发布求助
文献互助 智能选刊 最新文献

Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis最新文献

筛选
英文 中文
Effective test generation and adequacy assessment for JavaScript-based web applications 基于javascript的web应用程序的有效测试生成和充分性评估
Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis Pub Date : 2014-07-21 DOI: 10.1145/2610384.2631832
Shabnam Mirshokraie
{"title":"Effective test generation and adequacy assessment for JavaScript-based web applications","authors":"Shabnam Mirshokraie","doi":"10.1145/2610384.2631832","DOIUrl":"https://doi.org/10.1145/2610384.2631832","url":null,"abstract":"Modern web applications rely heavily on JavaScript and client-side runtime manipulation of the DOM (Document Object Model) tree. However, JavaScript is loosely typed, dynamic, and challenging to analyze and test. We propose an automated technique to generate regression test cases at two complementary levels: (1) individual JavaScript functions, and (2) DOM event sequences. Moreover, to assess the quality of the test cases we propose a mutation testing technique that leverages static and dynamic program analysis to guide the mutation generation process towards parts of the code that are error-prone or likely to influence the program's output.","PeriodicalId":20624,"journal":{"name":"Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis","volume":"28 1","pages":"453-456"},"PeriodicalIF":0.0,"publicationDate":"2014-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87286873","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Runtime prevention of concurrency related type-state violations in multithreaded applications 运行时防止多线程应用程序中与并发相关的类型状态违反
Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis Pub Date : 2014-07-21 DOI: 10.1145/2610384.2610405
Lu Zhang, Chao Wang
{"title":"Runtime prevention of concurrency related type-state violations in multithreaded applications","authors":"Lu Zhang, Chao Wang","doi":"10.1145/2610384.2610405","DOIUrl":"https://doi.org/10.1145/2610384.2610405","url":null,"abstract":"We propose a new method for runtime prevention of type state violations in multithreaded applications due to erroneous thread interleavings. The new method employs a combination of static and dynamic program analysis techniques to control the execution order of the method calls to suppress illegal call sequences. The legal behavior of a shared object is specified by a type-state automaton, which serves as the guidance for our method to delay certain method calls at run time. Our main contribution is a new theoretical framework for ensuring that the runtime prevention strategy is always safe, i.e., they do not introduce new erroneous interleavings. Furthermore, whenever the static program analysis is precise enough, our method guarantees to steer the program to a failurefree interleaving as long as such interleaving exists. We have implemented the new method in a tool based on the LLVM compiler framework. Our experiments on a set of multithreaded C/C++ applications show that the method is both efficient and effective in suppressing concurrency related type-state violations.","PeriodicalId":20624,"journal":{"name":"Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis","volume":"55 1","pages":"1-12"},"PeriodicalIF":0.0,"publicationDate":"2014-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76860902","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
Semantic differential repair for input validation and sanitization 用于输入验证和清理的语义差异修复
Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis Pub Date : 2014-07-21 DOI: 10.1145/2610384.2610401
Muath Alkhalaf, Abdulbaki Aydin, T. Bultan
{"title":"Semantic differential repair for input validation and sanitization","authors":"Muath Alkhalaf, Abdulbaki Aydin, T. Bultan","doi":"10.1145/2610384.2610401","DOIUrl":"https://doi.org/10.1145/2610384.2610401","url":null,"abstract":"Correct validation and sanitization of user input is crucial in web applications for avoiding security vulnerabilities and erroneous application behavior. We present an automated differential repair technique for input validation and sanitization functions. Differential repair can be used within an application to repair client and server-side code with respect to each other, or across applications in order to strengthen the validation and sanitization checks. Given a reference and a target function, our differential repair technique strengthens the validation and sanitization operations in the target function based on the reference function. It does this by synthesizing three patches: a validation, a length, and a sanitization patch. Our automated patch synthesis algorithms are based on forward and backward symbolic string analyses that use automata as a symbolic representation. Composition of the three automatically synthesized patches with the original target function results in the repaired function, which provides stronger validation and sanitization than both the target and the reference functions.","PeriodicalId":20624,"journal":{"name":"Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis","volume":"1 1","pages":"225-236"},"PeriodicalIF":0.0,"publicationDate":"2014-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76022860","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 43
Canalyze: a static bug-finding tool for C programs 用于C程序的静态bug查找工具
Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis Pub Date : 2014-07-21 DOI: 10.1145/2610384.2628050
Zhenbo Xu, Jian Zhang, Zhongxing Xu, Jiteng Wang
{"title":"Canalyze: a static bug-finding tool for C programs","authors":"Zhenbo Xu, Jian Zhang, Zhongxing Xu, Jiteng Wang","doi":"10.1145/2610384.2628050","DOIUrl":"https://doi.org/10.1145/2610384.2628050","url":null,"abstract":"Symbolic analysis is a commonly used approach for static bug finding. It usually performs a precise path-by-path symbolic simulation from program inputs. A major challenge is its scalability and precision on interprocedural analysis. The former limits the application to large programs. The latter may lead to many false alarms. \u0000 This paper presents a flexible, scalable and practical static bug detection tool, called Canalyze, for C programs. The flexibility is embodied in our modular design that supports different precision-level constraint solvers and interprocedural analyses. Based on these options, one can enable the less precise options to achieve a more scalable analysis or the more time-consuming options to perform a more precise analysis. Our tool is also practical to analyze real-world applications. It has been applied to some industry systems and open source programs like httpd, lighttpd, etc. And hundreds of newly found bugs were confirmed by the maintainers of our benchmarks.","PeriodicalId":20624,"journal":{"name":"Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis","volume":"5 1","pages":"425-428"},"PeriodicalIF":0.0,"publicationDate":"2014-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85686070","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Scalable detection of missed cross-function refactorings 遗漏的跨功能重构的可扩展检测
Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis Pub Date : 2014-07-21 DOI: 10.1145/2610384.2610394
Narcisa Andreea Milea, Lingxiao Jiang, Siau-Cheng Khoo
{"title":"Scalable detection of missed cross-function refactorings","authors":"Narcisa Andreea Milea, Lingxiao Jiang, Siau-Cheng Khoo","doi":"10.1145/2610384.2610394","DOIUrl":"https://doi.org/10.1145/2610384.2610394","url":null,"abstract":"Refactoring is an important way to improve the design of existing code. Identifying refactoring opportunities (i.e., code fragments that can be refactored) in large code bases is a challenging task. In this paper, we propose a novel, automated and scalable technique for identifying cross-function refactoring opportunities that span more than one function (e.g., Extract Method and Inline Method). The key of our technique is the design of efficient vector inlining operations that emulate the effect of method inlining among code fragments, so that the problem of identifying cross-function refactoring can be reduced to the problem of finding similar vectors before and after inlining. We have implemented our technique in a prototype tool named ReDex which encodes Java programs to particular vectors. We have applied the tool to a large code base, 4.5 million lines of code, comprising of 200 bundle projects in the Eclipse ecosystem (e.g., Eclipse JDT, Eclipse PDE, Apache Commons, Hamcrest, etc.). Also, different from many other studies on detecting refactoring, ReDex only searches for code fragments that can be, but have not yet been, refactored in a way similar to some refactoring that happened in the code base. Our results show that ReDex can find 277 cross-function refactoring opportunities in 2 minutes, and 223 cases were labelled as true opportunities by users, and cover many categories of cross-function refactoring operations in classical refactoring books, such as Self Encapsulate Field, Decompose Conditional Expression, Hide Delegate, Preserve Whole Object, etc.","PeriodicalId":20624,"journal":{"name":"Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis","volume":"57 1","pages":"138-148"},"PeriodicalIF":0.0,"publicationDate":"2014-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76873879","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Empirically revisiting the test independence assumption 从经验上重新审视测试独立性假设
Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis Pub Date : 2014-07-21 DOI: 10.1145/2610384.2610404
Sai Zhang, D. Jalali, Jochen Wuttke, Kivanç Muslu, Wing Lam, Michael D. Ernst, D. Notkin
