of function by program CFG, correctly held Row sequence, and correct return that return the result of called function is called into node;(3) calling of function modifier is correctly handled, As a general function call processing, if current function need to call function modifier, the sentence section in function body The sentence node that function modifier is first called before point will realize the company of interdependent node in CFG according to program executing sequence Connect calling.
Step S2: Integer overflow analysis.According to the CFG figure traverse node information of step S1, in statistical variable information Before, analyzing the program first whether there is the safety issue of integer overflow, and integer overflow, will be present integer overflow if it exists Vertex ticks;
Step S3: the definition use of program variable is to collection.According to the CFG traverse node of step S1, count in program The definition-use pair of all variables, is denoted as dup, and if analysis result will have this for there are Integer overflows in step S2 The definition-use pair of variable existing for flag node comes out, and is denoted as dup ';
Step S4: initial test case collection generates.According to the dup that step S3 is counted, first against all in program Variable generates the initial test use cases comprising 4 groups of test cases at random;
Step S5: fitness function design and algorithm execute boundary definitions.The fitness function designed in genetic algorithm is used In selection compared with the superior's test case to drive algorithm to execute execution;And define genetic algorithm and execute boundary, it balanced coverage rate and holds Row time, aided algorithm execute;
Step S6: genetic algorithm, which executes, obtains optimal test case.According in step S5 being fitness function, step is acquired The fitness value of initial test case (population) in rapid S4, executes the stage into genetic algorithm, obtains optimal result in algorithm.
Fig. 2 is a kind of Test cases technology based on data current test towards solidity language of the embodiment of the present invention The detailed step of method, it is specific as follows: in step S1, corresponding controlling stream graph, specific steps will be obtained according to program to be tested Are as follows:
Step 101: drawing the CFG of preset sequence, when drawing the controlling stream graph for the program that solidity writes, examine first Consider its control structure sentence: it is general have if-else, while, do-while, for, break, continue, return,?: (ternary operator);There is no switch and goto control structure sentence in solidity.In addition it is noted that require language in program The use of sentence, encounters require sentence, and as if selection control structure processing, condition, which meets, reaches next sentence, item When part is unsatisfactory for, the function being currently executing is exited.And in the language distinctive function modifier use, when a letter Function modifier has been used in number, handles the function modifier as a function call, function modifier is first carried out Content;
Step 102: in solidity, it is (crucial that the inside of a contract program is also likely to be present multiple functional based methods Word is function), therefore, for the sentence that existence functions all in preset sequence call, saved on the vertex for handling the sentence The calling for the function that it is related to and the return relationship of called function are also correctly defined when point relevant information.
It include modifier function modifier attribute in step 103:solidity, a function can be by calling function Modifier realizes the correcting action to the function.Therefore it during generating controlling stream graph, need to correctly handle existing to function The calling of modifier, if being handled as a general function call --- current function has invoked function modifier, Sentence node should first call the sentence node of function modifier in function body before executing.
In step S2, analyzing program according to program CFG whether there is Integer overflow, and when there are Integer overflows When, the node for being related to overflow error is marked, the specific steps of which are as follows:
Step 201: the operation of uint type (the type variable minimum value is 0) variable being likely to will lead in program The generation of integer overflow, in particular for the variable of this short position uint8, so carrying out arithmetic operator behaviour for this variable Variable spilling judgement is carried out before making (add, subtract, multiplication and division), if program does not overflow judgement, there will be integer overflow problems;Cause This is to the program CFG in step 1 from each node of start node sequence analysis, and when encountering, there are uint type variable arithmetic operations Node judges whether carried out integer overflow judgement to the operation before the node, if not overflowing judgement instruction node, sentences Determining program has integer overflow;
