SlideShare a Scribd company logo

How We Get There: A Context-Guided Search Strategy in Concolic Testing (FSE 2014)

Download as PPTX, PDF
Sung Kim
Sung Kim

Hyunmin's FSE presentation.

Software
1 of 34
How We Get There: A Context-Guided Search Strategy in Concolic Testing Hyunmin Seo and Sunghun Kim The Hong Kong University of Science and Technology Nov. 19 2014 FSE, Hong Kong
Concolic Testing 2 푝푐1 푝푐2 푝푐3 푝푐4 휋1 푰ퟏ b9 푃퐶 = 푝푐1⋀푝푐2⋀푝푐3⋀푝푐4⋀… 푃퐶′ = 푝푐1⋀푝푐2⋀¬푝푐3 푰ퟑ 휋2 휋1 휋3 b1 b2 b3 b4 푰ퟐ ⟹ Execution Tree 푰ퟐ b1 b2 b9 b10 휋2 휋1
Path Explosion Challenge • Exponentially many execution paths 3 4 conditional nodes 16 (24) execution paths
Path Explosion Challenge • grep – text search utility • 19K LOC • Statically - 4K branches in CFG • Dynamically - 8K branches in an execution path 4 *CFG of re_match_2_internal in grep
Search Strategy • Given a limited testing budget, select high-priority branches first to improve coverage fast 5 • Run 푷 with a concrete input 푰 • Execution path 흅 = 풃ퟏ풃ퟐ풃ퟑ … • Select a branch 풃풊 • Generate 푰′ for 흅′ = 풃ퟏ풃ퟐ풃ퟑ…풃 풊 • By symbolic execution and constraint solving Repeat
Existing Search Strategies 6 DFS BFS Random
Coverage-Optimized Strategies 7 • CFG – How far is any uncovered branch from this? • CarFast – How many can be covered by this? • Generational – How many are actually covered by this?
Context-Guided Search Considers context of a branch and selects a branch in the new context 8
Intuition behind CGS Explore diverse state of P by avoiding exploring the same state - “same” in the limited context 9
CGS Example 10 b7 b8 b7 b7 b7 b7 휋1 휋2 휋3 휋4 b5 b6
CGS Example b6 b6 b6 b5 11 b5 b6 b7 b8 b7 b7 b7 b7 휋1 휋2 휋3 휋4 SELECT SKIP SKIP SELECT
Context •k-Context of branch b • A sequence of k preceding branches of b in an execution path • Example • 3-Context of b6 : (b6, b4, b1) 12 b2 b4 b6 π1 b1 b3 b5
Optimal k • 1-Context • Select each branch only once • ∞-Context • Select all branches • Optimal k for the best coverage depends on • Testing budget • Characteristic of the subjects 13
Incremental Search 14 BFS traversal 1-context 2-context 3-context
Dominators if every path from the entry node to node n must go through node d 15 Node d dominates node n, Dom(b11) {b9, b7, b5, b3} 2-Context of b11 along 흅ퟏ= (b11, b9) 2-Context of b11 along 흅ퟐ= (b11, b9) 2-Context of b11 along 흅ퟏ= (b11, b1) 2-Context of b11 along 흅ퟐ= (b11, b2) b1 b2 b3 b5 b7 b9 b11 b4 b6 b8 b10 b12 π1 π2
Research Questions • RQ1 – Given the same testing budget, how many branches can be covered? • RQ2 – Given a target coverage goal, how many iterations are required to achieve the goal? • RQ3 – What is the effect of dominators and incremental k? • RQ4 – How different are the covered branch sets by different strategies? 16
Evaluation Subjects 17 Subject Testing Tool Language LOC grep CREST C 19K replace CREST C 0.5K expat CREST C 18K cdaudio CREST C 2K floppy CREST C 1.5K kbfiltr CREST C 1K tp300 CarFastTool Java 0.3K tp600 CarFastTool Java 0.6K tp1k CarFastTool Java 1.5K tp2k CarFastTool Java 2.4K tp5k CarFastTool Java 5.8K tp10k CarFastTool Java 28K
18 RQ1-Coverage – C Subjects
19 RQ1-Coverage – C Subjects
RQ1-Coverage - Java Subjects 20 350 300 250 200 150 100 tp600 0 500 1000 1500 Number of branches covered Iterations CGS CarFast
RQ2 – Reaching the Target (C Subjects) 21
RQ2 – Reaching the Target (Java Subjects) 22
RQ3 - Effect of Dominators 23
RQ3 - Effect of Incremental Search 24
RQ4 - Comparison of Covered Branch Sets CovCGS - A set of branches covered by CGS CovOthers - A set of branches covered by other strategies CovOthers ≤ |CovCGS| Cov CovCGS Others 25 CovCGS CovOthers
RQ4 - Comparison of Covered Branch Sets 26 CovCGS CovOthers replace, cdaudio, floppy, kbfiltr Tp300, tp600, tp1k, tp2k CovOthers ⊆ |CovCGS| grep CovOthers − CovCGS |CovCGS| = 0.1 ~ 3% Cov CovCGS CFG 61 1606 383
Threats to Validity • Precision in Symbolic Execution • Non-linear expression, Floating-Point operations, Symbolic pointer dereferencing • Input vector • Size of input, Optional arguments • External Validity • Test subjects and strategies might not be representative 27
Summary • Path explosion challenge in Concolic testing • Search strategies prioritizes branches according to some criteria • CGS • Selects branches in the new context • Use dominators to exclude irrelevant branches • BFS search + incrementally increase of the size of context • Evaluation on six C and six Java subjects • Achieved the highest coverage on all twelve subjects • Reached the target much faster on most subjects 28
Backup Slides 29
Coverage for C Subjects 30
Coverage for Java Subjects 31 Mann-Whitney U test P-value < 0.01
Related Work • Pruning Redundant Path • RWset [Cristian ‘08] • Interpolation [Jaffar ’13] • Function Summary • Compositional [Godefroid ‘07, ‘10] • Demand-driven compositional [Anand ‘08] • Others • Fitness-guided approach [Xie ’09], Sub-path guided [Li ‘13] • Hybrid [Majumdar ‘07] 32
Branch Selection in CGS 33
Search Strategies in KLEE 34