{"title":"Empirically revisiting the test independence assumption","authors":"Sai Zhang, D. Jalali, Jochen Wuttke, Kivanç Muslu, Wing Lam, Michael D. Ernst, D. Notkin","doi":"10.1145/2610384.2610404","DOIUrl":"https://doi.org/10.1145/2610384.2610404","url":null,"abstract":"In a test suite, all the test cases should be independent: no test should affect any other test’s result, and running the tests in any order should produce the same test results. Techniques such as test prioritization generally assume that the tests in a suite are independent. Test dependence is a little-studied phenomenon. This paper presents five results related to test dependence. \u0000 First, we characterize the test dependence that arises in practice. We studied 96 real-world dependent tests from 5 issue tracking systems. Our study shows that test dependence can be hard for programmers to identify. It also shows that test dependence can cause non-trivial consequences, such as masking program faults and leading to spurious bug reports. \u0000 Second, we formally define test dependence in terms of test suites as ordered sequences of tests along with explicit environments in which these tests are executed. We formulate the problem of detecting dependent tests and prove that a useful special case is NP-complete. \u0000 Third, guided by the study of real-world dependent tests, we propose and compare four algorithms to detect dependent tests in a test suite. \u0000 Fourth, we applied our dependent test detection algorithms to 4 real-world programs and found dependent tests in each human-written and automatically-generated test suite. \u0000 Fifth, we empirically assessed the impact of dependent tests on five test prioritization techniques. Dependent tests affect the output of all five techniques; that is, the reordered suite fails even though the original suite did not.","PeriodicalId":20624,"journal":{"name":"Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis","volume":"103 1","pages":"385-396"},"PeriodicalIF":0.0,"publicationDate":"2014-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77091315","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 142
Reducing GUI test suites via program slicing 通过程序切片减少GUI测试套件
Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis Pub Date : 2014-07-21 DOI: 10.1145/2610384.2610391
Stephan Arlt, A. Podelski, Martin Wehrle
{"title":"Reducing GUI test suites via program slicing","authors":"Stephan Arlt, A. Podelski, Martin Wehrle","doi":"10.1145/2610384.2610391","DOIUrl":"https://doi.org/10.1145/2610384.2610391","url":null,"abstract":"A crucial problem in GUI testing is the identification of accurate event sequences that encode corresponding user interactions with the GUI. Ultimately, event sequences should be both feasible (i. e., executable on the GUI) and relevant (i.e., cover as much of the code as possible). So far, most work on GUI testing focused on approaches to generate feasible event sequences. In addition, based on event dependency analyses, a recently proposed static analysis approach systematically aims at selecting both relevant and feasible event sequences. However, statically analyzing event dependencies can cause the generation of a huge number of event sequences, leading to unmanageable GUI test suites that are not executable within reasonable time. In this paper we propose a refined static analysis approach based on program slicing. On the theoretical side, our approach identifies and eliminates redundant event sequences in GUI test suites. Redundant event sequences have the property that they are guaranteed to not affect the test effectiveness. On the practical side, we have implemented a slicing-based test suite reduction algorithm that approximatively identifies redundant event sequences. Our experiments on six open source GUI applications show that our reduction algorithm significantly reduces the size of GUI test suites. As a result, the overall execution time could significantly be reduced without losing test effectiveness.","PeriodicalId":20624,"journal":{"name":"Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis","volume":"1 6 1","pages":"270-281"},"PeriodicalIF":0.0,"publicationDate":"2014-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91542018","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
Cross-platform feature matching for web applications web应用程序的跨平台特性匹配
Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis Pub Date : 2014-07-21 DOI: 10.1145/2610384.2610409
Shauvik Roy Choudhary, M. Prasad, A. Orso
