Application of Domain-aware Binary Fuzzing to Aid Android Virtual Machine Testing

Stephen Kyle, Hugh Leather, Björn Franke, Dave Butcher, Stuart Monteith

Research output: Chapter in Book/Report/Conference proceedingConference contribution


The development of a new application virtual machine (VM), like the creation of any complex piece of software, is a bug-prone process. In version 5.0, the widely-used Android operating system has changed from the Dalvik VM to the newly-developed ART VM to execute Android applications. As new iterations of this VM are released, how can the developers aim to reduce the number of potentially security-threatening bugs that make it into the final product? In this paper we combine domain-aware binary fuzzing and differential testing to produce DexFuzz, a tool that exploits the presence of multiple modes of execution within a VM to test for defects. These modes of execution include the interpreter and a runtime that executes ahead-of-time compiled code. We find and present a number of bugs in the in-development version of ART in the Android Open Source Project. We also assess DexFuzz's ability to highlight defects in the experimental version of ART released in the previous version of Android, 4.4, finding 189 crashing programs and 15 divergent programs that indicate defects after only 5,000 attempts.
Original languageEnglish
Title of host publicationProceedings of the 11th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments
Place of PublicationNew York, NY, USA
Number of pages12
ISBN (Print)978-1-4503-3450-1
Publication statusPublished - 2015


  • android, art, compiler testing, dex, fuzzing, random testing, testing, virtual machine testing


Dive into the research topics of 'Application of Domain-aware Binary Fuzzing to Aid Android Virtual Machine Testing'. Together they form a unique fingerprint.

Cite this