Recommended

A Survey on Dynamic Symbolic Execution for Automatic Test Generation
A Survey on Dynamic Symbolic Execution for Automatic Test GenerationA Survey on Dynamic Symbolic Execution for Automatic Test Generation
A Survey on Dynamic Symbolic Execution for Automatic Test GenerationSung Kim
 
Automatically Generated Patches as Debugging Aids: A Human Study (FSE 2014)
Automatically Generated Patches as Debugging Aids: A Human Study (FSE 2014)Automatically Generated Patches as Debugging Aids: A Human Study (FSE 2014)
Automatically Generated Patches as Debugging Aids: A Human Study (FSE 2014)Sung Kim
 
REMI: Defect Prediction for Efficient API Testing (

ESEC/FSE 2015, Industria...
REMI: Defect Prediction for Efficient API Testing (

ESEC/FSE 2015, Industria...REMI: Defect Prediction for Efficient API Testing (

ESEC/FSE 2015, Industria...
REMI: Defect Prediction for Efficient API Testing (

ESEC/FSE 2015, Industria...Sung Kim
 
Personalized Defect Prediction
Personalized Defect PredictionPersonalized Defect Prediction
Personalized Defect PredictionSung Kim
 
STAR: Stack Trace based Automatic Crash Reproduction
STAR: Stack Trace based Automatic Crash ReproductionSTAR: Stack Trace based Automatic Crash Reproduction
STAR: Stack Trace based Automatic Crash ReproductionSung Kim
 
Crowd debugging (FSE 2015)
Crowd debugging (FSE 2015)Crowd debugging (FSE 2015)
Crowd debugging (FSE 2015)Sung Kim
 
Isorc18 keynote
Isorc18 keynoteIsorc18 keynote
Isorc18 keynoteAbhik Roychoudhury
 
Deep API Learning (FSE 2016)
Deep API Learning (FSE 2016)Deep API Learning (FSE 2016)
Deep API Learning (FSE 2016)Sung Kim
 

Recommended

A Survey on Dynamic Symbolic Execution for Automatic Test Generation
A Survey on Dynamic Symbolic Execution for Automatic Test GenerationA Survey on Dynamic Symbolic Execution for Automatic Test Generation
A Survey on Dynamic Symbolic Execution for Automatic Test GenerationSung Kim
 
Automatically Generated Patches as Debugging Aids: A Human Study (FSE 2014)
Automatically Generated Patches as Debugging Aids: A Human Study (FSE 2014)Automatically Generated Patches as Debugging Aids: A Human Study (FSE 2014)
Automatically Generated Patches as Debugging Aids: A Human Study (FSE 2014)Sung Kim
 
REMI: Defect Prediction for Efficient API Testing (

ESEC/FSE 2015, Industria...
REMI: Defect Prediction for Efficient API Testing (

ESEC/FSE 2015, Industria...REMI: Defect Prediction for Efficient API Testing (

ESEC/FSE 2015, Industria...
REMI: Defect Prediction for Efficient API Testing (

ESEC/FSE 2015, Industria...Sung Kim
 
Personalized Defect Prediction
Personalized Defect PredictionPersonalized Defect Prediction
Personalized Defect PredictionSung Kim
 
STAR: Stack Trace based Automatic Crash Reproduction
STAR: Stack Trace based Automatic Crash ReproductionSTAR: Stack Trace based Automatic Crash Reproduction
STAR: Stack Trace based Automatic Crash ReproductionSung Kim
 
Crowd debugging (FSE 2015)
Crowd debugging (FSE 2015)Crowd debugging (FSE 2015)
Crowd debugging (FSE 2015)Sung Kim
 
Isorc18 keynote
Isorc18 keynoteIsorc18 keynote
Isorc18 keynoteAbhik Roychoudhury
 
Deep API Learning (FSE 2016)
Deep API Learning (FSE 2016)Deep API Learning (FSE 2016)
Deep API Learning (FSE 2016)Sung Kim
 
Transfer defect learning
Transfer defect learningTransfer defect learning
Transfer defect learningSung Kim
 
Mobilesoft 2017 Keynote
Mobilesoft 2017 KeynoteMobilesoft 2017 Keynote
Mobilesoft 2017 KeynoteAbhik Roychoudhury
 
Software Defect Prediction on Unlabeled Datasets
Software Defect Prediction on Unlabeled DatasetsSoftware Defect Prediction on Unlabeled Datasets
Software Defect Prediction on Unlabeled DatasetsSung Kim
 
Improving Fault Localization for Simulink Models using Search-Based Testing a...
Improving Fault Localization for Simulink Models using Search-Based Testing a...Improving Fault Localization for Simulink Models using Search-Based Testing a...
Improving Fault Localization for Simulink Models using Search-Based Testing a...Lionel Briand
 
