Page 397 - 《软件学报》2025年第12期

P. 397

5778 软件学报 2025 年第 36 卷第 12 期

Ruan Jian Xue Bao/Journal of Software, 2019, 30(11): 3259–3280 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/
5562.htm [doi: 10.13328/j.cnki.jos.005562]
[29] Bao TY, Gao FJ, Zhou Y, Li Y, Wang LZ, Li XD. Automatically validating static buffer overflow warnings based on guided symbolic
execution. Journal of Cyber Security, 2016, 1(2): 46–60 (in Chinese with English abstract). [doi: 10.19363/j.cnki.cn10-1380/tn.2016.02.
005]
[30] Cui ZQ, Wang LZ, Li XD. Target-directed concolic testing. Chinese Journal of Computers, 2011, 34(6): 953–964 (in Chinese with
English abstract). [doi: 10.3724/SP.J.1016.2011.00953]
[31] Choi J, Kim D, Kim S, Grieco G, Groce A, Cha SK. SMARTIAN: Enhancing smart contract fuzzing with static and dynamic data-flow
analyses. In: Proc. of the 36th IEEE/ACM Int’l Conf. on Automated Software Engineering. Melbourne: IEEE, 2021. 227–239. [doi: 10.
1109/ASE51524.2021.9678888]
[32] Zhang J, Zhang C, Xuan JF, Xiong YF, Wang QX, Liang B, Li L, Dou WS, Chen ZB, Chen LQ, Cai Y. Recent progress in program
analysis. Ruan Jian Xue Bao/Journal of Software, 2019, 30(1): 80–109 (in Chinese with English abstract). http://www.jos.org.cn/1000-
9825/5651.htm [doi: 10.13328/j.cnki.jos.005651]
[33] Mei H, Wang QX, Zhang L, Wang J. Software analysis: A road map. Chinese Journal of Computers, 2009, 32(9): 1697–1710 (in Chinese
with English abstract). [doi: 10.3724/SP.J.1016.2009.01697]
[34] Cadar C, Godefroid P, Khurshid S, Păsăreanu CS, Sen K, Tillmann N, Visser W. Symbolic execution for software testing in practice:
Preliminary assessment. In: Proc. of the 33rd Int’l Conf. on Software Engineering. Honolulu: IEEE, 2011. 1066–1071. [doi: 10.1145/
1985793.1985995]
[35] Nikolić I, Kolluri A, Sergey I, Saxena P, Hobor A. Finding the greedy, prodigal, and suicidal contracts at scale. In: Proc. of the 34th
Annual Computer Security Applications Conf. San Juan: ACM, 2018. 653–663. [doi: 10.1145/3274694.3274743]
[36] Huang JJ, Jiang JS, You W, Liang B. Precise dynamic symbolic execution for nonuniform data access in smart contracts. IEEE Trans. on
Computers, 2022, 71(7): 1551–1563. [doi: 10.1109/TC.2021.3092639]
[37] Guo SJ, Kusano M, Wang C, Yang ZJ, Gupta A. Assertion guided symbolic execution of multithreaded programs. In: Proc. of the 10th
Joint Meeting on Foundations of Software Engineering. Bergamo: ACM, 2015. 854–865. [doi: 10.1145/2786805.2786841]
[38] Ge X, Taneja K, Xie T, Tillmann N. DyTa: Dynamic symbolic execution guided with static verification results. In: Proc. of the 33rd Int’l
Conf. on Software Engineering. Honolulu: IEEE, 2011. 992–994. [doi: 10.1145/1985793.1985971]
[39] Li MC, Chen YJ, Wang LZ, Xu GQ. Dynamically validating static memory leak warnings. In: Proc. of the 2013 Int’l Symp. on Software
Testing and Analysis. Lugano: ACM, 2013. 112–122. [doi: 10.1145/2483760.2483778]
[40] Li X, Zhou Y, Li MC, Chen YJ, Xu GQ, Wang LZ, Li XD. Automatically validating static memory leak warnings for C/C++ programs.
Ruan Jian Xue Bao/Journal of Software, 2017, 28(4): 827–844 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/5189.
htm [doi: 10.13328/j.cnki.jos.005189]
[41] So S, Lee M, Park J, Lee H, Oh H. VERISMART: A highly precise safety verifier for Ethereum smart contracts. In: Proc. of the 2020
IEEE Symp. on Security and Privacy. San Francisco: IEEE, 2020. 1678–1694. [doi: 10.1109/SP40000.2020.00032]
[42] Wang HJ, Liu T, Guan XH, Shen C, Zheng QH, Yang ZJ. Dependence guided symbolic execution. IEEE Trans. on Software Engineering,
2017, 43(3): 252–271. [doi: 10.1109/TSE.2016.2584063]
[43] Chen T, Zhang XS, Guo SZ, Li HY, Wu Y. State of the art: Dynamic symbolic execution for automated test generation. Future
Generation Computer Systems, 2013, 29(7): 1758–1773. [doi: 10.1016/j.future.2012.02.006]
[44] Cadar C, Dunbar D, Engler D. KLEE: Unassisted and automatic generation of high-coverage tests for complex systems programs. In:
Proc. of the 8th USENIX Conf. on Operating Systems Design and Implementation. San Diego: USENIX Association, 2008. 209–224.
[45] Luo F, Luo RJ, Chen T, Qiao A, He ZY, Song SW, Jiang Y, Li X. SCVHUNTER: Smart contract vulnerability detection based on
heterogeneous graph attention network. In: Proc. of the 46th IEEE/ACM Int’l Conf. on Software Engineering. Lisbon: IEEE, 2024.
2098–2110.
[46] Zhang CY, Liu H, Zeng JT, Yang KJ, Li YH, Li H. Prompt-enhanced software vulnerability detection using ChatGPT. In: Proc. of the
46th IEEE/ACM Int’l Conf. on Software Engineering: Companion Proc. Lisbon: IEEE, 2024. 276–277. [doi: 10.1145/3639478.3643065]
[47] Li SY, Guo JQ, Fan M, Lou JG, Zheng QH, Liu T. Automated bug reproduction from user reviews for Android applications. In: Proc. of
the 42nd ACM/IEEE Int’l Conf. on Software Engineering: Software Engineering in Practice. Seoul: ACM, 2020. 51–60. [doi: 10.1145/
3377813.3381355]
[48] Zhao Y, Yu TT, Su T, Liu Y, Zheng W, Zhang JZ, Halfond WGJ. ReCDroid: Automatically reproducing Android application crashes
from bug reports. In: Proc. of the 41st IEEE/ACM Int’l Conf. on Software Engineering. Montreal: IEEE, 2019. 128–139. [doi: 10.1109/
ICSE.2019.00030]

392 393 394 395 396 397 398 399 400 401 402