帳號:guest(3.235.249.219)          離開系統
字體大小: 字級放大   字級縮小   預設字形  

詳目顯示

以作者查詢圖書館館藏以作者&題名查詢臺灣博碩士以作者查詢全國書目
作者:范揚杰
論文名稱(中文):從COTS/Binary元件中解析條件參數以輔助隨機測試
論文名稱(英文):Resolving Constraints from COTS/Binary components for Concolic Random Testing
指導教授(中文):黃世昆
學位類別:碩士
校院名稱:國立交通大學
系所名稱:資訊科學與工程研究所
學號:9455640
出版年(民國):96
畢業學年度:95
語文別:英文
論文頁數:32
中文關鍵詞:符號執行隨機測試
外文關鍵詞:Symbolic executionRandom testing
相關次數:
  • 推薦推薦:0
  • 點閱點閱:338
  • 評分評分:*****
  • 下載下載:1
  • 收藏收藏:0
軟體品質透過軟體測試來達到驗證。軟體測試是想要找到程式缺陷而進行技巧性審查的過程。目前有許多的方式應用在軟體測試上,但是有些臭蟲是卻很難用傳統的測試方法來找到,假如他們不常發生在一般的情況下。為了改進軟體測試的涵蓋率,許多研究中提出自動化產生所有可能輸入資料的技術。
近期,較先進的做法是將具體和符號執行結合應用於隨機測試中。先簡化受測程式的原始碼成基本的指令型式,然後依據不同指令附加額外的程式碼以描述程式的行為,使用者提供具體的輸入值來執行轉換後的程式。在實際執行後,相關的條件參數會被儲存起來,然後再解析條件參數以產生測試的例子。但是這種方法不適合使用在沒有原始碼的程式上,特別是程式中使用到商業軟體或執行檔的部份。我們在ALERT(自動化隨機與邏輯推理運算測試)中提出一個解決之道,以接近原本程式語意的原則建立符號參數跟相依變數之間的關係。因此,可以保有原本符號的屬性,並且抵達更多的程式路徑。
Software quality is verified through software testing. Software testing is a process of technical investigation that is intended to reveal faults. There are many approaches to software testing, but bugs are difficult to find in conventional testing if they occur infrequently. In order to improve the test coverage, several techniques have been proposed to automatically generate all possible values of the inputs.
Recently, the developed methods are combining concrete and symbolic execution for Random Testing. They first try to instrument the source code of a program under testing. The program is executed on some user-provided concrete input values. After the concrete run, symbolic constraints are stored and then generate concrete test cases by solving these symbolic constraints. Unfortunately, access to instrument source code is often infeasible especially for COTS/Binary component. We present a method in the framework, ALERT (Automatic Logic Evaluation for Random Testing), which approximates the program semantics and establish a connection between symbolic parameters and dependent variables. As a result, the symbolic property can be preserved and more paths will be reached.
摘要 Ⅲ
ABSTRACT IV
誌謝 V
TABLE OF CONTENTS VI
LIST OF FIGURES VII
LIST OF TABLES VIII
1 INTRODUCTION - 1 -
1.1 AUTOMATED TEST GENERATION - 1 -
1.2 CONSTRAINT PROPAGATION - 2 -
1.3 PATH EXPLOSION - 3 -
1.4 MOTIVATION - 4 -
1.5 OBJECTIVE - 5 -
2 RELATED WORK - 7 -
2.1 RANDOM TESTING (RT) - 7 -
2.2 MODEL CHECKING - 7 -
2.3 CONCOLIC TESTING - 8 -
2.4 PATH COMPACTION - 9 -
3 POST-CONDITION AIDED SYMBOLIC EXECUTION - 11 -
3.1 STRONGEST POST-CONDITION - 11 -
3.2 RETURN VALUES DRIVEN CONSTRAINT - 12 -
4 IMPLEMENTATION - 14 -
4.1 ALERT FRAMEWORK - 14 -
4.1.1 PREPROCESS – CIL (C INTERMEDIATE LANGUAGE) - 14 -
4.1.1.1 Source to Source Translation - 15 -
4.1.1.2 Instrumentation - 15 -
4.1.2 SYMBOLIC EXECUTION – CVCL - 16 -
4.1.3 TEST DRIVER - 22 -
4.2 SP MODULE - 23 -
5 EXPERIMENTAL RESULTS - 24 -
5.1 A SIMPLE EXAMPLE: TRITYPE - 24 -
5.2 POST-CONDITION: ABS - 25 -
5.3 POST-CONDITION: STRCMP - 26 -
5.4 DISCUSSION - 27 -
6 CONCLUSIONS - 29 -
REFERENCES - 31 -
[1] D. Beyer, A. J. Chlipala and R. Majumdar, "Generating tests from counterexamples," in ICSE '04: Proceedings of the 26th International Conference on Software Engineering, 2004, pp. 326-335.
[2] W. Visser, C. S. reanu and S. Khurshid, "Test input generation with java PathFinder," in ISSTA '04: Proceedings of the 2004 ACM SIGSOFT International Symposium on Software Testing and Analysis, 2004, pp. 97-107.
[3] W. Visser, C. S. reanu and R. nek, "Test input generation for java containers using state matching," in ISSTA '06: Proceedings of the 2006 International Symposium on Software Testing and Analysis, 2006, pp. 37-48.
[4] Tao Xie, Darko Marinov, Wolfram Schulte and David Notkin ER -, Symstra: A Framework for Generating Object-Oriented Unit Tests using Symbolic Execution. 2005, pp. 365-381.
[5] P. Godefroid, N. Klarlund and K. Sen, "DART: Directed automated random testing," in PLDI '05: Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation, 2005, pp. 213-223.
[6] K. Sen, D. Marinov and G. Agha, "CUTE: A concolic unit testing engine for C," in ESEC/FSE-13: Proceedings of the 10th European Software Engineering Conference Held Jointly with 13th ACM SIGSOFT International Symposium on Foundations of Software Engineering, 2005, pp. 263-272.
[7] C. Cadar and D. E. E. -, Execution Generated Test Cases: How to make Systems Code Crash itself. 2005, pp. 2-23.
[8] C. Cadar, V. Ganesh, P. M. Pawlowski, D. L. Dill and D. R. Engler, "EXE: Automatically generating inputs of death," in CCS '06: Proceedings of the 13th ACM Conference on Computer and Communications Security, 2006, pp. 322-335.
[9] C. Csallner and Y. Smaragdakis, "Check 'n' crash: Combining static checking and testing," in ICSE '05: Proceedings of the 27th International Conference on Software Engineering, 2005, pp. 422-431.
[10] C. Csallner and Y. Smaragdakis, "Check 'n' crash: Combining static checking and testing," in ICSE '05: Proceedings of the 27th International Conference on Software Engineering, 2005, pp. 422-431.
[11] P. Godefroid, "Compositional dynamic test generation," in POPL '07: Proceedings of the 34th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, 2007, pp. 47-54.
[12] R. Majumdar and K. Sen, "LATEST : Lazy dynamic test input generation," EECS Department, University of California, Berkeley, Mar, 2007.
[13] Huey-Der Chu, John E. Dobson and I-Chiang Liu ER -, "FAST: a framework for automating statistics-based testing," Software Quality Journal, vol. V6, pp. 13-36, 03/01/. 1997.
[14] Saswat Anand, Corina S. P□□s□□reanu and Willem Visser ER -, Symbolic Execution with Abstract Subsumption Checking. 2006, pp. 163-181.
 
 
 
 
第一頁 上一頁 下一頁 最後一頁 top
* *