2019
DOI: 10.1145/3360607
|View full text |Cite
|
Sign up to set email alerts
|

Coverage guided, property based testing

Abstract: Property-based random testing, exemplified by frameworks such as Haskell's QuickCheck, works by testing an executable predicate (a property) on a stream of randomly generated inputs. Property testing works very well in many cases, but not always. Some properties are conditioned on the input satisfying demanding semantic invariants that are not consequences of its syntactic structureÐe.g., that an input list must be sorted or have no duplicates. Most randomly generated inputs fail to satisfy properties with suc… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
17
0

Year Published

2021
2021
2025
2025

Publication Types

Select...
3
3

Relationship

1
5

Authors

Journals

citations
Cited by 36 publications
(17 citation statements)
references
References 46 publications
0
17
0
Order By: Relevance
“…The developers promptly fixed this soundness issue in the trunk version of Z3. As we will show (Section 3), Generative Type-Aware Mutation is a powerful generalization of type-aware operator mutation [Winterer et al 2020a] and FuzzChick [Lampropoulos et al 2019]. Neither approach could have generated this bug-triggering formula from the seed 𝜑.…”
Section: Illustrative Examplementioning
confidence: 99%
See 3 more Smart Citations
“…The developers promptly fixed this soundness issue in the trunk version of Z3. As we will show (Section 3), Generative Type-Aware Mutation is a powerful generalization of type-aware operator mutation [Winterer et al 2020a] and FuzzChick [Lampropoulos et al 2019]. Neither approach could have generated this bug-triggering formula from the seed 𝜑.…”
Section: Illustrative Examplementioning
confidence: 99%
“…FuzzChick's Mutator [Lampropoulos et al 2019]: FuzzChick tests Coq programs using grammar-based generators and coverage feedback. Adapted to our setting, this corresponds to 𝜑 mutant = 𝜑 [expr 2 /expr 1 ] where expr 1 , expr 2 are expressions from expr (𝜑).…”
Section: Relationships To Fuzzchick and Type-aware Operator Mutationmentioning
confidence: 99%
See 2 more Smart Citations
“…Coverage-guided fuzzing tools like AFL [22] can be viewed as a way of using a different form of feedback (branch instead of combinatorial coverage) to improve the generation of random inputs by finding more "interesting" tests. Fuzzing is a huge topic [43] that has exploded in popularity recently, with researchers evaluating the benefits of using more forms of feedback [13,31], incorporating learning [28,33] or symbolic [39,42] techniques, and bringing the benefits of these methods to functional programming [11,21]. One fundamental difference, however, is that all of these techniques are online and grey-box: they instrument and execute the program on various inputs in order to obtain feedback.…”
Section: Comparison With Fuzzing Techniquesmentioning
confidence: 99%