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)Sung Kim
 
A Survey on Automatic Software Evolution Techniques
A Survey on Automatic Software Evolution TechniquesA Survey on Automatic Software Evolution Techniques
A Survey on Automatic Software Evolution TechniquesSung Kim
 
The Road Not Taken: Estimating Path Execution Frequency Statically
The Road Not Taken: Estimating Path Execution Frequency StaticallyThe Road Not Taken: Estimating Path Execution Frequency Statically
The Road Not Taken: Estimating Path Execution Frequency StaticallyRay Buse
 
Dissertation Defense
Dissertation DefenseDissertation Defense
Dissertation DefenseSung Kim
 
Extracting Domain Models from Natural-Language Requirements: Approach and Ind...
Extracting Domain Models from Natural-Language Requirements: Approach and Ind...Extracting Domain Models from Natural-Language Requirements: Approach and Ind...
Extracting Domain Models from Natural-Language Requirements: Approach and Ind...Lionel Briand
 
Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...
Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...
Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...Lionel Briand
 
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...Lionel Briand
 
Triantafyllia Voulibasi
Triantafyllia VoulibasiTriantafyllia Voulibasi
Triantafyllia VoulibasiISSEL
 
Applications of Machine Learning and Metaheuristic Search to Security Testing
Applications of Machine Learning and Metaheuristic Search to Security TestingApplications of Machine Learning and Metaheuristic Search to Security Testing
Applications of Machine Learning and Metaheuristic Search to Security TestingLionel Briand
 
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...Feng Zhang
 
Survey on Software Defect Prediction
Survey on Software Defect PredictionSurvey on Software Defect Prediction
Survey on Software Defect PredictionSung Kim
 
Automated Change Impact Analysis between SysML Models of Requirements and Design
Automated Change Impact Analysis between SysML Models of Requirements and DesignAutomated Change Impact Analysis between SysML Models of Requirements and Design
Automated Change Impact Analysis between SysML Models of Requirements and DesignLionel Briand
 
Fut Lsi
Fut LsiFut Lsi
Fut Lsipralhad19
 
Formal verification
Formal verificationFormal verification
Formal verificationDIlawar Singh
 
Automock: Interaction-Based Mock Code Generation
Automock: Interaction-Based Mock Code GenerationAutomock: Interaction-Based Mock Code Generation
Automock: Interaction-Based Mock Code GenerationSabrina Souto
 
Scalable Software Testing and Verification of Non-Functional Properties throu...
Scalable Software Testing and Verification of Non-Functional Properties throu...Scalable Software Testing and Verification of Non-Functional Properties throu...
Scalable Software Testing and Verification of Non-Functional Properties throu...Lionel Briand
 
Visualizing Symbolic Execution with Bokeh
Visualizing Symbolic Execution with BokehVisualizing Symbolic Execution with Bokeh
Visualizing Symbolic Execution with BokehAsankhaya Sharma
 
Heterogeneous Defect Prediction (

ESEC/FSE 2015)
Heterogeneous Defect Prediction (

ESEC/FSE 2015)Heterogeneous Defect Prediction (

ESEC/FSE 2015)
Heterogeneous Defect Prediction (

ESEC/FSE 2015)Sung Kim
 

More Related Content

What's hot

Transfer defect learning
Transfer defect learningTransfer defect learning
Transfer defect learningSung Kim
 
Software Defect Prediction on Unlabeled Datasets
Software Defect Prediction on Unlabeled DatasetsSoftware Defect Prediction on Unlabeled Datasets
Software Defect Prediction on Unlabeled DatasetsSung Kim
 
Improving Fault Localization for Simulink Models using Search-Based Testing a...
Improving Fault Localization for Simulink Models using Search-Based Testing a...Improving Fault Localization for Simulink Models using Search-Based Testing a...
Improving Fault Localization for Simulink Models using Search-Based Testing a...Lionel Briand
 
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)Sung Kim
 
A Survey on Automatic Software Evolution Techniques
A Survey on Automatic Software Evolution TechniquesA Survey on Automatic Software Evolution Techniques
A Survey on Automatic Software Evolution TechniquesSung Kim
 
The Road Not Taken: Estimating Path Execution Frequency Statically
The Road Not Taken: Estimating Path Execution Frequency StaticallyThe Road Not Taken: Estimating Path Execution Frequency Statically
The Road Not Taken: Estimating Path Execution Frequency StaticallyRay Buse
 
Dissertation Defense
Dissertation DefenseDissertation Defense
Dissertation DefenseSung Kim
 
Extracting Domain Models from Natural-Language Requirements: Approach and Ind...
Extracting Domain Models from Natural-Language Requirements: Approach and Ind...Extracting Domain Models from Natural-Language Requirements: Approach and Ind...
Extracting Domain Models from Natural-Language Requirements: Approach and Ind...Lionel Briand
 
Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...
Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...
Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...Lionel Briand
 
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...Lionel Briand
 
Triantafyllia Voulibasi
Triantafyllia VoulibasiTriantafyllia Voulibasi
Triantafyllia VoulibasiISSEL
 
Applications of Machine Learning and Metaheuristic Search to Security Testing
Applications of Machine Learning and Metaheuristic Search to Security TestingApplications of Machine Learning and Metaheuristic Search to Security Testing
Applications of Machine Learning and Metaheuristic Search to Security TestingLionel Briand
 
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...Feng Zhang
 
Survey on Software Defect Prediction
Survey on Software Defect PredictionSurvey on Software Defect Prediction
Survey on Software Defect PredictionSung Kim
 
