25,381 Hits in 4.9 sec

Automatic testing of symbolic execution engines via program generation and differential testing

Timotej Kapus, Cristian Cadar
2017 2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE)  
When combined with existing program generation techniques and appropriate oracles, this approach enables differential testing within a single symbolic execution engine.  ...  The approach used relies on a novel way to create program versions, in three different testing modes-concrete, single-path and multi-path-each exercising different features of symbolic execution engines  ...  ACKNOWLEDGEMENTS We would like to thank the authors of Csmith for their assistance using the tool, the developers of CREST, FuzzBALL and KLEE for their feedback on our bug reports, and Frank Busse, Andrea  ... 
doi:10.1109/ase.2017.8115669 dblp:conf/kbse/KapusC17 fatcat:xq7suq3zqnbytiztwd3w7jozlm

JEST: N+1-version Differential Testing of Both JavaScript Engines and Specification [article]

Jihyeok Park, Seungmin An, Dongjun Youn, Gyeongwon Kim, Sukyoung Ryu
2021 arXiv   pre-print
generate conformance tests by injecting assertions to the synthesized programs to check their final program states, 3) to detect bugs in the specification and implementations via executing the conformance  ...  We actualize our approach for the JavaScript programming language via JEST, which performs N+1-version differential testing for modern JavaScript engines and ECMAScript, the language specification describing  ...  ACKNOWLEDGEMENTS This work was supported by National Research Foundation of Korea (NRF) (Grants NRF-2017R1A2B3012020 and 2017M3C4A7068177).  ... 
arXiv:2102.07498v2 fatcat:4hwnhane3bcnpk7nr5o7fkxtp4

Software regression as change of input partitioning

Marcel Bohme
2012 2012 34th International Conference on Software Engineering (ICSE)  
The main target of our research is to develop strategies for the automatic evolution of a test suite that does inspire confidence.  ...  When the program is changed, test cases shall be augmented that witness changed output for the same input (test suite augmentation).  ...  Using dynamic program dependencies, symbolic execution, and constraint solving, test cases are automatically generated that witness "adjacent" partitions.  ... 
doi:10.1109/icse.2012.6227046 dblp:conf/icse/Bohme12 fatcat:u3nicyjs4be5pe44b7yv5gsbdm

Automatically Locating ARM Instructions Deviation between Real Devices and CPU Emulators [article]

Muhui Jiang, Tianyi Xu, Yajin Zhou, Yufeng Hu, Ming Zhong, Lei Wu, Xiapu Luo, Kui Ren
2021 arXiv   pre-print
Based on the specification, we propose a test case generator by designing and implementing the first symbolic execution engine for ARM architecture specification language (ASL).  ...  We generate 2,774,649 representative instruction streams and conduct differential testing with these instruction streams between four ARM real devices in different architecture versions (i.e., ARMv5, ARMv6  ...  Deterministic differential testing engine Our differential testing engine uses the generated test cases as inputs.  ... 
arXiv:2105.14273v2 fatcat:7apz3eyr5vf2jip4pk5a67ehhq

Shadow of a doubt

Hristina Palikareva, Tomasz Kuchta, Cristian Cadar
2016 Proceedings of the 38th International Conference on Software Engineering - ICSE '16  
In this paper, we present a symbolic execution-based technique that is designed to generate test inputs that cover the new program behaviours introduced by a patch.  ...  During this combined shadow execution, whenever a branch point is reached where the old and the new version diverge, we generate a test case exercising the divergence and comprehensively test the new behaviours  ...  The technique unifies the two program versions via change annotations, maximises sharing between the symbolic stores of the two versions, and focuses exactly on those paths that trigger divergences.  ... 
doi:10.1145/2884781.2884845 dblp:conf/icse/PalikarevaKC16 fatcat:3q4bymlccjhlvimo445btxeccq

Shadow Symbolic Execution for Testing Software Patches

Tomasz Kuchta, Hristina Palikareva, Cristian Cadar
2018 ACM Transactions on Software Engineering and Methodology  
Many of these techniques are based on dynamic symbolic execution [8], a program analysis technique that provides the ability to generate inputs that form high-coverage test suites.  ...  The main contributions of this work are: Fig. 1. A toy example illustrating symbolic execution. OVERVIEW Shadow symbolic execution is meant to augment an existing test suite of a program.  ...  ACKNOWLEDGMENTS We thank Paul Marinescu and Daniel Liew for their assistance during this project, and Frank Busse, Alastair Donaldson, Sophia Drossopoulou, Antonio Filieri, Timotej Kapus, Andrea Mattavelli  ... 
doi:10.1145/3208952 fatcat:xvf77dd3y5ctzb6tngiobzcyue

Shadow symbolic execution for better testing of evolving software

Cristian Cadar, Hristina Palikareva
2014 Companion Proceedings of the 36th International Conference on Software Engineering - ICSE Companion 2014  
In this idea paper, we propose a novel way for improving the testing of program changes via symbolic execution.  ...  We discuss the main challenges and opportunities of this approach in terms of pruning and prioritising path exploration, mapping elements across versions, and sharing common symbolic state between versions  ...  of this technique to other related domains such as test suite augmentation, fault localisation, code summarisation, refactoring, and automatic patch generation.  ... 
doi:10.1145/2591062.2591104 dblp:conf/icse/CadarP14 fatcat:iptry2xusrbevayqlzojz3weqy

