Hercules: reproducing crashes in real-world application binaries

Van-Thuan Pham, Wei Boon Ng, Konstantin Rubinov, Abhik Roychoudhury

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

24 Citations (Scopus)


Binary analysis is a well-investigated area in software engineering and security. Given real-world program binaries, generating test inputs which cause the binaries to crash is crucial. Generation of crashing inputs has many applications including off-line analysis of software prior to deployment, or online analysis of software patches as they are inserted. In this work, we present a method for generating inputs which reach a given "potentially crashing" location. Such potentially crashing locations can be found by a separate static analysis (or by gleaning crash reports submitted by internal / external users) and serve as the input to our method. The test input generated by our method serves as a witness of the crash. Our method is particularly suited for binaries of programs which take in complex structured inputs. Experiments on real-life applications such as the Adobe Reader and the Windows Media Player demonstrate that our Hercules tool built on selective symbolic execution engine S2E can generate crashing inputs within few hours, where symbolic approaches (as embodied by S2E) or blackbox fuzzing approaches (as embodied by the commercial tool PeachFuzzer) failed.

Original languageEnglish
Title of host publicationProceedings - 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering, ICSE 2015
EditorsSebastian Elbaum, Gerardo Canfora
Place of PublicationPiscataway NJ USA
PublisherIEEE, Institute of Electrical and Electronics Engineers
Number of pages11
ISBN (Electronic)9781479919345
Publication statusPublished - 2015
Externally publishedYes
EventInternational Conference on Software Engineering 2015 - Florence, Italy
Duration: 16 May 201524 May 2015
Conference number: 37th
https://ieeexplore.ieee.org/xpl/conhome/7174815/proceeding?isnumber=7194545 (Proceedings)


ConferenceInternational Conference on Software Engineering 2015
Abbreviated titleICSE 2015
Internet address

Cite this