research-article

Targeted test input generation using symbolic-concrete backward execution

Authors:

Gul AghaAuthors Info & Claims

ASE '14: Proceedings of the 29th ACM/IEEE International Conference on Automated Software Engineering

Pages 31 - 36

https://doi.org/10.1145/2642937.2642951

Published: 15 September 2014 Publication History

Abstract

Knowing inputs that cover a specific branch or statement in a program is useful for debugging and regression testing. Symbolic backward execution (SBE) is a natural approach to find such targeted inputs. However, SBE struggles with complicated arithmetic, external method calls, and data-dependent loops that occur in many real-world programs. We propose symcretic execution, a novel combination of SBE and concrete forward execution that can efficiently find targeted inputs despite these challenges. An evaluation of our approach on a range of test cases shows that symcretic execution finds inputs in more cases than concolic testing tools while exploring fewer path segments. Integration of our approach will allow test generation tools to fill coverage gaps and static bug detectors to verify candidate bugs with concrete test cases.

References

[1]

C. Andersson and P. Runeson. A replicated quantitative analysis of fault distributions in complex software systems. IEEE Trans. Softw. Eng., 33(5), 2007.

Digital Library

[2]

R. S. Boyer, B. Elspas, and K. N. Levitt. Select---a formal system for testing and debugging programs by symbolic execution. SIGPLAN Not., 10(6), Apr. 1975.

Digital Library

[3]

S. Chandra, S. J. Fink, and M. Sridharan. Snugglebug: a powerful approach to weakest preconditions. In PLDI, 2009.

Digital Library

[4]

F. Charreteur and A. Gotlieb. Constraint-based test input generation for java bytecode. In ISSRE, 2010.

Digital Library

[5]

L. M. de Moura and N. Bjørner. Z3: An efficient SMT solver. In TACAS, 2008.

Digital Library

[6]

P. Dinges and G. Agha. Solving complex path conditions through heuristic search on induced polytopes. In SIGSOFT FSE, 2014.

Digital Library

[7]

T. Do, A. C. M. Fong, and R. Pears. Precise guidance to dynamic test generation. In ENASE, 2012.

[8]

J. Dolby, S. J. Fink, and M. Sridharan. T. J. Watson libraries for analysis (WALA). http://wala.sf.net.

[9]

N. E. Fenton and N. Ohlsson. Quantitative analysis of faults and failures in a complex software system. IEEE Trans. Softw. Eng., 26(8), 2000.

Digital Library

[10]

G. Fraser and A. Arcuri. Evosuite: automatic test suite generation for object-oriented software. In SIGSOFT FSE 2011. ACM, 2011.

Digital Library

[11]

G. Fraser, M. Staats, P. McMinn, A. Arcuri, and F. Padberg. Does automated white-box test generation really help software testers? In M. Pezzé and M. Harman, editors, ISSTA. ACM, 2013.

Digital Library

[12]

P. Godefroid, N. Klarlund, and K. Sen. Dart: directed automated random testing. In PLDI, 2005.

Digital Library

[13]

M. Gómez-Zamalloa, E. Albert, and G. Puebla. Test case generation for object-oriented imperative languages in clp. TPLP, 10(4--6), 2010.

Digital Library

[14]

B. Korel. Automated software test data generation. IEEE Trans. Softw. Eng., 16(8), 1990.

Digital Library

[15]

K.-K. Ma, Y. P. Khoo, J. S. Foster, and M. Hicks. Directed symbolic execution. In SAS, 2011.

Digital Library

[16]

R. Manevich, M. Sridharan, S. Adams, M. Das, and Z. Yang. PSE: explaining program failures via postmortem static analysis. In SIGSOFT FSE, 2004.

Digital Library

[17]

P. McMinn. Search-based software test data generation: a survey. Softw. Test., Verif. Reliab., 14(2), 2004.

Digital Library

[18]

C. S. Pasareanu and N. Rungta. Symbolic PathFinder: symbolic execution of java bytecode. In ASE 2010. ACM, 2010.

Digital Library

[19]

K. Sen and G. Agha. CUTE and jCUTE: Concolic unit testing and explicit path model-checking tools. In CAV 2006, volume 4144 of LNCS. Springer, 2006.

Digital Library

[20]

K. Sen, D. Marinov, and G. Agha. CUTE: a concolic unit testing engine for C. In SIGSOFT FSE, 2005.

Digital Library

[21]

N. Tillmann and J. de Halleux. Pex-white box test generation for .NET. In TAP 2008, volume 4966 of LNCS. Springer, 2008.

Digital Library

[22]

F. Tip. A survey of program slicing techniques. J. Prog. Lang., 3(3), 1995.

[23]

Z. Xu and G. Rothermel. Directed test suite augmentation. In S. Sulaiman and N. M. M. Noor, editors, APSEC. IEEE Computer Society, 2009.