{"title":"Cross-platform feature matching for web applications","authors":"Shauvik Roy Choudhary, M. Prasad, A. Orso","doi":"10.1145/2610384.2610409","DOIUrl":"https://doi.org/10.1145/2610384.2610409","url":null,"abstract":"With the emergence of new computing platforms, software written for traditional platforms is being re-targeted to reach the users on these new platforms. In particular, due to the proliferation of mobile computing devices, it is common practice for companies to build mobile-specific versions of their existing web applications to provide mobile users with a better experience. Because the differences between desktop and mobile versions of a web application are not only cosmetic, but can also include substantial rewrites of key components, it is not uncommon for these different versions to provide different sets of features. Whereas some of these differences are intentional, such as the addition of location-based features on mobile devices, others are not and can negatively affect the user experience, as confirmed by numerous user reports and complaints. Unfortunately, checking and maintaining the consistency of different versions of an application by hand is not only time consuming, but also error prone. To address this problem, and help developers in this difficult task, we propose an automated technique for matching features across different versions of a multi-platform web application. We implemented our technique in a tool, called FMAP, and used it to perform a preliminary empirical evaluation on nine real-world multi-platform web applications. The results of our evaluation are promising, as FMAP was able to correctly identify missing features between desktop and mobile versions of the web applications considered, as confirmed by our analysis of user reports and software fixes for these applications.","PeriodicalId":20624,"journal":{"name":"Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis","volume":"1 1","pages":"82-92"},"PeriodicalIF":0.0,"publicationDate":"2014-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89842043","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
A type system for format strings 格式化字符串的类型系统
Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis Pub Date : 2014-07-21 DOI: 10.1145/2610384.2610417
Konstantin Weitz, Gene Louis Kim, Siwakorn Srisakaokul, Michael D. Ernst
{"title":"A type system for format strings","authors":"Konstantin Weitz, Gene Louis Kim, Siwakorn Srisakaokul, Michael D. Ernst","doi":"10.1145/2610384.2610417","DOIUrl":"https://doi.org/10.1145/2610384.2610417","url":null,"abstract":"Most programming languages support format strings, but their use is error-prone. Using the wrong format string syntax, or passing the wrong number or type of arguments, leads to unintelligible text output, program crashes, or security vulnerabilities. \u0000 This paper presents a type system that guarantees that calls to format string APIs will never fail. In Java, this means that the API will not throw exceptions. In C, this means that the API will not return negative values, corrupt memory, etc. \u0000 We instantiated this type system for Java’s Formatter API, and evaluated it on 6 large and well-maintained open-source projects. Format string bugs are common in practice (our type system found 104 bugs), and the annotation burden on the user of our type system is low (on average, for every bug found, only 1.0 annotations need to be written).","PeriodicalId":20624,"journal":{"name":"Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis","volume":"24 1","pages":"127-137"},"PeriodicalIF":0.0,"publicationDate":"2014-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83201880","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
X-PERT: a web application testing tool for cross-browser inconsistency detection X-PERT:用于跨浏览器不一致检测的web应用程序测试工具
Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis Pub Date : 2014-07-21 DOI: 10.1145/2610384.2628057
Shauvik Roy Choudhary, M. Prasad, A. Orso
{"title":"X-PERT: a web application testing tool for cross-browser inconsistency detection","authors":"Shauvik Roy Choudhary, M. Prasad, A. Orso","doi":"10.1145/2610384.2628057","DOIUrl":"https://doi.org/10.1145/2610384.2628057","url":null,"abstract":"Web applications are popular among developers because of the ease of development and deployment through the ubiquitous web browsing platform. However, differences in a web application's execution across different web browsers manifest as Cross-browser Inconsistencies (XBIs), which are a serious concern for web developers. Testing for XBIs manually is a laborious and error-prone process. In this demo we present X-PERT, which is a tool to identify XBIs in web applications automatically, without requiring any effort from the developer. X-PERT implements a comprehensive technique to identify XBIs and has been found to be effective in detecting real-world XBIs in our empirical evaluation. The source code of X-PERT and XBI reports from our evaluation are available at http://gatech.github.io/xpert.","PeriodicalId":20624,"journal":{"name":"Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis","volume":"1 1","pages":"417-420"},"PeriodicalIF":0.0,"publicationDate":"2014-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89083340","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 26
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信