This repository provides the lab sessions for the course "Software Analysis, Testing and Verification (软件分析与验证前沿)" at East China Normal University.
We welcome any comments or contributions. Feel free to create issues and pull requests.
Lectures | Title | Extended Readings | Relevant Links |
---|---|---|---|
lec1 | Course Introduction: Program Analysis | soundiness, false positives/negatives | |
lec2 | The LLVM Framework | LLVM | |
lec3 | Software Specifications | oracle problem, programs, tests, and oracles, code coverage effectiveness, mutation testing effectiveness, testing techniques,sanitizers | |
lec4 | Random (Fuzz) Testing | classic fuzz testing, havoc, fuzzing book, Fuzzing101 | AFL, AFL++, LibFuzzer |
lec5 | Metamorphic Testing & Property-based Testing | Papers | |
lec6 | Delta Debugging | Delta Debugging, Reducer | |
lec7 | Data-flow Analysis I | ||
lec8 | Data-flow Analysis II | ||
lec9 | Data-flow Analysis III | ||
lec10 | Pointer Analysis | ||
lec11 | Taint Analysis | ||
lec12 | Symbolic Execution |
Before preceding the labs, you need to setup the lab environment. Checkout this lab tutorial. Later, you can access the lab tutorials for our labs in the following table.
- Get familar with using VScode, Git, Linux shell commands and Docker. If you are not familar with these stuffs, go and grab The Missing Semester of Your CS Education.
- Always be patient and careful when reading the documentation (e.g., lab tutorial, instructions).
- Before rasing questions to TAs, please double check with the documentation.
Labs | Lab Title | Estimated Time | Projects |
---|---|---|---|
lab1 | Introduction to Software Analysis | 1-2h | |
lab2 | The LLVM Framework | ~6h | |
lab3 | Random Testing / Fuzzing | ~6h | |
Property-based Testing | Kea | ||
lab4 | Delta Debugging | ||
exercise | Dataflow Analysis | ||
lab5 | Dataflow Analysis | ||
lab6 | Pointer Analysis | ||
lab7 | Taint Analysis | BinPRE | |
lab8 | Symbolic Execution (MiniKLEE) | SmartRocket TestGrid |
- 第一次配置实验课环境(lab tutorial),由于需要下载docker image,请使用科学上网工具。Windows上的科学上网工具有:
Clash for windows
,Clash Meta
,V2rayN
(请打开tun模式实现接近于全局的代理)。 - 如果你的电脑系统是Mac,且使用的是Apple Silicon芯片,可能需要安装Rosetta (Rosetta enables a Mac with Apple silicon to use apps built for a Mac with an Intel processor)。另外,确认Docker的
Settings
->General
里是否已经勾选上Use Rosetta for x86_64/amd64 emulation on Apple Silicon
。
We thanks the TAs and students who have contributed to this course design:
明孟立, 黄杉, 麻恩泽, 徐瑞阳, 王祺昌, 方润渲, 梁锡贤, 沈佳伟, 陈浩仪
林童奕凡、高雨宸
Acknowledgement: The lab sessions are currently developed based on the cis547 course, and we are further designing and refining the materials based on our ideas.