Digital Library

[24]

C. Zamfir and G. Candea. Execution synthesis: a technique for automated software debugging. In EuroSys, 2010.

Digital Library

Cited By

Miltenberger MArzt S(2024)Precisely Extracting Complex Variable Values from Android AppsACM Transactions on Software Engineering and Methodology10.1145/364959133:5(1-56)Online publication date: 4-Jun-2024
https://dl.acm.org/doi/10.1145/3649591
Yang BMa XGuo HHe YXu F(2023)An Approach of Improving the Efficiency of Software Fault Localization based on Feedback Ranking InformationApplied Sciences10.3390/app13181035113:18(10351)Online publication date: 15-Sep-2023
https://doi.org/10.3390/app131810351
Zhang YHu YLi HShi WNing ZLuo XZhang FJust RFraser G(2023)Alligator in Vest: A Practical Failure-Diagnosis Framework via Arm Hardware FeaturesProceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3597926.3598106(917-928)Online publication date: 12-Jul-2023
https://dl.acm.org/doi/10.1145/3597926.3598106
Show More Cited By

Index Terms

Targeted test input generation using symbolic-concrete backward execution

Recommendations

Test generation via Dynamic Symbolic Execution for mutation testing
ICSM '10: Proceedings of the 2010 IEEE International Conference on Software Maintenance

Mutation testing has been used to assess and improve the quality of test inputs. Generating test inputs to achieve high mutant-killing ratios is important in mutation testing. However, existing test-generation techniques do not provide effective support ...
Parallel test generation and execution with Korat
ESEC-FSE '07: Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering

We present novel algorithms for parallel testing of code that takes structurally complex test inputs. The algorithms build on the Korat algorithm for constraint-based generation of structurally complex test inputs. Given an imperative predicate that ...
Model-based test case generation using symbolic execution
JAMAICA 2013: Proceedings of the 2013 International Workshop on Joining AcadeMiA and Industry Contributions to testing Automation

In this paper, we present a test case generation method in which test cases are generated from Excel-based functional specications, called error-check/update specications. This method has the following two characteristics. 1) Logical structures and ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ASE '14: Proceedings of the 29th ACM/IEEE International Conference on Automated Software Engineering

September 2014

934 pages

ISBN:9781450330138

DOI:10.1145/2642937

General Chair:
Ivica Crnkovic
Mälardalen University, Sweden
,
Program Chairs:
Marsha Chechik
University of Toronto, Canada
,
Paul Grünbacher
Johannes Kepler Universität Linz, Austria

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGAI: ACM Special Interest Group on Artificial Intelligence
SIGSOFT: ACM Special Interest Group on Software Engineering
Mälardalen University: Mälardalen University
IEEE CS

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 September 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

ASE '14

Sponsor:

SIGAI
SIGSOFT
Mälardalen University

ASE '14: ACM/IEEE International Conference on Automated Software Engineering

September 15 - 19, 2014

Vasteras, Sweden

Acceptance Rates

ASE '14 Paper Acceptance Rate 82 of 337 submissions, 24%;

Overall Acceptance Rate 82 of 337 submissions, 24%

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

36
Total Citations
View Citations
615
Total Downloads

Downloads (Last 12 months)69
Downloads (Last 6 weeks)3

Reflects downloads up to 22 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Miltenberger MArzt S(2024)Precisely Extracting Complex Variable Values from Android AppsACM Transactions on Software Engineering and Methodology10.1145/364959133:5(1-56)Online publication date: 4-Jun-2024
https://dl.acm.org/doi/10.1145/3649591
Yang BMa XGuo HHe YXu F(2023)An Approach of Improving the Efficiency of Software Fault Localization based on Feedback Ranking InformationApplied Sciences10.3390/app13181035113:18(10351)Online publication date: 15-Sep-2023
https://doi.org/10.3390/app131810351
Zhang YHu YLi HShi WNing ZLuo XZhang FJust RFraser G(2023)Alligator in Vest: A Practical Failure-Diagnosis Framework via Arm Hardware FeaturesProceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3597926.3598106(917-928)Online publication date: 12-Jul-2023
https://dl.acm.org/doi/10.1145/3597926.3598106
Yang SHe YChen KMa ZLuo XXie YChen JZhang CJust RFraser G(2023)1dFuzz: Reproduce 1-Day Vulnerabilities with Directed Differential FuzzingProceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3597926.3598102(867-879)Online publication date: 12-Jul-2023
https://dl.acm.org/doi/10.1145/3597926.3598102
Jia FHan RHuang PLiu MMa FZhang JJust RFraser G(2023)Improving Bit-Blasting for Nonlinear Integer ConstraintsProceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3597926.3598034(14-25)Online publication date: 12-Jul-2023
https://dl.acm.org/doi/10.1145/3597926.3598034
Brandt CWang DZaidman A(2023)When to Let the Developer Guide: Trade-offs Between Open and Guided Test Amplification2023 IEEE 23rd International Working Conference on Source Code Analysis and Manipulation (SCAM)10.1109/SCAM59687.2023.00032(231-241)Online publication date: 2-Oct-2023
https://doi.org/10.1109/SCAM59687.2023.00032
Huang Z(2023)Targeted Symbolic Execution for UAF Vulnerabilities2023 7th International Conference on System Reliability and Safety (ICSRS)10.1109/ICSRS59833.2023.10381130(282-289)Online publication date: 22-Nov-2023
https://doi.org/10.1109/ICSRS59833.2023.10381130
Busse FGharat PCadar CDonaldson ARyu SSmaragdakis Y(2022)Combining static analysis error traces with dynamic symbolic execution (experience paper)Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3533767.3534384(568-579)Online publication date: 18-Jul-2022
https://dl.acm.org/doi/10.1145/3533767.3534384
Luo YPeng JLin J(2022)WindArms: More Efficient DGF Coverage-Guided Tracing2022 IEEE 22nd International Conference on Communication Technology (ICCT)10.1109/ICCT56141.2022.10073335(1293-1299)Online publication date: 11-Nov-2022
https://doi.org/10.1109/ICCT56141.2022.10073335
Sohal PTabish RDrepper UMancuso R(2022)Profile-driven memory bandwidth management for accelerators and CPUs in QoS-enabled platformsReal-Time Systems10.1007/s11241-022-09382-x58:3(235-274)Online publication date: 1-Sep-2022
https://dl.acm.org/doi/10.1007/s11241-022-09382-x
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents