Proceedings 2018 Workshop on Binary Analysis Research 2018
DOI: 10.14722/bar.2018.23009
|View full text |Cite
|
Sign up to set email alerts
|

DeepState: Symbolic Unit Testing for C and C++

Abstract: Unit testing is a popular software development methodology that can help developers detect functional regressions, explore boundary conditions, and document expected behavior. However, writing comprehensive unit tests is challenging and time-consuming, and developers seldom explore the obscure (and bug-hiding) corners of software behavior without assistance. DeepState is a tool that provides a Google Test-like API to give C and C++ developers pushbutton access to symbolic execution engines, such as Manticore a… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
9
0

Year Published

2019
2019
2022
2022

Publication Types

Select...
4
2

Relationship

3
3

Authors

Journals

citations
Cited by 10 publications
(9 citation statements)
references
References 25 publications
0
9
0
Order By: Relevance
“…Manticore is also fully integrated into the DeepState parameterized unit testing tool [9], where it has proved useful in cases where angr failed to produce useful results.…”
Section: Native Binary Analysis Evaluationmentioning
confidence: 99%
“…Manticore is also fully integrated into the DeepState parameterized unit testing tool [9], where it has proved useful in cases where angr failed to produce useful results.…”
Section: Native Binary Analysis Evaluationmentioning
confidence: 99%
“…More practically, we would like to tightly integrate our approach with automated test generation tools, such as TSTL , DeepState , Echidna and Manticore . Automated test generation tools tend to produce a large number of passing and failing tests and are often used in ‘overnight’ runs where adding a step to use mutants to triage failing tests and provide localization suggestions for the highly ranked tests may not even impose a noticeable overhead on current usage practices.…”
Section: Discussionmentioning
confidence: 99%
“…The SCB team added the fuzzgoat example to their published VM and plan to use it to drive development of patch templates and analysis for use‐after‐frees; this will, at some point, likely make it possible for SCB to handle fuzzgoat effectively. However, in the long term, if fuzzing is applied to find assertion violations, differential testing divergences , or other more complex ‘custom’ properties, as is likely with the appearance of tools such as DeepState that merge fuzzing and property‐based testing, it is hard to see how SCB will handle these ‘custom’ bug types.…”
Section: Fuzzer Taming For a Non‐compiler Target: Fuzzgoatmentioning
confidence: 99%
See 1 more Smart Citation
“…These are the typical oracles used in general fuzzers [34]. Tools such as DeepState [37] make it possible to use QuickCheck-style property-based specifications with off-the-shelf fuzzers like AFL. Sanitizers are one of the most common types of implicit oracles used for fuzzing.…”
Section: A Fuzzingmentioning
confidence: 99%