Step 202: if there are integer overflows for program to be tested through analyzing, then wrong to initiation integer overflow is related in CFG Variable running node accidentally does special mark.
In step S3, the definition-use pair dup of all variables present in program is analyzed according to the CFG of program, is had Steps are as follows for body:
Step 301: to each of CFG node, being identified to sequence by vertex node comprising variable-definition by preceding Vertex node is (for example, be sum=a+b there are 4. sentence that a vertex node is located, then 4. vertex includes to determine variable sum Justice is a definition node of sum), a variable may be defined at multiple nodes, find definition node def process In, it should be noted that special marking node has been done in step 202, if the definition node of variable, has still been handled as special joint;
Step 302: for each definition node of each variable in step 301, it is corresponding all using section to find its Point is (for example, be sum=a+b there are 4. sentence that a vertex node is located, then 4. vertex includes to make to variable a and variable b With, be both a and the one of b use node), likewise, a variable there may be it is multiple use node use, make in searching When with node use, it should be noted that done special marking node in step 202, if the node that uses of variable, be still used as special joint Processing;
Step 303: combining step 301 and step 302, it will the definition-use pair of variable all in program is obtained, this In with dup=(d, u, v) is indicated as follows, wherein v indicates that a certain variable, d indicate a certain definition node of v, and u indicates that v's is a certain Use node.For same variable may multiple definition nodes and it is multiple use node, therefore the definition use of variable is to can With multiple, the quantity summation (being denoted as n) of the dup of appearance is calculated;
Step 304: obtaining the variable-definition-that there are problems that integer overflow in conjunction with the content of step 202 and step 301-302 It using pair, is indicated with dup ', to distinguish the definition and use of common variable with the variable that can cause integer overflow, is calculated here The quantity summation (being denoted as m) of the dup ' of appearance does not make marks, then herein if result is that there is no integer overflows in step 202 M statistical value is 0.
In step S4, generate initial test case (population primary), the specific steps are as follows:
Step 401: (having several groups of test cases, each test case contains journey for the Population Size in genetic algorithm The test input of all variables in sequence) offering question, it is contemplated that it is ideal in the speed of fitness value calculation, genetic algorithm to survey The formation efficiency of example on probation generates parameter selection and experimental analysis in document in conjunction with to dependence test use-case, while to cooperate something lost The use of crossover operator in propagation algorithm, it is final to determine that Population Size is 4 more appropriate;
Step 402: using the random generation method of random test about initial test case generation method, deposited according in program Variable be randomly generated a random number as variable test input.
Different from Object-Oriented Programming Language (such as java), there is some peaces for causing serious problems in solidity Full property problem is mainly concerned with integer overflow in the present invention, and the appearing in of the problem can cause serious in specifically used environment Consequence, this just promotes that this point should be highlighted during program test.In conjunction with the concrete reason that mistake generates, the problem is all It can analyze to obtain by the program execution order in step S2;Therefore, in application genetic algorithmic procedures, it is suitable to design Fitness function acquires the fitness value of test case to find more excellent test case, on the other hand, to execute to genetic algorithm It is defined to find the more excellent solution of algorithm within reasonable time.In step S5 genetic algorithm fitness function design and Algorithm executes upper limit explanation, the specific steps are as follows:
Step 501: setting parameter ε, wherein the effect of 0 < ε < 1, ε herein is to increase the phase that can lead to integer overflow The weight of variable operation is closed, the value of ε can be adjusted by some preliminary experiments, a small range, tend to be optimal by analyzing test case When genetic algorithm the number of iterations and whole fitness value convergent obtain ε value, be used for subsequent experiment;
Step 502: (can current test case each variable in overlay program for target based on data flow coverage test Path between definition and the use to the variable that is reached of this definition) and basic norm (test case to institute in program There is the coverage condition of the define-use path of variable to determine the quality of test case), construct fitness functionWherein i indicates i-th of test case, piIndicate the dup of i-th of test case covering Quantity, qiIt indicates the dup ' quantity for being related to Integer overflow of i-th of test case covering, owns in n representation program The quantity of dup, all dup ' quantity for being related to Integer overflow in m representation program;
Step 503: termination condition being executed to algorithm by following two parts content and is described: (1) for reach can be This target is executed in finite time, sets reasonable genetic algorithm the number of iterations, if reaching the limitation of highest algebra, even if fitness Value is still not up to 1, terminates algorithm and executes;(2) it in the genetic algebra upper limit, if fitness value reaches 1, is preferably surveyed to obtain Example on probation, algorithm will continue to execute follow-on genetic computation, while save current Test cases technology as a result, if follow-on Experimental result fitness value does not reach 1, then algorithm terminates, and takes previous generation result;Otherwise there are the test use that fitness value is 1 Example, algorithm terminate, and take last substitute performance result.
In step S6, genetic algorithm is executed, and obtains optimal test case in algorithm, specific step is as follows (note: in heredity In algorithm implementation procedure, each test case is indicated using " individual "):
Step 601: according to, to the test input value of variable, being executed according to the CFG sequence of program in individual each in population Each sentence node calculates the dup quantity (being denoted as p) of its covering, and covering dup ' quantity (note for current individual first For q), when counting the value of q, it should be noted that its precondition should meet: in the state of bringing current individual into execution, to variable Use or definition meet overflow condition (after namely bringing the test value of variable into, save respective nodes operation intermediate result It is compared analysis, and analyzing result is to overflow) when, which can be just denoted as to primary effectively the covering to integer overflow operation Lid, if there is no integer overflow in step 201, there is no flag node, the dup ' not being labeled in step 202, then q herein Statistical value is 0, and the fitness value of each individual is calculated according to the fitness function in step 502, and every generation heredity thereafter is calculated The execution of method all first calculates the fitness value of each individual of newly-generated population;
Step 602: in the present invention, the selection operator of genetic algorithm uses roulette selection operator, specifically: individual is selected In probability it is directly proportional to the size of its fitness value, the selected probability of each individual can be expressed asWherein M indicates Population Size (i.e. the quantity of test case), FiIndicate the fitness value of i-th of test case;
Step 603: in the present invention, the same uniformity crossover of crossover operator basic principle that genetic algorithm part uses, but Some changes have been carried out in the principle of conventional uniform crossover operator, specifically: intersect link and takes two individuals as one group, group Each variable in interior two individuals being mutually paired is swapped with identical probability, is formed two new individuals, finally then may be used Obtain four completely new individuals;
Step 604: the present invention in, genetic algorithm part use mutation operator traditional genetic algorithm basic bit mutation On the basis of be modified, specifically: to the individual obtained after crossover operator, be randomly assigned in individual some or Several variables are with mutation probability PmIt is converted;
Step 605: passing through step 601-604, genetic algorithm will automatically generate next-generation population;
Step 606: in the case where the algorithm of step 503 executes the constraint of termination condition, the execution of iteration walks 601-605, finally Obtained test case can be considered optimal solution in algorithm.

