Code coverage as the primitive dynamic program behavior information, is widely adopted to facilitate a rich spectrum of software engineering tasks, such as testing, fuzzing, debugging, fault detection, reverse engineering, and program understanding. Thanks to the widespread applications, it is crucial to ensure the reliability of the code coverage profilers.
Unfortunately, due to the lack of research attention and the existence of testing oracle problem, the coverage profilers are far away from being tested sufficiently. Bugs are still regularly seen in the widely deployed profilers, like gcov and llvm-cov, along with gcc and llvm, respectively.
This paper proposes Cod, a fully automated self-validator for effectively uncovering bugs in the coverage profilers. Cod takes a single profiler and a program (either from a compiler’s test suite or generated randomly) as input and uncovers the bugs by identifying the inconsistency of coverage results from the input program and its equivalent mutated variants whose coverage statistics are expected to be identical.
We evaluated Cod over two of the most well-known code coverage profilers, namely gcov and llvm-cov. Within a fourmonth testing period, a total of 196 potential bugs (123 for gcov, 73 for llvm-cov) are found, among which 23 are confirmed by the developers.
Tue 12 Nov
10:40 - 12:20: Papers - Testing and Coverage at Cortez 1 Chair(s): Jonathan BellGeorge Mason University | ||||||||||||||||||||||||||||||||||||||||||
10:40 - 11:00 Talk | Automatic Self-Validation for Code Coverage Profilers Yibiao YangHuazhong University of Science and Technology, Yanyan JiangNanjing University, Zhiqiang ZuoNanjing University, China, Yang WangNanjing University, Hao SunUnaffiliated, Hongmin LuNanjing University, Yuming ZhouNanjing University, Baowen XuNanjing University Pre-print | |||||||||||||||||||||||||||||||||||||||||
11:00 - 11:20 Talk | Efficient Test Generation Guided by Field Coverage Criteria Ariel GodioDept. of Software Engineering Instituto Tecnológico de Buenos Aires, Valeria BengoleaDept. of Computer Science FCEFQyN, University of Rio Cuarto, Pablo PonzioDept. of Computer Science FCEFQyN, University of Rio Cuarto, Nazareno AguirreDept. of Computer Science FCEFQyN, University of Rio Cuarto, Marcelo F. FriasDept. of Software Engineering Instituto Tecnológico de Buenos Aires | |||||||||||||||||||||||||||||||||||||||||
11:20 - 11:40 Talk | Exploring Output-Based Coverage for Testing PHP Web Applications Hung Viet NguyenGoogle LLC, USA, Hung Dang PhanECpE Department, Iowa State University, Christian KästnerCarnegie Mellon University, Tien N. NguyenUniversity of Texas at Dallas Link to publication | |||||||||||||||||||||||||||||||||||||||||
11:40 - 12:00 Talk | PHANTA: Diversified Test Code Quality Measurement for Modern Software Development Media Attached | |||||||||||||||||||||||||||||||||||||||||
12:00 - 12:10 Demonstration | TestCov: Robust Test-Suite Execution and Coverage Measurement Pre-print Media Attached File Attached | |||||||||||||||||||||||||||||||||||||||||
12:10 - 12:20 Demonstration | VisFuzz: Understanding and Intervening Fuzzing with Interactive Visualization Chijin ZhouTsinghua University, Mingzhe WangTsinghua University, Jie LiangTsinghua University, Zhe LiuNanjing University of Aeronautics and Astronautics, Chengnian SunWaterloo University, Yu JiangTsinghua University |