Analysing the program analyser

Cristian Cadar, Alastair F. Donaldson
2016 Proceedings of the 38th International Conference on Software Engineering Companion - ICSE '16  
Inspired by recent advances in compiler testing, we set out initial steps towards this vision, building upon techniques such as cross-checking, program transformation and program generation.  ...  The reliability of program analysis tools is clearly important if such tools are to play a serious role in improving the quality and integrity of software systems, and the confidence which users place  ...  via EP/L002795/1.  ... 
doi:10.1145/2889160.2889206 dblp:conf/icse/CadarD25 fatcat:6hjyekn4onf6ra6fisjuvhfdha

Overfitting in semantics-based automated program repair

Xuan Bach D. Le, Ferdian Thung, David Lo, Claire Le Goues
2018 Empirical Software Engineering  
Semantics-based APR uses symbolic execution and test suites to extract semantic constraints, and uses program synthesis to synthesize repairs that satisfy the extracted constraints.  ...  Heuristic-based APR generates large populations of repair candidates via source manipulation, and searches for the best among them.  ...  Acknowledgements We thank the authors of Angelix for making the tool publicly available. We also thank the authors of CVC4 and Enumerative synthesis engines for making these engines accessible.  ... 
doi:10.1007/s10664-017-9577-2 fatcat:t52pday2kjc3vdgktv42c2ozb4

Combining unit-level symbolic execution and system-level concrete execution for testing nasa software

Corina S. Pǎsǎreanu, Peter C. Mehlitz, David H. Bushnell, Karen Gundy-Burlet, Michael Lowry, Suzette Person, Mark Pape
2008 Proceedings of the 2008 international symposium on Software testing and analysis - ISSTA '08  
We describe an approach to testing complex safety critical software that combines unit-level symbolic execution and system-level concrete execution for generating test cases that satisfy user-specified  ...  The framework propagates the symbolic information via attributes associated with the program data.  ...  The engineers at JSC used the test cases that we generated both as part of their test suite for this early version of OAE and as regression tests for later versions.  ... 
doi:10.1145/1390630.1390635 dblp:conf/issta/PasareanuMBGLPP08 fatcat:duit4idt4jeybm2qveshq2w76q

Synergies among Testing, Verification, and Repair for Concurrent Programs (Dagstuhl Seminar 16201)

Julian Dolby, Orna Grumberg, Peter Müller, Omer Tripp, Marc Herbstritt
2016 Dagstuhl Reports  
This report documents the program and the outcomes of Dagstuhl Seminar 16201 "Synergies among Testing, Verification, and Repair for Concurrent Programs".  ...  These include Dagstuhl Seminar 13021 "Symbolic Methods in Testing"; Dagstuhl  ...  We present actor services [1] : a novel program logic for defining and verifying response and functional properties of programs which communicate via asynchronous messaging.  ... 
doi:10.4230/dagrep.6.5.56 dblp:journals/dagstuhl-reports/DolbyGMT16 fatcat:3ou6mdvytrfnfhjf542sbpn6lm

Isomorphic regression testing: executing uncovered branches without test augmentation

Jie Zhang, Yiling Lou, Lingming Zhang, Dan Hao, Lu Zhang, Hong Mei
2016 Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering - FSE 2016  
programs) instead of generating tests.  ...  To alleviate this problem, various automated test generation and augmentation approaches have been proposed, among which symbolic execution and searchbased techniques are the most competitive, while each  ...  We thank the anonymous reviewers for their valuable comments and suggestions.  ... 
doi:10.1145/2950290.2950313 dblp:conf/sigsoft/ZhangLZHZM16 fatcat:cadhmwp7yzds5i2dvjoeabppqy

Automatic and lightweight grammar generation for fuzz testing

Su Yong Kim, Sungdeok Cha, Doo-Hwan Bae
2013 Computers & security  
Automatic fuzzing grammar generation through API-level concolic testing is not restricted to the testing of ActiveX controls; it should also be applicable to other string processing program whose source  ...  We propose an alternative technique: the automatic generation of fuzzing grammars using API-level concolic testing.  ...  In Section 3, the implementation of the YMIR system, developed to carry out automatic fuzzing grammar generation via ACT, is described in detail.  ... 
doi:10.1016/j.cose.2013.02.001 fatcat:tahoini2wzdr3ktdq2y6xsbuca

High-Coverage Symbolic Patch Testing [chapter]

Paul Dan Marinescu, Cristian Cadar
2012 Lecture Notes in Computer Science  
In this paper, we propose an automatic technique based on symbolic execution, that aims to increase the quality of patches by providing developers with an automated mechanism for generating a set of comprehensive  ...  test cases covering all or most of the statements in a software patch.  ...  Acknowledgments We would like to thank the SPIN program committee chairs, Alastair Donaldson and David Parker, for their invitation to write this paper.  ... 
doi:10.1007/978-3-642-31759-0_2 fatcat:zy25sozzpnagbeibdy7o5qssxq

Constructing coding duels in Pex4Fun and code hunt

Nikolai Tillmann, Jonathan de Halleux, Tao Xie, Judith Bishop
2014 Proceedings of the 2014 International Symposium on Software Testing and Analysis - ISSTA 2014  
Pex is an automatic white-box test-generation tool for .NET. We have established that games can be built on top of Pex to open the tool to students and to the general public.  ...  This tool demonstration shows how coding duels in Pex4Fun and Code Hunt can be constructed and used in teaching and training programming and software engineering.  ...  During the execution of the program under test, DSE performs symbolic execution in parallel to collect symbolic constraints on program inputs obtained from predicates in branch statements along the execution  ... 
doi:10.1145/2610384.2628054 dblp:conf/issta/TillmannHXB14 fatcat:zyzjfqxllrhafchw5rltwr6v7u
« Previous Showing results 1 — 15 out of 25,381 results