Automated Change Impact Analysis between SysML Models of Requirements and Design
Automated Change Impact Analysis between SysML Models of Requirements and DesignAutomated Change Impact Analysis between SysML Models of Requirements and Design
Automated Change Impact Analysis between SysML Models of Requirements and DesignLionel Briand
 
Automock: Interaction-Based Mock Code Generation
Automock: Interaction-Based Mock Code GenerationAutomock: Interaction-Based Mock Code Generation
Automock: Interaction-Based Mock Code GenerationSabrina Souto
 
Scalable Software Testing and Verification of Non-Functional Properties throu...
Scalable Software Testing and Verification of Non-Functional Properties throu...Scalable Software Testing and Verification of Non-Functional Properties throu...
Scalable Software Testing and Verification of Non-Functional Properties throu...Lionel Briand
 

What's hot (20)

Transfer defect learning
Transfer defect learningTransfer defect learning
Transfer defect learning
 
Mobilesoft 2017 Keynote
Mobilesoft 2017 KeynoteMobilesoft 2017 Keynote
Mobilesoft 2017 Keynote
 
Software Defect Prediction on Unlabeled Datasets
Software Defect Prediction on Unlabeled DatasetsSoftware Defect Prediction on Unlabeled Datasets
Software Defect Prediction on Unlabeled Datasets
 
Improving Fault Localization for Simulink Models using Search-Based Testing a...
Improving Fault Localization for Simulink Models using Search-Based Testing a...Improving Fault Localization for Simulink Models using Search-Based Testing a...
Improving Fault Localization for Simulink Models using Search-Based Testing a...
 
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)
 
A Survey on Automatic Software Evolution Techniques
A Survey on Automatic Software Evolution TechniquesA Survey on Automatic Software Evolution Techniques
A Survey on Automatic Software Evolution Techniques
 
The Road Not Taken: Estimating Path Execution Frequency Statically
The Road Not Taken: Estimating Path Execution Frequency StaticallyThe Road Not Taken: Estimating Path Execution Frequency Statically
The Road Not Taken: Estimating Path Execution Frequency Statically
 
Dissertation Defense
Dissertation DefenseDissertation Defense
Dissertation Defense
 
Extracting Domain Models from Natural-Language Requirements: Approach and Ind...
Extracting Domain Models from Natural-Language Requirements: Approach and Ind...Extracting Domain Models from Natural-Language Requirements: Approach and Ind...
Extracting Domain Models from Natural-Language Requirements: Approach and Ind...
 
Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...
Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...
Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...
 
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...
 
Triantafyllia Voulibasi
Triantafyllia VoulibasiTriantafyllia Voulibasi
Triantafyllia Voulibasi
 
Applications of Machine Learning and Metaheuristic Search to Security Testing
Applications of Machine Learning and Metaheuristic Search to Security TestingApplications of Machine Learning and Metaheuristic Search to Security Testing
Applications of Machine Learning and Metaheuristic Search to Security Testing
 
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...
 
Survey on Software Defect Prediction
Survey on Software Defect PredictionSurvey on Software Defect Prediction
Survey on Software Defect Prediction
 
Automated Change Impact Analysis between SysML Models of Requirements and Design
Automated Change Impact Analysis between SysML Models of Requirements and DesignAutomated Change Impact Analysis between SysML Models of Requirements and Design
Automated Change Impact Analysis between SysML Models of Requirements and Design
 
Fut Lsi
Fut LsiFut Lsi
Fut Lsi
 
Formal verification
Formal verificationFormal verification
Formal verification
 
Automock: Interaction-Based Mock Code Generation
Automock: Interaction-Based Mock Code GenerationAutomock: Interaction-Based Mock Code Generation
Automock: Interaction-Based Mock Code Generation
 
Scalable Software Testing and Verification of Non-Functional Properties throu...
Scalable Software Testing and Verification of Non-Functional Properties throu...Scalable Software Testing and Verification of Non-Functional Properties throu...
Scalable Software Testing and Verification of Non-Functional Properties throu...
 

Viewers also liked

Visualizing Symbolic Execution with Bokeh
Visualizing Symbolic Execution with BokehVisualizing Symbolic Execution with Bokeh
Visualizing Symbolic Execution with BokehAsankhaya Sharma
 
Heterogeneous Defect Prediction (

ESEC/FSE 2015)
Heterogeneous Defect Prediction (

ESEC/FSE 2015)Heterogeneous Defect Prediction (

ESEC/FSE 2015)
Heterogeneous Defect Prediction (

ESEC/FSE 2015)Sung Kim
 
How Do Software Engineers Understand Code Changes? FSE 2012
How Do Software Engineers Understand Code Changes? FSE 2012How Do Software Engineers Understand Code Changes? FSE 2012
How Do Software Engineers Understand Code Changes? FSE 2012Sung Kim
 
The Anatomy of Developer Social Networks
The Anatomy of Developer Social NetworksThe Anatomy of Developer Social Networks
The Anatomy of Developer Social NetworksSung Kim
 
Source code comprehension on evolving software
Source code comprehension on evolving softwareSource code comprehension on evolving software
Source code comprehension on evolving softwareSung Kim
 
Automatic patch generation learned from human written patches
Automatic patch generation learned from human written patchesAutomatic patch generation learned from human written patches
Automatic patch generation learned from human written patchesSung Kim
 
CrashLocator: Locating Crashing Faults Based on Crash Stacks (ISSTA 2014)
CrashLocator: Locating Crashing Faults Based on Crash Stacks (ISSTA 2014)CrashLocator: Locating Crashing Faults Based on Crash Stacks (ISSTA 2014)
CrashLocator: Locating Crashing Faults Based on Crash Stacks (ISSTA 2014)Sung Kim
 
