Uploaded byknowdiff
PPTX, PDF492 views

Amin Milani Fard: Directed Model Inference for Testing and Analysis of Web Applications

The document discusses automated testing techniques for web applications. It proposes feedback-directed exploration to generate test models more effectively than exhaustive crawling. It also leverages existing manual tests to generate new automated tests by reusing inputs, assertions and exploring alternative paths. A technique called ConFix is presented to automatically generate DOM-based fixtures for unit tests by collecting constraints from code instrumentation. Finally, the document discusses detecting prevalent JavaScript code smells like lazy objects to support automated refactoring.

Embed presentation

Download to read offline
Amin Milani Fard Directed Model Inference for Testing and Analysis of Web Applications University of British Columbia Oct 2015 http://www.knowdiff.net/
Modern Web Applications 2
3
4
Manual Testing and Maintenance 5 Incomplete
6 Test Model Generation Test Case Generation Unit Test Fixture Generation Code Maintenance
P1. Test Model Generation • In model-based testing, models of program behaviour are used to generate test cases. • Dynamic analysis and exploration (crawling) derives test models for many automated testing techniques. 7
Most industrial web applications have a huge state-space. Exhaustive crawling (BFS, DFS, or random search), can cause the state explosion problem. Given a limited time, exhaustive crawlers can become mired in specific parts of the application, yielding poor coverage. 8
Covering the whole app is infeasible in a limited time, so … RQ1. How can we derive test models for web applications more effectively compared to exhaustive exploration methods? 9
Amin Milani Fard, Ali Mesbah Feedback-Directed Exploration of Web Applications to Derive Test Models 24th IEEE International Symposium on Software Reliability Engineering (ISSRE), 2013
Test Model Generation We consider 4 properties for a test model: • Functionality Coverage: The amount of code coverage • Navigational Coverage: The amount of covering different navigational branches • Page Structural Coverage: The amount of covering heterogeneous DOM structures • Size: The number of edges in the SFG How can we infer a model satisfying all these? 11
Feedback-directed Exploration • FeedEx uses the feedback obtained to predict (1) which states should be expanded next (2) in which order events should be executed • Repeat until a time/state limit • Take the crawler to state s with highest state score • Execute the fittest event on s based on event score 12
State score is a combination of • Code Coverage Impact: The amount of code coverage increase • Path Diversity: The diversity (not sharing) of two paths • DOM Diversity: The diversity (dissimilarity) of two DOM trees Event Score • Event Productivity Ratio: Unexecuted events first. Penalize events that result in an already discovered state, e.g. self- loops. 13
Evaluation and Results • Objects: 6 open-source JavaScript web apps • Fixed time: 5 minutes, no limitations on: depth, number of states 17 0% 12% 24% 36% 48% 60% Coverage 0 0 0 0 0 DOM Diversity 0 0 0 0 1 Path Diversity 0 150 300 450 600 750 Test Model Size Test Suite Size DFS BFS RND FeedEx 10-28% imp 7-4000% imp 23-130% imp 38-86% imp 42-61% imp
18 DOM-based Testing
19
Crawling automates testing by exploring more states, but is limited in: • Proper input values • Choosing paths to explore • Generating effective assertions RQ2. Can we utilize the knowledge in existing tests to generate new tests? 20 P2. Test Case Generation
Amin Milani Fard, Mehdi Mirzaaghaei, Ali Mesbah Leveraging Existing Tests in Automated Test Generation for Web Applications 29th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2014
Combining Manual and Automated Tests - Input data and sequence - DOM elements to be asserted 23 - Automated crawling - Automated test case generation
24 Generated test cases Testilizer idea Extended State-Flow Graph Initial State-Flow Graph Human-written test cases
Exploring Alternative Paths 25 • Remain close to the manual-test paths Initial State-Flow Graph Extended State-Flow Graph
Regenerating Assertions 27 (1) Reusing the same assertion (2) Regenerating assertions for exact DOM element/region match (3) Generating assertions for similar DOM region match
Assertion Reuse An assertion on a shared state can be reused for a new test case. 28
Assertion Regeneration Repetition-based assertion regeneration 1. exact element-based assertions 2. exact region-based assertions 29 Checked Element Checked Element Region
Generating Similar Region Assertions Inexact element/region repetition of a checked element/region can also be important for testing. A classification problem: • Is a block level DOM element important to be checked by an assertion? 30 <div id="header"> <div id="nav"> <div id="footer"> <div id="article"> <div id="sidebar" ><div id="section"> <div id="header"> <div id="nav"> <div id="footer"> <span id="main"> <span id="menu e"> <span id="content">
33 • 150% imp over the original test suite • 170% imp over the random assertion (RND) & exploration (RAND) • 37% imp over the random assertion (RND) While code coverage was not our main goal • 30% imp over the original test suite • 18% imp over the random exploration 0% 7% 13% 20% 26% 33% Fault Detection Rate ORIG RAND + RND EXND + RND Testilizer Evaluation and Results