Claims (8)

1. a kind of method for generating test case towards solidity language, which comprises the steps of:
(1) according to the types of variables of solidity language, control flow statement, function body structure, intrinsic function require and The use of function modifier is analyzed to obtain corresponding control to the intelligent contract program to be tested that solidity language is realized Flow graph CFG;
(2) each nodal information is traversed according to the CFG of step (1) figure, there are the nodes of uint type variable uses whether there is for judgement The safety issue of Integer overflow, and if it exists, the vertex ticks of Integer overflow then will be present;
(3) each nodal information is traversed according to the CFG of step (1) figure, counts definition-use of all numeric type variables in program It is right, it is denoted as dup, and if judging result is that will include the label section in step (2) there are Integer overflow in step (2) The definition-use pair of the existing variable of point comes out, and is denoted as dup ';
(4) dup counted according to step (3), if for all numeric type variables in program generate at random it is initial comprising The test use cases of dry group test case;
(5) fitness function in genetic algorithm is designed for choosing preferably test case to drive algorithm to execute;Wherein survey The fitness value of example on probation is the quantity of the dup of test case covering and the dup ' quantity for being related to Integer overflow of covering Weighted sum and all dup quantity and all dup ' quantity weighted sums ratio;
(6) according to the execution boundary of fitness function and algorithm in step (5), initial test case in step (4) is acquired Fitness value, start genetic algorithm iteration execute, obtain optimal result in algorithm.
2. the method for generating test case according to claim 1 towards solidity language, which is characterized in that the step Suddenly in (1) when the CFG figure of analysis program to be tested, consider that the use of address type variable in program, consideration are drawn by address variable The definition of its dependent variable;Consider that require and assert condition judges the use of sentence in program, using require sentence as One if construction of condition sentence is handled;A kind of form that function modifier is regarded as to function call, when encountering function body, It analyzes whether the function has used function modifier first, function modifier is first transferred to if having used function modifier, according to Function modifier content carries out the connection relationship transfer between node.
3. the method for generating test case according to claim 1 towards solidity language, which is characterized in that the step Suddenly include the following steps: in (2)
(21) it whether there is Integer overflow in the CFG analysis program obtained according to step (1), specifically: traversal CFG figure section Point, for there are the nodes of uint type variable uses, wherein variable uses include executing add, subtract, multiplying or except calculating, judging becoming Amount determines journey if not having using whether having the sentence node for overflow judgement to relevant variable operating result before node Sequence will appear Integer overflow;
(22) Integer overflow if it exists marks the variable running node for being related to causing Integer overflow in CFG Note.
4. the method for generating test case according to claim 3 towards solidity language, which is characterized in that the step Suddenly include the following steps: in (3)
(31) schemed according to CFG, node by node anolytic sentence information, find the definition node of numeric type variable present in program;
(32) it for the definition node of each variable found in step (31), finds its and corresponding all uses node;
(33) step (31), (32) are combined, the definition-use pair of variable present in program: dup=(d, u, v) is obtained, are calculated Its total quantity, is denoted as n;Wherein v indicates that a certain variable, d indicate a certain definition node of v, and u indicates that a certain of v uses node;
(34) content of step (22) and step (31), (32) is combined to obtain the variable-definition-use that there are problems that integer overflow It is right, it is indicated here with dup ', calculates its total quantity, be denoted as m, if result is not have integer overflow problem in step (22), i.e., not It makes marks, then m statistical value is 0 herein.
5. the method for generating test case according to claim 1 towards solidity language, which is characterized in that the step Suddenly the initial test use cases comprising 4 groups of test cases are generated in (4) at random for all numeric type variables in program.
6. the method for generating test case according to claim 1 towards solidity language, which is characterized in that the step Suddenly in (5), fitness function formulaWherein piIndicate i-th of test case covering The quantity of dup, qiIndicate the dup ' quantity for being related to Integer overflow of i-th of test case covering, institute in n representation program There is the quantity of dup, all dup ' quantity for being related to Integer overflow in m representation program, ε is weight parameter, 0 < ε < 1.
7. the method for generating test case according to claim 1 towards solidity language, which is characterized in that the step Suddenly in (6), the setting that algorithm executes boundary includes two parts: (1) genetic algorithm the number of iterations, if reaching the limitation of highest algebra, Fitness value is still not up to 1, also terminates;(2) in the genetic algebra upper limit, current test is saved if fitness value reaches 1 and is used Example generates as a result, carry out next-generation experiment again, if the fitness value of experimental result is small compared with parent, terminates, takes previous generation result.
8. the method for generating test case according to claim 1 towards solidity language, which is characterized in that the step Suddenly include the following steps: in (6)
(61) ideal adaptation angle value calculates in population: for each individual of generation, i.e., each test case, by corresponding test Data are put into program and execute, and the dup quantity of its covering is calculated by way of carrying out pitching pile to source program in advance, is denoted as p, with And covering dup ' quantity, it is denoted as q, when counting the value of q, precondition is the behaviour of variable under current individual execution state Work meets overflow condition, is just denoted as primary effective covering to Integer overflow, according to fitness function, calculates individual Fitness value;
(62) genetic algorithm iteration executes, optimal result in Algorithms of Selecting: according to the roulette wheel selection, uniformly in genetic algorithm Crossover operator and variation execute iteration and execute genetic algorithm, and genetic algorithm executes fitness value calculation all such as step each time (61), until executing boundary until reaching algorithm, arithmetic result is finally obtained.
CN201910341716.0A 2019-04-26 2019-04-26 Test case generation method for solidity language Active CN110096439B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910341716.0A CN110096439B (en) 2019-04-26 2019-04-26 Test case generation method for solidity language