A Survey on Automatic Test Generation and Crash Reproduction
A Survey on Automatic Test Generation and Crash ReproductionA Survey on Automatic Test Generation and Crash Reproduction
A Survey on Automatic Test Generation and Crash ReproductionSung Kim
 
Tensor board
Tensor boardTensor board
Tensor boardSung Kim
 
Time series classification
Time series classificationTime series classification
Time series classificationSung Kim
 

Viewers also liked (10)

Visualizing Symbolic Execution with Bokeh
Visualizing Symbolic Execution with BokehVisualizing Symbolic Execution with Bokeh
Visualizing Symbolic Execution with Bokeh
 
Heterogeneous Defect Prediction (

ESEC/FSE 2015)
Heterogeneous Defect Prediction (

ESEC/FSE 2015)Heterogeneous Defect Prediction (

ESEC/FSE 2015)
Heterogeneous Defect Prediction (

ESEC/FSE 2015)
 
How Do Software Engineers Understand Code Changes? FSE 2012
How Do Software Engineers Understand Code Changes? FSE 2012How Do Software Engineers Understand Code Changes? FSE 2012
How Do Software Engineers Understand Code Changes? FSE 2012
 
The Anatomy of Developer Social Networks
The Anatomy of Developer Social NetworksThe Anatomy of Developer Social Networks
The Anatomy of Developer Social Networks
 
Source code comprehension on evolving software
Source code comprehension on evolving softwareSource code comprehension on evolving software
Source code comprehension on evolving software
 
Automatic patch generation learned from human written patches
Automatic patch generation learned from human written patchesAutomatic patch generation learned from human written patches
Automatic patch generation learned from human written patches
 
CrashLocator: Locating Crashing Faults Based on Crash Stacks (ISSTA 2014)
CrashLocator: Locating Crashing Faults Based on Crash Stacks (ISSTA 2014)CrashLocator: Locating Crashing Faults Based on Crash Stacks (ISSTA 2014)
CrashLocator: Locating Crashing Faults Based on Crash Stacks (ISSTA 2014)
 
A Survey on Automatic Test Generation and Crash Reproduction
A Survey on Automatic Test Generation and Crash ReproductionA Survey on Automatic Test Generation and Crash Reproduction
A Survey on Automatic Test Generation and Crash Reproduction
 
Tensor board
Tensor boardTensor board
Tensor board
 
Time series classification
Time series classificationTime series classification
Time series classification
 

Similar to How We Get There: A Context-Guided Search Strategy in Concolic Testing (FSE 2014)

Benchmarking Elastic Cloud Big Data Services under SLA Constraints
Benchmarking Elastic Cloud Big Data Services under SLA ConstraintsBenchmarking Elastic Cloud Big Data Services under SLA Constraints
Benchmarking Elastic Cloud Big Data Services under SLA ConstraintsNicolas Poggi
 
Stephan berg track f
Stephan berg track fStephan berg track f
Stephan berg track fAlona Gradman
 
Demystifying Garbage Collection in Java
Demystifying Garbage Collection in JavaDemystifying Garbage Collection in Java
Demystifying Garbage Collection in JavaIgor Braga
 
150807 Fast R-CNN
150807 Fast R-CNN150807 Fast R-CNN
150807 Fast R-CNNJunho Cho
 
Training CNNs with Selective Allocation of Channels (ICML 2019)
Training CNNs with Selective Allocation of Channels (ICML 2019)Training CNNs with Selective Allocation of Channels (ICML 2019)
Training CNNs with Selective Allocation of Channels (ICML 2019)Jongheon Jeong
 
Request-Oriented Durable Write Caching for Application Performance (USENIX AT...
Request-Oriented Durable Write Caching for Application Performance (USENIX AT...Request-Oriented Durable Write Caching for Application Performance (USENIX AT...
Request-Oriented Durable Write Caching for Application Performance (USENIX AT...Sangwook Kim
 
Optimization of Resource Provisioning Cost in Cloud Computing
Optimization of Resource Provisioning Cost in Cloud ComputingOptimization of Resource Provisioning Cost in Cloud Computing
Optimization of Resource Provisioning Cost in Cloud ComputingAswin Kalarickal
 
Elasticsearch Sharding Strategy at Tubular Labs
Elasticsearch Sharding Strategy at Tubular LabsElasticsearch Sharding Strategy at Tubular Labs
Elasticsearch Sharding Strategy at Tubular LabsTubular Labs
 
Constraint Programming in Compiler Optimization: Lessons Learned
Constraint Programming in Compiler Optimization: Lessons LearnedConstraint Programming in Compiler Optimization: Lessons Learned
Constraint Programming in Compiler Optimization: Lessons LearnedPeter van Beek
 
Using Modular Topologies in Kafka Streams to scale ksqlDB’s persistent querie...
Using Modular Topologies in Kafka Streams to scale ksqlDB’s persistent querie...Using Modular Topologies in Kafka Streams to scale ksqlDB’s persistent querie...
Using Modular Topologies in Kafka Streams to scale ksqlDB’s persistent querie...HostedbyConfluent
 
Two strategies for large-scale multi-label classification on the YouTube-8M d...
Two strategies for large-scale multi-label classification on the YouTube-8M d...Two strategies for large-scale multi-label classification on the YouTube-8M d...
Two strategies for large-scale multi-label classification on the YouTube-8M d...Dalei Li
 
Week5-Faster R-CNN.pptx
Week5-Faster R-CNN.pptxWeek5-Faster R-CNN.pptx
Week5-Faster R-CNN.pptxfahmi324663
 
Siddhi kadam, MTech dissertation
Siddhi kadam, MTech dissertationSiddhi kadam, MTech dissertation
Siddhi kadam, MTech dissertationSiddhiKadam10
 
Faster R-CNN - PR012
Faster R-CNN - PR012Faster R-CNN - PR012
Faster R-CNN - PR012Jinwon Lee
 
Performance Analysis of Lattice QCD with APGAS Programming Model
Performance Analysis of Lattice QCD with APGAS Programming ModelPerformance Analysis of Lattice QCD with APGAS Programming Model
Performance Analysis of Lattice QCD with APGAS Programming ModelKoichi Shirahata
 
Scikit-Learn: Machine Learning in Python
Scikit-Learn: Machine Learning in PythonScikit-Learn: Machine Learning in Python
Scikit-Learn: Machine Learning in PythonMicrosoft
 

Similar to How We Get There: A Context-Guided Search Strategy in Concolic Testing (FSE 2014) (20)

Benchmarking Elastic Cloud Big Data Services under SLA Constraints
Benchmarking Elastic Cloud Big Data Services under SLA ConstraintsBenchmarking Elastic Cloud Big Data Services under SLA Constraints
Benchmarking Elastic Cloud Big Data Services under SLA Constraints
 
Stephan berg track f
Stephan berg track fStephan berg track f
Stephan berg track f
 
Deep Learning Initiative @ NECSTLab
Deep Learning Initiative @ NECSTLabDeep Learning Initiative @ NECSTLab
Deep Learning Initiative @ NECSTLab
 
Demystifying Garbage Collection in Java
Demystifying Garbage Collection in JavaDemystifying Garbage Collection in Java
Demystifying Garbage Collection in Java
 
150807 Fast R-CNN
150807 Fast R-CNN150807 Fast R-CNN
150807 Fast R-CNN
 
Preso-v0.1
Preso-v0.1Preso-v0.1
Preso-v0.1
 
Callgraph analysis
Callgraph analysisCallgraph analysis
Callgraph analysis
 
NTCIR15WWW3overview
NTCIR15WWW3overviewNTCIR15WWW3overview
NTCIR15WWW3overview
 
Training CNNs with Selective Allocation of Channels (ICML 2019)
Training CNNs with Selective Allocation of Channels (ICML 2019)Training CNNs with Selective Allocation of Channels (ICML 2019)
Training CNNs with Selective Allocation of Channels (ICML 2019)
 
Request-Oriented Durable Write Caching for Application Performance (USENIX AT...
Request-Oriented Durable Write Caching for Application Performance (USENIX AT...Request-Oriented Durable Write Caching for Application Performance (USENIX AT...
Request-Oriented Durable Write Caching for Application Performance (USENIX AT...
 
Optimization of Resource Provisioning Cost in Cloud Computing
Optimization of Resource Provisioning Cost in Cloud ComputingOptimization of Resource Provisioning Cost in Cloud Computing
Optimization of Resource Provisioning Cost in Cloud Computing
 
Elasticsearch Sharding Strategy at Tubular Labs
Elasticsearch Sharding Strategy at Tubular LabsElasticsearch Sharding Strategy at Tubular Labs
Elasticsearch Sharding Strategy at Tubular Labs
 
Constraint Programming in Compiler Optimization: Lessons Learned
Constraint Programming in Compiler Optimization: Lessons LearnedConstraint Programming in Compiler Optimization: Lessons Learned
Constraint Programming in Compiler Optimization: Lessons Learned
 
Using Modular Topologies in Kafka Streams to scale ksqlDB’s persistent querie...
Using Modular Topologies in Kafka Streams to scale ksqlDB’s persistent querie...Using Modular Topologies in Kafka Streams to scale ksqlDB’s persistent querie...
Using Modular Topologies in Kafka Streams to scale ksqlDB’s persistent querie...
 
Two strategies for large-scale multi-label classification on the YouTube-8M d...
Two strategies for large-scale multi-label classification on the YouTube-8M d...Two strategies for large-scale multi-label classification on the YouTube-8M d...
Two strategies for large-scale multi-label classification on the YouTube-8M d...
 
Week5-Faster R-CNN.pptx
Week5-Faster R-CNN.pptxWeek5-Faster R-CNN.pptx
Week5-Faster R-CNN.pptx
 
Siddhi kadam, MTech dissertation
Siddhi kadam, MTech dissertationSiddhi kadam, MTech dissertation
Siddhi kadam, MTech dissertation
 
Faster R-CNN - PR012
Faster R-CNN - PR012Faster R-CNN - PR012
Faster R-CNN - PR012
 
Performance Analysis of Lattice QCD with APGAS Programming Model
Performance Analysis of Lattice QCD with APGAS Programming ModelPerformance Analysis of Lattice QCD with APGAS Programming Model
Performance Analysis of Lattice QCD with APGAS Programming Model
 
Scikit-Learn: Machine Learning in Python
Scikit-Learn: Machine Learning in PythonScikit-Learn: Machine Learning in Python
Scikit-Learn: Machine Learning in Python
 

More from Sung Kim

DeepAM: Migrate APIs with Multi-modal Sequence to Sequence Learning
DeepAM: Migrate APIs with Multi-modal Sequence to Sequence LearningDeepAM: Migrate APIs with Multi-modal Sequence to Sequence Learning
DeepAM: Migrate APIs with Multi-modal Sequence to Sequence LearningSung Kim
 