P3. Unit Test Fixture Generation If an expected DOM element (test fixture) is not present, a JavaScript unit test may throw an exception or produce an incorrect result. 36 Test fixtures define states of the test environment before the test.
38
Proper DOM-based fixtures are required to achieve high coverage. RQ3. How can we automate fixture generation for unit testing? Challenges (1) DOM-related variables (2) Hierarchical DOM relations 40
Amin Milani Fard, Ali Mesbah, Eric Wohlstadter Generating Fixtures for JavaScript Unit Testing 30th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2015
Apply the new fixture on DOM Unit Test 42 ConFix idea Instrument the code Instrumented Code JavaScript Code + Function under test (FUT) Solve constraints and generate a fixture Collect exec trace and deduce DOM- based constraints Execute the FUT
Instrumentation trace = []; function confixWrapper(statementType, statement, varList, varValueList, enclosingFunction, actualStatement) { trace.push({statementType: statementType, statement: statement, varList: varList, varValueList: varValueList, enclosingFunction: enclosingFunction, actualStatement: actualStatement}); return actualStatement; } function getConfixTrace() { return trace; } function dg(x) { return confixWrapper("return", "return confixWrapper("functionCall", "document.getElementById(x)", ["x"], [x], "dg", document.getElementById(x));", [""], [], "dg", confixWrapper("functionCall", "document.getElementById(x)", ["x"], [x], "dg", document.getElementById(x))); } function sumTotalPrice() { sum = confixWrapper("infix", "sum = 0", [""], [], "sumTotalPrice", 0); itemList = confixWrapper("infix", "itemList = confixWrapper("functionCall", "dg('items')", ["items"], ['items'], "sumTotalPrice", dg('items'))", [""], [], "sumTotalPrice", confixWrapper("functionCall", "dg('items')", ["items"], ['items'], "sumTotalPrice", dg('items'))); if (confixWrapper("condition", "itemList.children.length === 0", [""], [], "sumTotalPrice", itemList.children.length === 0)) confixWrapper("functionCall", "dg('message')", ["message"], ['message'], "sumTotalPrice", dg('message')).innerHTML = confixWrapper("infix", "confixWrapper("functionCall", "dg('message')", ["message"], ['message'], "sumTotalPrice", dg('message')).innerHTML = "Item list is empty!"", [""], [], "sumTotalPrice", "Item list is empty!"); else { for (i = confixWrapper("infix", "i = 0", [""], [], "sumTotalPrice", 0); confixWrapper("loopCondition", "i < itemList.children.length", ["i", "itemList"], [i, itemList], "sumTotalPrice", i < itemList.children.length); i++) { p = confixWrapper("infix", "p = itemList.children[i].value", ["itemList.children[i]"], [itemList.children[i]], "sumTotalPrice", itemList.children[i].value); if (confixWrapper("condition", "p > 0", [""], [], "sumTotalPrice", p > 0)) sum += p; else confixWrapper("functionCall", "dg('message')", ["message"], ['message'], "sumTotalPrice", dg('message')).innerHTML += " Wrong value for item " + i; } confixWrapper("functionCall", "dg('total')", ["total"], ['total'], "sumTotalPrice", dg('total')).value = confixWrapper("infix", "confixWrapper("functionCall", "dg('total')", ["total"], ['total'], "sumTotalPrice", dg('total')).value = sum", [""], [], "sumTotalPrice", sum); } 44
45 (1) Extract DOM-based Constraints (2) Transform them into XPath (3) Solve it using an available XML XPath solver
46
47 Evaluation and Result • Up to 67% imp in statement coverage • Up to 300% imp in branch coverage
P4. Code Maintenance • JavaScript is challenging to maintain. • Code smells adversely influence program comprehension and maintainability. • Code smells detection is time consuming. 49 RQ4. Which JavaScript code smells are prevalent in practice and how can we support automated code refactoring?
Amin Milani Fard, Ali Mesbah JSNose: Detecting JavaScript Code Smells 13th IEEE International Conference on Source Code Analysis and Manipulation (SCAM), 2013
JavaScript Code Smell Detection 51 Static and dynamic code analysis is used to monitor and infer information about objects, functions, and code blocks.
54 Evaluation and Results • Evaluated 11 JavaScript/Ajax web applications. • Effective code smells detection (93% precision, 98% recall) • Lazy object, long method/function, closure smells, JS/HTML/CSS coupling, and excessive global variables, are the most prevalent smells. • Strong, and significant +correlation between {LOC, # functions, # JS files, and CC} and the types of smells, and weaker correlation with the # smell instances.
55 Some topics to work on • Applying learned tests on similar applications • Generating unit tests based on client-side code similarity and DOM-based tests based on DOM sate similarity • JavaScript code refactoring • Suggesting and applying refactoring for code smells • Understanding test failures and root causes • Generating integrated tests using existing unit tests
56 Test Model Generation Test Case Generation Unit Test Fixture Generation Code Maintenance

More Related Content

PPTX
Leveraging Existing Tests in Automated Test Generation for Web Applications
bySALT Lab @ UBC
 
PDF
Search-Based Robustness Testing of Data Processing Systems
byLionel Briand
 
PPT
Ppt Qtp
byrosaleenm
 
PPTX
A Closer Look at Real-World Patches
byDongsun Kim
 
PDF
Testing Dynamic Behavior in Executable Software Models - Making Cyber-physica...
byLionel Briand
 
PPTX
The relationship between test and production code quality (@ SIG)
byMaurício Aniche
 
PPTX
Mobilesoft 2017 Keynote
byAbhik Roychoudhury
 
PDF
Effective Test Suites for ! Mixed Discrete-Continuous Stateflow Controllers
byLionel Briand
 
Leveraging Existing Tests in Automated Test Generation for Web Applications
bySALT Lab @ UBC
 
Search-Based Robustness Testing of Data Processing Systems
byLionel Briand
 
Ppt Qtp
byrosaleenm
 
A Closer Look at Real-World Patches
byDongsun Kim
 
Testing Dynamic Behavior in Executable Software Models - Making Cyber-physica...
byLionel Briand
 
The relationship between test and production code quality (@ SIG)
byMaurício Aniche
 
Mobilesoft 2017 Keynote
byAbhik Roychoudhury
 
Effective Test Suites for ! Mixed Discrete-Continuous Stateflow Controllers
byLionel Briand
 

What's hot

PDF
Software testing lab manual
byTanzeem Syed
 
PPT
First QTP Tutorial
bytjdhans
 
PPTX
Automated Program Repair Keynote talk
byAbhik Roychoudhury
 
PDF
Towards a Better Understanding of the Impact of Experimental Components on De...
byChakkrit (Kla) Tantithamthavorn
 
PPTX
QTP Power Point Presentation
bySVRTechnologies
 
PDF
Java Unit Testing Tool Competition — Fifth Round
byAnnibale Panichella
 
PPTX
TBar: Revisiting Template-based Automated Program Repair
byDongsun Kim
 
PDF
Multi-Objective Cross-Project Defect Prediction
bySebastiano Panichella
 
PPT
Qtp 9.5 Tutorials by www.onsoftwaretest.com
byonsoftwaretest
 
PDF
Known XML Vulnerabilities Are Still a Threat to Popular Parsers ! & Open Sour...
byLionel Briand
 
PDF
What is UFT? HP's unified functional testing.
byConfiz
 
PPT
QTP Slides Presentation.
bytjdhans
 
PPT
Hp Quick Test Professional
bysunny.deb
 
PPTX
Unit tests and TDD
byRoman Okolovich
 
PDF
Impact of Tool Support in Patch Construction
byDongsun Kim
 
PPTX
How We Get There: A Context-Guided Search Strategy in Concolic Testing (FSE 2...
bySung Kim
 
PPTX
LSRepair: Live Search of Fix Ingredients for Automated Program Repair
byDongsun Kim
 
PDF
Automock: Interaction-Based Mock Code Generation
bySabrina Souto
 
PPTX
10 software testing_technique
byUniversity of Computer Science and Technology
 
DOC
Interview questions in qtp
byRamu Palanki
 
Software testing lab manual
byTanzeem Syed
 
First QTP Tutorial
bytjdhans
 
Automated Program Repair Keynote talk
byAbhik Roychoudhury
 
Towards a Better Understanding of the Impact of Experimental Components on De...
byChakkrit (Kla) Tantithamthavorn
 
QTP Power Point Presentation
bySVRTechnologies
 
Java Unit Testing Tool Competition — Fifth Round
byAnnibale Panichella
 
TBar: Revisiting Template-based Automated Program Repair
byDongsun Kim
 
Multi-Objective Cross-Project Defect Prediction
bySebastiano Panichella
 
Qtp 9.5 Tutorials by www.onsoftwaretest.com
byonsoftwaretest
 
Known XML Vulnerabilities Are Still a Threat to Popular Parsers ! & Open Sour...
byLionel Briand
 
What is UFT? HP's unified functional testing.
byConfiz
 
QTP Slides Presentation.
bytjdhans
 
Hp Quick Test Professional
bysunny.deb
 
Unit tests and TDD
byRoman Okolovich
 
Impact of Tool Support in Patch Construction
byDongsun Kim
 
How We Get There: A Context-Guided Search Strategy in Concolic Testing (FSE 2...
bySung Kim
 
LSRepair: Live Search of Fix Ingredients for Automated Program Repair
byDongsun Kim
 
Automock: Interaction-Based Mock Code Generation
bySabrina Souto
 
10 software testing_technique
byUniversity of Computer Science and Technology
 
Interview questions in qtp
byRamu Palanki
 

Viewers also liked

PDF
DOM-based Test Adequacy Criteria for Web Applications
bySALT Lab @ UBC
 
PPTX
Dompletion: DOM-Aware JavaScript Code Completion
bySALT Lab @ UBC
 
PDF
Understanding JavaScript Event-based Interactions
bySALT Lab @ UBC
 
PDF
Mining Questions Asked by Web Developers
bySALT Lab @ UBC
 
PDF
DWTT Quiet Achiever of the Year 2015
byAlfredo Jr. Hurtado
 
PPTX
Hidden-Web Induced by Client-Side Scripting: An Empirical Study
bySALT Lab @ UBC
 
PPT
The Engineering World Of Thermoplastic Piping
byblenrayaust
 
PPTX
Modal Analysis
byvaibhavd85
 
PDF
6. Thermal behaviour (heat exchange in buildings)
byRohit Kumar
 
PPT
ISTQB / ISEB Foundation Exam Practice - 4
byYogindernath Gupta
 
PPT
ISTQB / ISEB Foundation Exam Practice - 5
byYogindernath Gupta
 
PPTX
Fracture Mechanics & Failure Analysis: Griffith theory of brittle fracture
byNED University of Engineering and Technology
 
PDF
3. Principles of thermal design
byRohit Kumar
 
PPTX
Fracture Mechanics & Failure Analysis: Lecture Fatigue
byNED University of Engineering and Technology
 
PPT
DIFFERENTIAL THERMAL ANALYSIS (DTA), ppt
byshaisejacob
 
PPTX
Difference between code, standard & Specification
byVarun Patel
 
PPTX
Fatigue testing
byBIPIN KUMAR MISHRA
 
PPT
Thermal analysis
byProf. Dr. Basavaraj Nanjwade
 
PDF
Thermogravimetry Analysis (TGA)
byKalsoom Mohammed
 
PPTX
Differential thermal analysis & Differential Scanning Calorimetry
bysamira mohammadpour
 
DOM-based Test Adequacy Criteria for Web Applications
bySALT Lab @ UBC
 
Dompletion: DOM-Aware JavaScript Code Completion
bySALT Lab @ UBC
 
Understanding JavaScript Event-based Interactions
bySALT Lab @ UBC
 
Mining Questions Asked by Web Developers
bySALT Lab @ UBC
 
DWTT Quiet Achiever of the Year 2015
byAlfredo Jr. Hurtado
 
Hidden-Web Induced by Client-Side Scripting: An Empirical Study
bySALT Lab @ UBC
 
The Engineering World Of Thermoplastic Piping
byblenrayaust
 
Modal Analysis
byvaibhavd85
 
6. Thermal behaviour (heat exchange in buildings)
byRohit Kumar
 
ISTQB / ISEB Foundation Exam Practice - 4
byYogindernath Gupta
 
ISTQB / ISEB Foundation Exam Practice - 5
byYogindernath Gupta
 
Fracture Mechanics & Failure Analysis: Griffith theory of brittle fracture
byNED University of Engineering and Technology
 
3. Principles of thermal design
byRohit Kumar
 
Fracture Mechanics & Failure Analysis: Lecture Fatigue
byNED University of Engineering and Technology
 
DIFFERENTIAL THERMAL ANALYSIS (DTA), ppt
byshaisejacob
 
Difference between code, standard & Specification
byVarun Patel
 
Fatigue testing
byBIPIN KUMAR MISHRA
 
Thermal analysis
byProf. Dr. Basavaraj Nanjwade
 
Thermogravimetry Analysis (TGA)
byKalsoom Mohammed
 
Differential thermal analysis & Differential Scanning Calorimetry
bysamira mohammadpour
 

Similar to Amin Milani Fard: Directed Model Inference for Testing and Analysis of Web Applications

PDF
JAVASCRIPT TDD(Test driven Development) & Qunit Tutorial
byAnup Singh
 
PDF
Surviving javascript.pptx
byTamas Rev
 
PPTX
TDD and the Legacy Code Black Hole
byNoam Kfir
 
PDF
Don't let your tests slow you down
byDaniel Irvine
 
PDF
JAVASCRIPT Test Driven Development & Jasmine
byAnup Singh
 
PDF
The DOM is a Mess @ Yahoo
byjeresig
 
PDF
Finding Bugs, Fixing Bugs, Preventing Bugs — Exploiting Automated Tests to In...
byUniversity of Antwerp
 
PPTX
MidwestJS Zero to Testing
bypamselle
 
PDF
Intro to JavaScript Testing
byRan Mizrahi
 
PDF
JavaScript Test-Driven Development with Jasmine 2.0 and Karma
byChristopher Bartling
 
PPTX
Unit Testing and TDD 2017
byXavi Hidalgo
 
PPTX
L2624 labriola
bymichael.labriola
 
PDF
AN ENVIRONMENT FOR NON-DUPLICATE TEST GENERATION FOR WEB BASED APPLICATION
byecij
 
PDF
JavaScript TDD with Jasmine and Karma
byChristopher Bartling
 
PPT
Software Engineering XUnit Testing and Patterns
bysanjayflute007
 
PPTX
An easy way to automate complex UI
byIvan Pashko
 
KEY
Testing smells
bySidu Ponnappa
 
PDF
Intro To JavaScript Unit Testing - Ran Mizrahi
byRan Mizrahi
 
ODP
Writing useful automated tests for the single page applications you build
byAndrei Sebastian Cîmpean
 
PDF
Testing Strategies for Node.pdf
byinfowindtech
 
JAVASCRIPT TDD(Test driven Development) & Qunit Tutorial
byAnup Singh
 
Surviving javascript.pptx
byTamas Rev
 
TDD and the Legacy Code Black Hole
byNoam Kfir
 
Don't let your tests slow you down
byDaniel Irvine
 
JAVASCRIPT Test Driven Development & Jasmine
byAnup Singh
 
The DOM is a Mess @ Yahoo
byjeresig
 
Finding Bugs, Fixing Bugs, Preventing Bugs — Exploiting Automated Tests to In...
byUniversity of Antwerp
 
MidwestJS Zero to Testing
bypamselle
 
Intro to JavaScript Testing
byRan Mizrahi
 
JavaScript Test-Driven Development with Jasmine 2.0 and Karma
byChristopher Bartling
 
Unit Testing and TDD 2017
byXavi Hidalgo
 
L2624 labriola
bymichael.labriola
 
AN ENVIRONMENT FOR NON-DUPLICATE TEST GENERATION FOR WEB BASED APPLICATION
byecij
 
JavaScript TDD with Jasmine and Karma
byChristopher Bartling
 
Software Engineering XUnit Testing and Patterns
bysanjayflute007
 
An easy way to automate complex UI
byIvan Pashko
 
Testing smells
bySidu Ponnappa
 
Intro To JavaScript Unit Testing - Ran Mizrahi
byRan Mizrahi
 
Writing useful automated tests for the single page applications you build
byAndrei Sebastian Cîmpean
 
Testing Strategies for Node.pdf
byinfowindtech
 

More from knowdiff

PPTX
Ut talk feb 2017
byknowdiff
 
PDF
Ali khalili: Towards an Open Linked Data-based Infrastructure for Studying Sc...
byknowdiff
 
PPT
Scheduling for cloud systems with multi level data locality
byknowdiff
 
PDF
Knowledge based economy and power of crowd sourcing
byknowdiff
 
PDF
Amin tayyebi: Big Data and Land Use Change Science
byknowdiff
 
PDF
Mehdi Rezagholizadeh: Image Sensor Modeling: Color Measurement at Low Light L...
byknowdiff
 
PDF
Sara Afshar: Scheduling and Resource Sharing in Multiprocessor Real-Time Systems
byknowdiff
 
PPTX
Seyed Mehdi mohaghegh: Modelling material use within the low carbon energy pa...
byknowdiff
 
PDF
Narjess Afzaly: Model Your Problem with Graphs and Generate your objects
byknowdiff
 
PDF
Computational methods applications in air pollution modeling (Dr. Yadghar)
byknowdiff
 
PDF
Somaz Kolahi : Functional Dependencies: Redundancy Analysis and Correcting Vi...
byknowdiff
 
PPT
Uncalibrated Image-Based Robotic Visual Servoing (knowdiff.net)
byknowdiff
 
PPT
Knowdiff visiting lecturer 140 (Azad Shademan): Uncalibrated Image-Based Robo...
byknowdiff
 
PPS
Mehran Shaghaghi: Quantum Mechanics Dilemmas
byknowdiff
 
PPT
Hossein Taghavi : Codes on Graphs
byknowdiff
 
PDF
Dr. Amir Nejat
byknowdiff
 
PDF
Alborz
byknowdiff
 
Ut talk feb 2017
byknowdiff
 
Ali khalili: Towards an Open Linked Data-based Infrastructure for Studying Sc...
byknowdiff
 
Scheduling for cloud systems with multi level data locality
byknowdiff
 
Knowledge based economy and power of crowd sourcing
byknowdiff
 
Amin tayyebi: Big Data and Land Use Change Science
byknowdiff
 
Mehdi Rezagholizadeh: Image Sensor Modeling: Color Measurement at Low Light L...
byknowdiff
 
Sara Afshar: Scheduling and Resource Sharing in Multiprocessor Real-Time Systems
byknowdiff
 
Seyed Mehdi mohaghegh: Modelling material use within the low carbon energy pa...
byknowdiff
 
Narjess Afzaly: Model Your Problem with Graphs and Generate your objects
byknowdiff
 
Computational methods applications in air pollution modeling (Dr. Yadghar)
byknowdiff
 
Somaz Kolahi : Functional Dependencies: Redundancy Analysis and Correcting Vi...
byknowdiff
 
Uncalibrated Image-Based Robotic Visual Servoing (knowdiff.net)
byknowdiff
 
Knowdiff visiting lecturer 140 (Azad Shademan): Uncalibrated Image-Based Robo...
byknowdiff
 
Mehran Shaghaghi: Quantum Mechanics Dilemmas
byknowdiff
 
Hossein Taghavi : Codes on Graphs
byknowdiff
 
Dr. Amir Nejat
byknowdiff
 
Alborz
byknowdiff
 

Recently uploaded

PDF
DSD-INT 2025 3D-modelling of salt intrusion into Germany’s busiest waterway -...
byDeltares
 
PDF
DSD-INT 2025 Advancing Urban Flood Modeling with Delft3D FM 1D2D - A Pilot St...
byDeltares
 
PDF
Data Integration with Salesforce Bootcamp
byDele Amefo
 
PDF
DSD-INT 2025 Timor-Leste Flood exposure and Climate Change assessment - Ogunwumi
byDeltares
 
PPTX
Boost Productivity the Smart Way with AI Automation Solutions
byEllocent Labs
 
PDF
Smarter Testing Safer Systems Balancing AI and Oversight in Regulated Environ...
byApplitools
 
PPTX
Building a RAG System for Customer Support - L1
byBogdan Mustata
 
PDF
DSD-INT 2025 Modernizing Hydrodynamics in Large Flood Forecasting System - Mi...
byDeltares
 
PPTX
Building AI agents in Java - Devoxx Belgium 2025
byJulien Dubois
 
PDF
Fundamental of Information Systems introduction.pdf
byYeabsraLakew
 
PDF
Custom Software Development Presentation.pdf
byssuser9c7131
 
PDF
DSD-INT 2025 Validation of SFINCS on Historical River Floods at the Global Sc...
byDeltares
 
PDF
DSD-INT 2025 Flood Early Warning System for the Trans-African Hydrometeorolog...
byDeltares
 
PPTX
The Sync Strikes Back: Tales from the MOPs Trenches
bybbedford2
 
PDF
How Device, OS, and Network Variability Affects App Experience - And How to T...
bykalichargn70th171
 
PPTX
Understanding-ROM-RAM-Cache-and-Buffer-Memory.pptx.pptx
bylata2850
 
PDF
DSD-INT 2025 Building-Aware Flood and Lifeline Scour Modeling with Delft3D FM...
byDeltares
 
PDF
SCORM Cloud: The 5 categories of content distribution
byRustici Software
 
PDF
DSD-INT 2025 Quantifying Flood Mitigation Strategies Under Sea Level Rise - H...
byDeltares
 
PPTX
CRM Development Company | Custom CRM Development Services
byyugababu033
 
DSD-INT 2025 3D-modelling of salt intrusion into Germany’s busiest waterway -...
byDeltares
 
DSD-INT 2025 Advancing Urban Flood Modeling with Delft3D FM 1D2D - A Pilot St...
byDeltares
 
Data Integration with Salesforce Bootcamp
byDele Amefo
 
DSD-INT 2025 Timor-Leste Flood exposure and Climate Change assessment - Ogunwumi
byDeltares
 
Boost Productivity the Smart Way with AI Automation Solutions
byEllocent Labs
 
Smarter Testing Safer Systems Balancing AI and Oversight in Regulated Environ...
byApplitools
 
Building a RAG System for Customer Support - L1
byBogdan Mustata
 
DSD-INT 2025 Modernizing Hydrodynamics in Large Flood Forecasting System - Mi...
byDeltares
 
Building AI agents in Java - Devoxx Belgium 2025
byJulien Dubois
 
Fundamental of Information Systems introduction.pdf
byYeabsraLakew
 
Custom Software Development Presentation.pdf
byssuser9c7131
 
DSD-INT 2025 Validation of SFINCS on Historical River Floods at the Global Sc...
byDeltares
 
DSD-INT 2025 Flood Early Warning System for the Trans-African Hydrometeorolog...
byDeltares
 
The Sync Strikes Back: Tales from the MOPs Trenches
bybbedford2
 
How Device, OS, and Network Variability Affects App Experience - And How to T...
bykalichargn70th171
 
Understanding-ROM-RAM-Cache-and-Buffer-Memory.pptx.pptx
bylata2850
 
DSD-INT 2025 Building-Aware Flood and Lifeline Scour Modeling with Delft3D FM...
byDeltares
 
SCORM Cloud: The 5 categories of content distribution
byRustici Software
 
DSD-INT 2025 Quantifying Flood Mitigation Strategies Under Sea Level Rise - H...
byDeltares
 
CRM Development Company | Custom CRM Development Services
byyugababu033
 

Amin Milani Fard: Directed Model Inference for Testing and Analysis of Web Applications

  • 1.
    Amin Milani Fard DirectedModel Inference for Testing and Analysis of Web Applications University of British Columbia Oct 2015 http://www.knowdiff.net/
  • 2.
  • 3.
  • 4.
  • 5.
    Manual Testing andMaintenance 5 Incomplete
  • 6.
    6 Test Model Generation Test Case Generation UnitTest Fixture Generation Code Maintenance
  • 7.
    P1. Test ModelGeneration • In model-based testing, models of program behaviour are used to generate test cases. • Dynamic analysis and exploration (crawling) derives test models for many automated testing techniques. 7
  • 8.
    Most industrial webapplications have a huge state-space. Exhaustive crawling (BFS, DFS, or random search), can cause the state explosion problem. Given a limited time, exhaustive crawlers can become mired in specific parts of the application, yielding poor coverage. 8
  • 9.
    Covering the wholeapp is infeasible in a limited time, so … RQ1. How can we derive test models for web applications more effectively compared to exhaustive exploration methods? 9
  • 10.
    Amin Milani Fard,Ali Mesbah Feedback-Directed Exploration of Web Applications to Derive Test Models 24th IEEE International Symposium on Software Reliability Engineering (ISSRE), 2013
  • 11.
    Test Model Generation Weconsider 4 properties for a test model: • Functionality Coverage: The amount of code coverage • Navigational Coverage: The amount of covering different navigational branches • Page Structural Coverage: The amount of covering heterogeneous DOM structures • Size: The number of edges in the SFG How can we infer a model satisfying all these? 11
  • 12.
    Feedback-directed Exploration • FeedExuses the feedback obtained to predict (1) which states should be expanded next (2) in which order events should be executed • Repeat until a time/state limit • Take the crawler to state s with highest state score • Execute the fittest event on s based on event score 12
  • 13.
    State score isa combination of • Code Coverage Impact: The amount of code coverage increase • Path Diversity: The diversity (not sharing) of two paths • DOM Diversity: The diversity (dissimilarity) of two DOM trees Event Score • Event Productivity Ratio: Unexecuted events first. Penalize events that result in an already discovered state, e.g. self- loops. 13
  • 14.
    Evaluation and Results •Objects: 6 open-source JavaScript web apps • Fixed time: 5 minutes, no limitations on: depth, number of states 17 0% 12% 24% 36% 48% 60% Coverage 0 0 0 0 0 DOM Diversity 0 0 0 0 1 Path Diversity 0 150 300 450 600 750 Test Model Size Test Suite Size DFS BFS RND FeedEx 10-28% imp 7-4000% imp 23-130% imp 38-86% imp 42-61% imp
  • 15.
  • 16.
  • 17.
    Crawling automates testingby exploring more states, but is limited in: • Proper input values • Choosing paths to explore • Generating effective assertions RQ2. Can we utilize the knowledge in existing tests to generate new tests? 20 P2. Test Case Generation
  • 18.
    Amin Milani Fard,Mehdi Mirzaaghaei, Ali Mesbah Leveraging Existing Tests in Automated Test Generation for Web Applications 29th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2014
  • 19.
    Combining Manual andAutomated Tests - Input data and sequence - DOM elements to be asserted 23 - Automated crawling - Automated test case generation
  • 20.
    24 Generated test cases Testilizer idea ExtendedState-Flow Graph Initial State-Flow Graph Human-written test cases
  • 21.
    Exploring Alternative Paths 25 •Remain close to the manual-test paths Initial State-Flow Graph Extended State-Flow Graph
  • 22.
    Regenerating Assertions 27 (1) Reusingthe same assertion (2) Regenerating assertions for exact DOM element/region match (3) Generating assertions for similar DOM region match
  • 23.
    Assertion Reuse An assertionon a shared state can be reused for a new test case. 28
  • 24.
    Assertion Regeneration Repetition-based assertionregeneration 1. exact element-based assertions 2. exact region-based assertions 29 Checked Element Checked Element Region
  • 25.
    Generating Similar RegionAssertions Inexact element/region repetition of a checked element/region can also be important for testing. A classification problem: • Is a block level DOM element important to be checked by an assertion? 30 <div id="header"> <div id="nav"> <div id="footer"> <div id="article"> <div id="sidebar" ><div id="section"> <div id="header"> <div id="nav"> <div id="footer"> <span id="main"> <span id="menu e"> <span id="content">
  • 26.
    33 • 150% impover the original test suite • 170% imp over the random assertion (RND) & exploration (RAND) • 37% imp over the random assertion (RND) While code coverage was not our main goal • 30% imp over the original test suite • 18% imp over the random exploration 0% 7% 13% 20% 26% 33% Fault Detection Rate ORIG RAND + RND EXND + RND Testilizer Evaluation and Results
  • 27.
    P3. Unit TestFixture Generation If an expected DOM element (test fixture) is not present, a JavaScript unit test may throw an exception or produce an incorrect result. 36 Test fixtures define states of the test environment before the test.
  • 28.
  • 29.
    Proper DOM-based fixturesare required to achieve high coverage. RQ3. How can we automate fixture generation for unit testing? Challenges (1) DOM-related variables (2) Hierarchical DOM relations 40
  • 30.
    Amin Milani Fard,Ali Mesbah, Eric Wohlstadter Generating Fixtures for JavaScript Unit Testing 30th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2015
  • 31.
    Apply the new fixtureon DOM Unit Test 42 ConFix idea Instrument the code Instrumented Code JavaScript Code + Function under test (FUT) Solve constraints and generate a fixture Collect exec trace and deduce DOM- based constraints Execute the FUT
  • 32.
    Instrumentation trace = []; functionconfixWrapper(statementType, statement, varList, varValueList, enclosingFunction, actualStatement) { trace.push({statementType: statementType, statement: statement, varList: varList, varValueList: varValueList, enclosingFunction: enclosingFunction, actualStatement: actualStatement}); return actualStatement; } function getConfixTrace() { return trace; } function dg(x) { return confixWrapper("return", "return confixWrapper("functionCall", "document.getElementById(x)", ["x"], [x], "dg", document.getElementById(x));", [""], [], "dg", confixWrapper("functionCall", "document.getElementById(x)", ["x"], [x], "dg", document.getElementById(x))); } function sumTotalPrice() { sum = confixWrapper("infix", "sum = 0", [""], [], "sumTotalPrice", 0); itemList = confixWrapper("infix", "itemList = confixWrapper("functionCall", "dg('items')", ["items"], ['items'], "sumTotalPrice", dg('items'))", [""], [], "sumTotalPrice", confixWrapper("functionCall", "dg('items')", ["items"], ['items'], "sumTotalPrice", dg('items'))); if (confixWrapper("condition", "itemList.children.length === 0", [""], [], "sumTotalPrice", itemList.children.length === 0)) confixWrapper("functionCall", "dg('message')", ["message"], ['message'], "sumTotalPrice", dg('message')).innerHTML = confixWrapper("infix", "confixWrapper("functionCall", "dg('message')", ["message"], ['message'], "sumTotalPrice", dg('message')).innerHTML = "Item list is empty!"", [""], [], "sumTotalPrice", "Item list is empty!"); else { for (i = confixWrapper("infix", "i = 0", [""], [], "sumTotalPrice", 0); confixWrapper("loopCondition", "i < itemList.children.length", ["i", "itemList"], [i, itemList], "sumTotalPrice", i < itemList.children.length); i++) { p = confixWrapper("infix", "p = itemList.children[i].value", ["itemList.children[i]"], [itemList.children[i]], "sumTotalPrice", itemList.children[i].value); if (confixWrapper("condition", "p > 0", [""], [], "sumTotalPrice", p > 0)) sum += p; else confixWrapper("functionCall", "dg('message')", ["message"], ['message'], "sumTotalPrice", dg('message')).innerHTML += " Wrong value for item " + i; } confixWrapper("functionCall", "dg('total')", ["total"], ['total'], "sumTotalPrice", dg('total')).value = confixWrapper("infix", "confixWrapper("functionCall", "dg('total')", ["total"], ['total'], "sumTotalPrice", dg('total')).value = sum", [""], [], "sumTotalPrice", sum); } 44
  • 33.
    45 (1) Extract DOM-based Constraints (2)Transform them into XPath (3) Solve it using an available XML XPath solver
  • 34.
  • 35.
    47 Evaluation and Result •Up to 67% imp in statement coverage • Up to 300% imp in branch coverage
  • 36.
    P4. Code Maintenance •JavaScript is challenging to maintain. • Code smells adversely influence program comprehension and maintainability. • Code smells detection is time consuming. 49 RQ4. Which JavaScript code smells are prevalent in practice and how can we support automated code refactoring?
  • 37.
    Amin Milani Fard,Ali Mesbah JSNose: Detecting JavaScript Code Smells 13th IEEE International Conference on Source Code Analysis and Manipulation (SCAM), 2013
  • 38.
    JavaScript Code SmellDetection 51 Static and dynamic code analysis is used to monitor and infer information about objects, functions, and code blocks.
  • 39.
    54 Evaluation and Results •Evaluated 11 JavaScript/Ajax web applications. • Effective code smells detection (93% precision, 98% recall) • Lazy object, long method/function, closure smells, JS/HTML/CSS coupling, and excessive global variables, are the most prevalent smells. • Strong, and significant +correlation between {LOC, # functions, # JS files, and CC} and the types of smells, and weaker correlation with the # smell instances.
  • 40.
    55 Some topics towork on • Applying learned tests on similar applications • Generating unit tests based on client-side code similarity and DOM-based tests based on DOM sate similarity • JavaScript code refactoring • Suggesting and applying refactoring for code smells • Understanding test failures and root causes • Generating integrated tests using existing unit tests
  • 41.
    56 Test Model Generation Test Case Generation UnitTest Fixture Generation Code Maintenance

