Empirical studies in software testing research may not be comparable, reproducible, or characteristic of practice. One reason is that real bugs are too infrequently used research. Extracting and reproducing challenging as a result hand-seeded faults mutants commonly substitute. This paper presents Defects4J, database extensible framework providing to enable reproducible The initial version Defects4J contains 357 from 5 real-world open source pro- grams. Each bug accompanied by comprehensive...

Explicitly stated program invariants can help programmers by identifying properties that must be preserved when modifying code. In practice, however, these are usually implicit. An alternative to expecting fully annotate code with is automatically infer likely from the itself. This research focuses on dynamic techniques for discovering execution traces. article reports three results. First, it describes dynamically invariants, along an implementation, named Daikon, embodies techniques....

We present a technique that improves random test generation by incorporating feedback obtained from executing inputs as they are created. Our builds incrementally randomly selecting method call to apply and finding arguments among previously-constructed inputs. As soon an input is built, it executed checked against set of contracts filters. The result the execution determines whether redundant, illegal, contract-violating, or useful for generating more outputs suite consisting unit tests...

The use of permutation methods for exact inference dates back to Fisher in 1935. Since then, the practicality such has increased steadily with computing power. They can now easily be employed many situations without concern difficulties. We discuss reasoning behind these and describe when they are distribution-free. illustrate their several examples.

The growing demand for large-scale data mining and analysis applications has led both industry academia to design new types of highly scalable data-intensive computing platforms. MapReduce Dryad are two popular platforms in which the dataflow takes form a directed acyclic graph operators. These lack built-in support iterative programs, arise naturally many including mining, web ranking, analysis, model fitting, so on. This paper presents HaLoop, modified version Hadoop framework that is...

A good test suite is one that detects real faults. Because the set of faults in a program usually unknowable, this definition not useful to practitioners who are creating suites, nor researchers and evaluating tools generate suites. In place faults, testing research often uses mutants, which artificial -- each simple syntactic variation systematically seeded throughout under test. Mutation analysis appealing because large numbers mutants can be automatically-generated used compensate for low...

R<scp>ANDOOP</scp> for Java generates unit tests code using feedback-directed random test generation. Below we describe R<scp>ANDOOP</scp>'s input, output, and generation algorithm. We also give an overview of RANDOOP's annotation-based interface specifying configuration parameters that affect behavior output.

We present ClearView, a system for automatically patching errors in deployed software. ClearView works on stripped Windows x86 binaries without any need source code, debugging information, or other external and human intervention.

Most fault localization techniques take as input a faulty program, and produce output ranked list of suspicious code locations at which the program may be defective. When researchers propose new technique, they typically evaluate it on programs with known faults. The technique is scored based where in its defective appears. This enables comparison multiple to determine one better. Previous research has evaluated using artificial faults, generated either by mutation tools or manually. In...

We present a technique for finding security vulnerabilities in Web applications. SQL Injection (SQLI) and cross-site scripting (XSS) attacks are widespread forms of attack which the attacker crafts input to application access or modify user data execute malicious code. In most serious (called second-order, persistent, XSS), an can corrupt database so as cause subsequent users

Distributed systems are difficult to implement correctly because they must handle both concurrency and failures: machines may crash at arbitrary points networks reorder, drop, or duplicate packets. Further, their behavior is often too complex permit exhaustive testing. Bugs in these have led the loss of critical data unacceptable service outages. We present Verdi, a framework for implementing formally verifying distributed Coq. Verdi formalizes various network semantics with different...

The performance of fault localization techniques is critical to their adoption in practice. This paper reports on an empirical study a wide range real-world faults. Different from previous studies, this (1) considers different families, (2) combines techniques, and (3) the execution time techniques. Our results reveal that combined technique significantly outperforms any individual (200 percent increase faults localized Top 1), suggesting combination may be desirable way apply future should...

Article Free Access Share on Dynamically discovering likely program invariants to support evolution Authors: Michael D. Ernst Dept. of Computer Science & Engineering, University Washington, Box 352350, Seattle WA WAView Profile , Jake Cockrell William G. Griswold California San Diego, 0114, La Jolla, CA CAView David Notkin Authors Info Claims ICSE '99: Proceedings the 21st international conference Software engineeringMay 1999 Pages 213–224https://doi.org/10.1145/302405.302467Published:16 May...

Many automatic testing, analysis, and verification techniques for programs can be effectively reduced to a constraint generation phase followed by constraint-solving phase. This separation of concerns often leads more effective maintainable tools. The increasing efficiency off-the-shelf solvers makes this approach even compelling. However, there are few sufficiently expressive string constraints generated analysis string-manipulating programs.

This is the first empirical study of use C macro preprocessor, Cpp. To determine how preprocessor used in practice, this paper analyzes 26 packages comprising 1.4 million lines publicly available code. We incidence usage-whether definitions, uses, or dependences upon macros-that complex, potentially problematic, inexpressible terms other C++ language features. taxonomize these various aspects and particularly note data that are material to development tools for C++, including translating...

Computer systems are often difficult to debug and understand. A common way of gaining insight into system behavior is inspect execution logs documentation. Unfortunately, manual inspection an arduous process documentation incomplete out sync with the implementation.

The Java Modeling Language (JML) can be used to specify the detailed design of classes and interfaces by adding annotations source files. aim JML is provide a specification language that easy use for programmers supported wide range tools type-checking, runtime debugging, static analysis, verification. This paper gives an overview main ideas behind JML, different groups collaborating existing applications JML. Thus far, most have focused on code programming smartcards written in Card dialect Java.

Collaborative development can be hampered when conflicts arise because developers have inconsistent copies of a shared project. We present an approach to help identify and resolve early, before those become severe relevant changes fade away in the developers' memories. This paper presents three results.

Automatic bug-finding tools have a high false positive rate: most warnings do not indicate real bugs. Usually assign important priority. However, the prioritization of tends to be ineffective. We observed output by three tools, FindBugs, JLint, and PMD, for subject programs, Columba, Lucene, Scarab. Only 6%, 9%, 9% are removed bug fix changes during 1 4 years software development. About 90% remain in program or non-fix -- likely warnings. The tools' warning is little help focusing on...

This paper introduces the Checker Framework, which supports adding pluggable type systems to Java language in a backward-compatible way. A system designer defines qualifiers and their semantics, compiler plug-in enforces semantics. Programmers can write programs use detect or prevent errors. The Framework is useful both programmers who wish error-free code, designers evaluate deploy systems.