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910341716.0A CN110096439B (en) 2019-04-26 2019-04-26 Test case generation method for solidity language

Publications (2)

Publication Number Publication Date
CN110096439A true CN110096439A (en) 2019-08-06
CN110096439B CN110096439B (en) 2020-07-14

Family

ID=67445939

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910341716.0A Active CN110096439B (en) 2019-04-26 2019-04-26 Test case generation method for solidity language

Country Status (1)

Country Link
CN (1) CN110096439B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111177730A (en) * 2019-12-19 2020-05-19 河海大学 Method and device for detecting and preventing problems of intelligent contracts of Etheng
CN111797010A (en) * 2020-06-23 2020-10-20 河海大学 Intelligent contract test case generation method applying improved genetic algorithm
CN112052166A (en) * 2020-08-26 2020-12-08 河海大学 Test case generation method and device based on domination relationship
CN112118290A (en) * 2020-08-12 2020-12-22 北京大学 Program analysis-based data resource management and control method
CN112202633A (en) * 2020-09-24 2021-01-08 成都质数斯达克科技有限公司 Block chain network testing method and device, electronic equipment and readable storage medium
CN112202647A (en) * 2020-12-09 2021-01-08 腾讯科技(深圳)有限公司 Test method, device and test equipment in block chain network
CN113190441A (en) * 2021-04-26 2021-07-30 交叉信息核心技术研究院(西安)有限公司 Chain code test seed generation method, system, equipment and storage medium
CN113486357A (en) * 2021-07-07 2021-10-08 东北大学 Intelligent contract security detection method based on static analysis and deep learning
CN113778880A (en) * 2021-09-13 2021-12-10 江苏通付盾区块链科技有限公司 Intelligent contract function verification method and device based on formal verification

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050261859A1 (en) * 2004-05-24 2005-11-24 Jeremy Petsinger Systems and methods for evaluating a test case
CN101916222A (en) * 2010-08-09 2010-12-15 哈尔滨工程大学 Software testing method based on combination of control flow graph traversal and slice forward traversal
CN103593287A (en) * 2013-10-30 2014-02-19 北京信息控制研究所 Genetic-algorithm-based method for automatically generating data stream test cases
CN103714000A (en) * 2013-12-18 2014-04-09 杭州电子科技大学 Sensitive area-oriented embedded software test case generating method
CN104572470A (en) * 2015-01-26 2015-04-29 中国人民解放军理工大学 Integer overflow fault detection method based on metamorphic relation
CN104615535A (en) * 2015-01-29 2015-05-13 北方工业大学 Method and device for generating test case based on extended data flow model

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050261859A1 (en) * 2004-05-24 2005-11-24 Jeremy Petsinger Systems and methods for evaluating a test case
CN101916222A (en) * 2010-08-09 2010-12-15 哈尔滨工程大学 Software testing method based on combination of control flow graph traversal and slice forward traversal
CN103593287A (en) * 2013-10-30 2014-02-19 北京信息控制研究所 Genetic-algorithm-based method for automatically generating data stream test cases
CN103714000A (en) * 2013-12-18 2014-04-09 杭州电子科技大学 Sensitive area-oriented embedded software test case generating method
CN104572470A (en) * 2015-01-26 2015-04-29 中国人民解放军理工大学 Integer overflow fault detection method based on metamorphic relation
CN104615535A (en) * 2015-01-29 2015-05-13 北方工业大学 Method and device for generating test case based on extended data flow model

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
M. R. GIRGIS等: "Automatic gen eration of data flow test paths using a genetic algorithm", 《INTERNATIONAL》 *
惠战伟: "基于程序特征谱整数溢出错误定位技术研究", 《计算机学报》 *