Editor's Notes

  • #3 Modern web applications have changed our life in the last decade.
  • #4 Modern web apps are composed of multiple languages such as HTML, JS, CSS, and server-side code which get rendered by a web browser to show the application’s runtime Document Object Model (DOM). To avoid dealing with these interactions separately, developers test the correct behaviour of a web app through its manifested DOM, using testing frameworks such as Selenium or CasperJS.
  • #5 Because of the considerable impact of these applications on social and economic activities, it is important to ensure their quality through testing and maintenance.
  • #6 Manual testing and maintenance is time consuming and the result is incomplete. Our goal in this thesis is to provide automated techniques and tools to reduce this manual effort.
  • #7 Towards this goal we consider 4 prongs that are complementary to each other.
  • #19 Modern web apps are composed of multiple languages such as HTML, JS, CSS, and server-side code which get rendered by a web browser to show the application’s runtime Document Object Model (DOM). To avoid dealing with these interactions separately, developers test the correct behaviour of a web app through its manifested DOM, using testing frameworks such as Selenium or CasperJS.
  • #24 Using the human domain knowledge in tests: provide valid input data know what DOM elements should be asserted and how. We propose to 1) mine the human knowledge existing in manually-written test cases 2) combine that knowledge with the power of automated crawling 3) extend the test suite for uncovered/unchecked portions of the app
  • #28 Regenerating assertions is a major contribution of this work. These assertions basically checks the existence of a DOM element or its attribute and textual values. Based on the concept of matching, partial matching, and similar matching, We generate new assertions by leveraging DOM patterns in test suites.
  • #29 s1 is shared among many other paths from Index to s5. Assertions on s1 can be exactly reused for generated test cases exercising alternative paths.
  • #30 Full exact match vs partial exact match region-based assertions
  • #33 Avoiding redundant assertions: Assertions that are subsumed by other assertions are redundant and safely eliminated Prioritizing assertions: We prioritize assertions in each state in the order of specification/constraint: the original assertions the reused, the exact element/region assertion assertions similar region assertions
  • #35 Compared test suite generated by 1. human tester (ORIG) 2. Testilizer: traversing the extended SFG and generating assertions (EXND+AR) 3. traversing the extended SFG and random assertion generation (EXND+RND) 4. random exploration and random assertion generation (RAND+RND)
  • #37 Why JS Unit testing? Unit tests can detect code-level bugs that do not propagate to the DOM.
  • #38 Why JS Unit testing? Unit tests can detect code-level bugs that do not propagate to the DOM.
  • #48 To evaluate our approach we answer three research questions.
  • #57 Towards this goal we consider 4 prongs that are complementary to each other.