MSR2014 opening
MSR2014 openingMSR2014 opening
MSR2014 openingSung Kim
 
Defect, defect, defect: PROMISE 2012 Keynote
Defect, defect, defect: PROMISE 2012 Keynote Defect, defect, defect: PROMISE 2012 Keynote
Defect, defect, defect: PROMISE 2012 Keynote Sung Kim
 
Predicting Recurring Crash Stacks (ASE 2012)
Predicting Recurring Crash Stacks (ASE 2012)Predicting Recurring Crash Stacks (ASE 2012)
Predicting Recurring Crash Stacks (ASE 2012)Sung Kim
 
Puzzle-Based Automatic Testing: Bringing Humans Into the Loop by Solving Puzz...
Puzzle-Based Automatic Testing: Bringing Humans Into the Loop by Solving Puzz...Puzzle-Based Automatic Testing: Bringing Humans Into the Loop by Solving Puzz...
Puzzle-Based Automatic Testing: Bringing Humans Into the Loop by Solving Puzz...Sung Kim
 
Software Development Meets the Wisdom of Crowds
Software Development Meets the Wisdom of CrowdsSoftware Development Meets the Wisdom of Crowds
Software Development Meets the Wisdom of CrowdsSung Kim
 
BugTriage with Bug Tossing Graphs (ESEC/FSE 2009)
BugTriage with Bug Tossing Graphs (ESEC/FSE 2009)BugTriage with Bug Tossing Graphs (ESEC/FSE 2009)
BugTriage with Bug Tossing Graphs (ESEC/FSE 2009)Sung Kim
 
Self-defending software: Automatically patching errors in deployed software ...
Self-defending software: Automatically patching errors in deployed software ...Self-defending software: Automatically patching errors in deployed software ...
Self-defending software: Automatically patching errors in deployed software ...Sung Kim
 
ReCrash: Making crashes reproducible by preserving object states (ECOOP 2008)
ReCrash: Making crashes reproducible by preserving object states (ECOOP 2008)ReCrash: Making crashes reproducible by preserving object states (ECOOP 2008)
ReCrash: Making crashes reproducible by preserving object states (ECOOP 2008)Sung Kim
 

More from Sung Kim (9)

DeepAM: Migrate APIs with Multi-modal Sequence to Sequence Learning
DeepAM: Migrate APIs with Multi-modal Sequence to Sequence LearningDeepAM: Migrate APIs with Multi-modal Sequence to Sequence Learning
DeepAM: Migrate APIs with Multi-modal Sequence to Sequence Learning
 
MSR2014 opening
MSR2014 openingMSR2014 opening
MSR2014 opening
 
Defect, defect, defect: PROMISE 2012 Keynote
Defect, defect, defect: PROMISE 2012 Keynote Defect, defect, defect: PROMISE 2012 Keynote
Defect, defect, defect: PROMISE 2012 Keynote
 
Predicting Recurring Crash Stacks (ASE 2012)
Predicting Recurring Crash Stacks (ASE 2012)Predicting Recurring Crash Stacks (ASE 2012)
Predicting Recurring Crash Stacks (ASE 2012)
 
Puzzle-Based Automatic Testing: Bringing Humans Into the Loop by Solving Puzz...
Puzzle-Based Automatic Testing: Bringing Humans Into the Loop by Solving Puzz...Puzzle-Based Automatic Testing: Bringing Humans Into the Loop by Solving Puzz...
Puzzle-Based Automatic Testing: Bringing Humans Into the Loop by Solving Puzz...
 
Software Development Meets the Wisdom of Crowds
Software Development Meets the Wisdom of CrowdsSoftware Development Meets the Wisdom of Crowds
Software Development Meets the Wisdom of Crowds
 
BugTriage with Bug Tossing Graphs (ESEC/FSE 2009)
BugTriage with Bug Tossing Graphs (ESEC/FSE 2009)BugTriage with Bug Tossing Graphs (ESEC/FSE 2009)
BugTriage with Bug Tossing Graphs (ESEC/FSE 2009)
 
Self-defending software: Automatically patching errors in deployed software ...
Self-defending software: Automatically patching errors in deployed software ...Self-defending software: Automatically patching errors in deployed software ...
Self-defending software: Automatically patching errors in deployed software ...
 
ReCrash: Making crashes reproducible by preserving object states (ECOOP 2008)
ReCrash: Making crashes reproducible by preserving object states (ECOOP 2008)ReCrash: Making crashes reproducible by preserving object states (ECOOP 2008)
ReCrash: Making crashes reproducible by preserving object states (ECOOP 2008)
 

Recently uploaded

Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfCionsystems
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendArshad QA
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 

Recently uploaded (20)

Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdf
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and Backend
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 

How We Get There: A Context-Guided Search Strategy in Concolic Testing (FSE 2014)

  • 1. How We Get There: A Context-Guided Search Strategy in Concolic Testing Hyunmin Seo and Sunghun Kim The Hong Kong University of Science and Technology Nov. 19 2014 FSE, Hong Kong
  • 2. Concolic Testing 2 푝푐1 푝푐2 푝푐3 푝푐4 휋1 푰ퟏ b9 푃퐶 = 푝푐1⋀푝푐2⋀푝푐3⋀푝푐4⋀… 푃퐶′ = 푝푐1⋀푝푐2⋀¬푝푐3 푰ퟑ 휋2 휋1 휋3 b1 b2 b3 b4 푰ퟐ ⟹ Execution Tree 푰ퟐ b1 b2 b9 b10 휋2 휋1
  • 3. Path Explosion Challenge • Exponentially many execution paths 3 4 conditional nodes 16 (24) execution paths
  • 4. Path Explosion Challenge • grep – text search utility • 19K LOC • Statically - 4K branches in CFG • Dynamically - 8K branches in an execution path 4 *CFG of re_match_2_internal in grep
  • 5. Search Strategy • Given a limited testing budget, select high-priority branches first to improve coverage fast 5 • Run 푷 with a concrete input 푰 • Execution path 흅 = 풃ퟏ풃ퟐ풃ퟑ … • Select a branch 풃풊 • Generate 푰′ for 흅′ = 풃ퟏ풃ퟐ풃ퟑ…풃 풊 • By symbolic execution and constraint solving Repeat
  • 6. Existing Search Strategies 6 DFS BFS Random
  • 7. Coverage-Optimized Strategies 7 • CFG – How far is any uncovered branch from this? • CarFast – How many can be covered by this? • Generational – How many are actually covered by this?
  • 8. Context-Guided Search Considers context of a branch and selects a branch in the new context 8
  • 9. Intuition behind CGS Explore diverse state of P by avoiding exploring the same state - “same” in the limited context 9
  • 10. CGS Example 10 b7 b8 b7 b7 b7 b7 휋1 휋2 휋3 휋4 b5 b6
  • 11. CGS Example b6 b6 b6 b5 11 b5 b6 b7 b8 b7 b7 b7 b7 휋1 휋2 휋3 휋4 SELECT SKIP SKIP SELECT
  • 12. Context •k-Context of branch b • A sequence of k preceding branches of b in an execution path • Example • 3-Context of b6 : (b6, b4, b1) 12 b2 b4 b6 π1 b1 b3 b5
  • 13. Optimal k • 1-Context • Select each branch only once • ∞-Context • Select all branches • Optimal k for the best coverage depends on • Testing budget • Characteristic of the subjects 13
  • 14. Incremental Search 14 BFS traversal 1-context 2-context 3-context
  • 15. Dominators if every path from the entry node to node n must go through node d 15 Node d dominates node n, Dom(b11) {b9, b7, b5, b3} 2-Context of b11 along 흅ퟏ= (b11, b9) 2-Context of b11 along 흅ퟐ= (b11, b9) 2-Context of b11 along 흅ퟏ= (b11, b1) 2-Context of b11 along 흅ퟐ= (b11, b2) b1 b2 b3 b5 b7 b9 b11 b4 b6 b8 b10 b12 π1 π2
  • 16. Research Questions • RQ1 – Given the same testing budget, how many branches can be covered? • RQ2 – Given a target coverage goal, how many iterations are required to achieve the goal? • RQ3 – What is the effect of dominators and incremental k? • RQ4 – How different are the covered branch sets by different strategies? 16
  • 17. Evaluation Subjects 17 Subject Testing Tool Language LOC grep CREST C 19K replace CREST C 0.5K expat CREST C 18K cdaudio CREST C 2K floppy CREST C 1.5K kbfiltr CREST C 1K tp300 CarFastTool Java 0.3K tp600 CarFastTool Java 0.6K tp1k CarFastTool Java 1.5K tp2k CarFastTool Java 2.4K tp5k CarFastTool Java 5.8K tp10k CarFastTool Java 28K
  • 18. 18 RQ1-Coverage – C Subjects
  • 19. 19 RQ1-Coverage – C Subjects
  • 20. RQ1-Coverage - Java Subjects 20 350 300 250 200 150 100 tp600 0 500 1000 1500 Number of branches covered Iterations CGS CarFast
  • 21. RQ2 – Reaching the Target (C Subjects) 21
  • 22. RQ2 – Reaching the Target (Java Subjects) 22
  • 23. RQ3 - Effect of Dominators 23
  • 24. RQ3 - Effect of Incremental Search 24
  • 25. RQ4 - Comparison of Covered Branch Sets CovCGS - A set of branches covered by CGS CovOthers - A set of branches covered by other strategies CovOthers ≤ |CovCGS| Cov CovCGS Others 25 CovCGS CovOthers
  • 26. RQ4 - Comparison of Covered Branch Sets 26 CovCGS CovOthers replace, cdaudio, floppy, kbfiltr Tp300, tp600, tp1k, tp2k CovOthers ⊆ |CovCGS| grep CovOthers − CovCGS |CovCGS| = 0.1 ~ 3% Cov CovCGS CFG 61 1606 383
  • 27. Threats to Validity • Precision in Symbolic Execution • Non-linear expression, Floating-Point operations, Symbolic pointer dereferencing • Input vector • Size of input, Optional arguments • External Validity • Test subjects and strategies might not be representative 27
  • 28. Summary • Path explosion challenge in Concolic testing • Search strategies prioritizes branches according to some criteria • CGS • Selects branches in the new context • Use dominators to exclude irrelevant branches • BFS search + incrementally increase of the size of context • Evaluation on six C and six Java subjects • Achieved the highest coverage on all twelve subjects • Reached the target much faster on most subjects 28
  • 30. Coverage for C Subjects 30
  • 31. Coverage for Java Subjects 31 Mann-Whitney U test P-value < 0.01
  • 32. Related Work • Pruning Redundant Path • RWset [Cristian ‘08] • Interpolation [Jaffar ’13] • Function Summary • Compositional [Godefroid ‘07, ‘10] • Demand-driven compositional [Anand ‘08] • Others • Fitness-guided approach [Xie ’09], Sub-path guided [Li ‘13] • Hybrid [Majumdar ‘07] 32