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111177730A (en) * 2019-12-19 2020-05-19 河海大学 Method and device for detecting and preventing problems of intelligent contracts of Etheng
CN111797010A (en) * 2020-06-23 2020-10-20 河海大学 Intelligent contract test case generation method applying improved genetic algorithm
CN111797010B (en) * 2020-06-23 2022-09-23 河海大学 Intelligent contract test case generation method applying improved genetic algorithm
CN112118290A (en) * 2020-08-12 2020-12-22 北京大学 Program analysis-based data resource management and control method
CN112118290B (en) * 2020-08-12 2022-03-18 北京大学 Program analysis-based data resource management and control method
CN112052166B (en) * 2020-08-26 2021-05-18 河海大学 Test case generation method and device based on domination relationship
CN112052166A (en) * 2020-08-26 2020-12-08 河海大学 Test case generation method and device based on domination relationship
CN112202633A (en) * 2020-09-24 2021-01-08 成都质数斯达克科技有限公司 Block chain network testing method and device, electronic equipment and readable storage medium
CN112202633B (en) * 2020-09-24 2022-07-12 成都质数斯达克科技有限公司 Block chain network testing method and device, electronic equipment and readable storage medium
CN112202647A (en) * 2020-12-09 2021-01-08 腾讯科技(深圳)有限公司 Test method, device and test equipment in block chain network
CN113190441A (en) * 2021-04-26 2021-07-30 交叉信息核心技术研究院(西安)有限公司 Chain code test seed generation method, system, equipment and storage medium
CN113190441B (en) * 2021-04-26 2024-03-26 交叉信息核心技术研究院(西安)有限公司 Method, system, equipment and storage medium for generating chain code test seeds
CN113486357A (en) * 2021-07-07 2021-10-08 东北大学 Intelligent contract security detection method based on static analysis and deep learning
CN113486357B (en) * 2021-07-07 2024-02-13 东北大学 Intelligent contract security detection method based on static analysis and deep learning
CN113778880A (en) * 2021-09-13 2021-12-10 江苏通付盾区块链科技有限公司 Intelligent contract function verification method and device based on formal verification

Also Published As

Publication number Publication date
CN110096439B (en) 2020-07-14

Similar Documents

Publication Publication Date Title
CN110096439A (en) A kind of method for generating test case towards solidity language
Zhuang et al. Smart contract vulnerability detection using graph neural networks
CN107169358A (en) Code homology detection method and its device based on code fingerprint
Camacho et al. Towards a unified view of AI planning and reactive synthesis
CN110377511B (en) Test case generation method oriented to data flow
CN110110529B (en) Software network key node mining method based on complex network
CN109376535A (en) A kind of leak analysis method and system based on intelligent semiology analysis
CN113127933B (en) Intelligent contract Pompe fraudster detection method and system based on graph matching network
CN116702157B (en) Intelligent contract vulnerability detection method based on neural network
CN113158194B (en) Vulnerability model construction method and detection method based on multi-relation graph network
CN111352830A (en) Method for evolutionary generation of variant test data based on statement dominance relationship
CN113971135A (en) Coverage-guided intelligent contract test case generation method
Sabbaghi et al. FSCT: A new fuzzy search strategy in concolic testing
Seref et al. Software code maintainability: a literature review
Abramé et al. Learning nobetter clauses in Max-SAT branch and bound solvers
Wang et al. Provable guarantees on the robustness of decision rules to causal interventions
Wu et al. Verified decision procedures for modal logics
Deshmukh et al. Automatic verification of parameterized data structures
Ioannides et al. Introducing xcs to coverage directed test generation
CN108920149A (en) Compilation Method and compilation device
CN115879868B (en) Expert system and deep learning integrated intelligent contract security audit method
Yang et al. A Method-Level Defect Prediction Approach Based on Structural Features of Method-Calling Network
Chen et al. NukCP: An improved local search algorithm for maximum k-club problem
Wang et al. Algorithm selection for software verification based on adversarial LSTM
Kommenda et al. Local optimization and complexity control for symbolic regression

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant