一种编译优化测试用例自动生成方法的设计与实现

编译器的质量保证对提高软件产品的质量有着重要作用,对编译优化的测试是其中的核心部分.对编译优化的测试需要大量的测试用例程序.要构造这些测试用例,使用传统手工构造方法面临着效率低的问题,而基于文法的构造方法则针对性不足.从对优化的形式化描述出发来自动构造测试用例能克服这些缺点.本文设计并实现了一种基于形式化描述的编译优化测试用例程序生成方法.该方法基于编译优化的时序逻辑描述构造关键顶点控制流图,逐步转换为控制流图并得到用例程序.针对GCC(版本4.1.1)进行的覆盖率测试实验表明,该方法可以生成具有较高针对性的测试用例,并达到相当的覆盖程度.     

基于回放机制的并发程序中的错误重现方法

为了帮助程序员检测并发程序中的错误,提出了一种重现错并发误场景的方法.使用对Java字节码插装的方法,生成记录和回放版本的程序.在记录程序运行时,自动记录下线程间执行的逻辑循序,同时在程序发生崩溃后自动生成测试用例,这些测试用例运行在回放版本上具有确定性地重现并发错误的能力.实现了一个基于Java程序的原型工具,实验结果表明,该原型具有重现并发程序错误的能力,并且性能开销在一个可接受的范围内.     

运用类复制变异和JPF技术生成类间测试用例

采用类复制变异方法,运用模型检测器Java PathFinder(JPF)来保证软件执行过程中产生的错误在输出结果中可见,同时将类间测试用例生成问题转化成模型检测中寻找反例的问题,自动生成满足变异覆盖准则的类测试用例,提出一种适用于类间调用的测试用例自动生成方法,并在程序模型检测器JPF上实现.实验结果表明,本文提出的方法能生成高效的Java类间测试输入数据,变异覆盖率高,可发现隐藏错误,并能显著减少测试生成的代价.     

一种从UML模型生成测试用例方法的研究与实现

测试用例生成是软件自动化测试的基础与关键。随着UML的广泛应用,基于UML模型来自动生成用例的技术日益受到关注。在UML模型中,顺序图描述了软件系统的动态行为,是软件集成测试中一个重要的来源。文中提出一种基于UML顺序图与类图相结合的方法来自动生成测试用例,定义了相应的测试覆盖准则及测试衡量标准,并用一个具体实例验证了测试用例的生成过程。最后给出了测试用例自动生成工具的框架。     

基于活动图模型测试剖面的测试用例生成方法

给出了测试用例的定义和如何根据UML活动图模型来生成测试用例的基本方法，包括基于活动图模型控制流结构的测试场景生成和针对活动的输入量的测试数据生成。根据活动图模型的层次型特点，引入了针对话动的层次化的测试剖面(Test Profiles)概念和输入输出数据描述规范，用以支持用户在活动图上分层次地提供有关测试数据生成的约束条件。同时，给出了基于测试剖面的基本测试数据的生成方法，以及基于测试场景和基本测试数据的组合来生成一组测试用例的方法。     

基于UML协作图的测试用例生成方法与实现

根据组件软件的特征,提出一种基于UML协作图直接产生测试用例的方法.给出了一系列覆盖准则,并针对协作图中条件、并发和循环消息流提出相应的处理方法.采用深度优先的算法遍历所有测试场景,每个测试场景相应于一个测试用例,并设计和实现了测试用例自动生成工具系统UMLTCG.     

Object-Z 规格说明测试用例的自动生成器

对Object-Z形式规格说明构造测试用例的研究,目前主要集中在理论研究阶段,测试用例的自动生成几乎没有相应的工具支持.Object-Z是基于数学和逻辑的语言,并大量使用了模式复合和简写形式,这给计算机提取完整语义用以自动产生测试用例造成了困难.通过展开Object-Z规格说明中的模式定义,改进Object-Z的文法结构,给出了提取Object-Z规格说明语义的方法,研究了从Object-Z规格说明产生测试用例的自动化过程.这一过程主要包含3个阶段:Object-Z语言的自动解析、语义自动抽取和测试用例自动产生.通过介绍的工具原型,可以很容易得到规格说明中的各种语义;基于某些测试准则,能够方便自动产生可视化的抽象测试用例.     

一种新的编译程序测试用例自动生成策略及其实现

自动生成测试用例是测试编译程序的途径之一,目前一般均使用Purdom提出的产生式选择策略来自动生成测试用例,本文提出了描述前后文无关文法的一种图表示方法,这种图称为文法的DG图。基于DG图,我们给出了一种优于Purdom策略的新的编译程序测试用例自动生成策略,并讨论了这种策略的实现原理。     

基于解析树的Java Web灰盒模糊测试

由于Java Web应用业务场景复杂,且对输入数据的结构有效性要求较高,现有的测试方法和工具在测试Java Web时存在测试用例的有效率较低的问题.为了解决上述问题,本文提出了基于解析树的Java Web应用灰盒模糊测试方法.首先为Java Web应用程序的输入数据包进行语法建模创建解析树,区分分隔符和数据块,并为解析树中每一个叶子结点挂接一个种子池,隔离测试用例的单个数据块,通过数据包拼接生成符合Java Web应用业务格式的输入,从而提高测试用例的有效率;为了保留高质量的数据块,在测试期间根据测试程序的执行反馈信息,为每个数据块种子单独赋予权值;为了突破深度路径,会在相应种子池中基于条件概率学习提取数据块种子特征.本文实现了基于解析树的Java Web应用灰盒模糊测试系统PTreeFuzz,测试结果表明,该系统相较于现有工具取得了更好的测试准确率.     

基于控制流模型的Web系统测试方法研究

Web应用系统的使用与日俱增,技术层出不穷,但是Web应用系统的测试却是一个难点.论文提出一种基于控制流的测试方法,对Web应用系统建立控制流模型,并给出形式化的定义,采用模型进行测试用例的产生.为了使测试自动化,论文还谈到脚本技术和测试执行器的设计.     

Code Based Analysis for Object-Oriented Systems

Tile basic features of object-oriented software makes it difficult to apply traditional testing methods in objectoriented systems. Control Flow Graph （CFG） is a well-known model used for identification of independent paths in procedural software. This paper highlights the problem of constructing CFG in object-oriented systems and proposes a new model named Extended Control Flow Graph （ECFG） for code based analysis of Object-Oriented （OO） software. ECFG is a layered CFG where nodes refer to methods rather than statements. A new metrics Extended Cyclomatic Complexity （E-CC） is developed which is analogous to McCabe＇s Cyclomatic Complexity （CC） and refers to the number of independent execution paths within the OO software. The different ways in which CFG＇s of individual methods are connected in an ECFG are presented and formulas for E-CC for these different cases are proposed. Finally we have considered an example in Java and based on its ECFG, applied these cases to arrive at the E-CC of the total system as well as proposed a methodology for calculating the basis set, i.e., the set of independent paths for the OO system that will help in creation of test cases for code testing.     

Automatic property‐based testing and path validation of XQuery programs

Property‐based testing has gained popularity in recent years in many areas of software development. The specification of assertions/properties helps to understand the semantics of pieces of code, and in modern programming environments, it can serve to test the program behavior. In this paper an XQuery property‐based testing tool is presented, which enables to automatically test XQuery programs. The tool is able to systematically generate XML instances (i.e., test cases) from a given XML schema, and to filter XML instances with input properties specified by the programmer. Additionally, the tool automatically checks output (respectively, input‐output) properties in each output instance (respectively, each pair of input‐output instances). The tool is able to report whether the XQuery program passes the test, that is, if all the test cases satisfy the (input‐)output property, as well as the number of test cases used for testing. In addition, if the XQuery program fails the test, the tool shows counterexamples found in the test cases. Properties are specified with XQuery Boolean functions, and the testing tool has been implemented in XQuery. Additionally, an XQuery path validation tool is presented. This tool is able to detect wrong paths in XQuery expressions. The path validation tool takes as input an XML schema, and it reports those paths on the XQuery program that do not match the XML schema. The path validation tool is a complement to the testing tool rejecting XQuery programs that do not conform to the XML schema. The path validation tool has been also implemented in XQuery. Finally, a web tool has been developed enabling to test and validate XQuery programs.     

Java自动化基本路径测试研究

针对Java单元测试自动化程度和测试效率较低的问题,对基于Java程序的基本路径测试方法进行研究,提出了基于Java代码的基本路径生成方法和程序插桩方法,给出了插桩节点和控制流图节点的定义。首先,通过对Java源代码进行分析,构建程序的控制流图,进而对控制流图进行遍历生成基本路径集合;然后,对被测程序进行插桩,以获取程序的执行路径,插桩过程中保持节点和基本路径中的节点一致,使得插桩后的被测程序执行时得到的路径能够和基本路径集合进行自动化比对;最后,通过以测试数据为输入执行被测程序,对执行路径和基本路径进行比较,判断测试数据集对基本路径的覆盖度。通过实验,验证了所提出方法的有效性。     

C++程序中异常处理的分析与测试技术研究

异常处理机制是一种运行时错误通知机制，将程序的正常控制代码和错误处理代码分离．然而异常机制的引入使得程序控制信息变得更为复杂；且开发人员一般难以熟练使用它，导致程序中会潜伏许多异常错误．扩展已有的显式异常分析技术，对隐式异常也进行了全面的分析并提出了过程间（内）控制流图的构造方法，并以此为基础给出了一个C＋＋程序健壮性改进模型．同时还提出了针对异常的两种动态测试策略：基于约束求解的异常测试策略和统计结构性异常测试策略．最后实现了一个初步的异常分析与测试原型工具并进行了初步实验分析，其结果表明本文提出的分析与测试方法对程序质量有较大程度的提高．     

SymFuzz:一种复杂路径条件下的漏洞检测技术

当前漏洞检测技术可以实现对小规模程序的快速检测,但对大型或路径条件复杂的程序进行检测时其效率低下.为实现复杂路径条件下的漏洞快速检测,文中提出了一种复杂路径条件下的漏洞检测技术SymFuzz.SymFuzz将导向式模糊测试技术与选择符号执行技术相结合,通过导向式模糊测试技术对程序路径进行过滤,利用选择符号执行技术对可能...     

Dynamic stopping criteria for search-based test data generation for path testing

ContextEvolutionary algorithms have proved to be successful for generating test data for path coverage testing. However in this approach, the set of target paths to be covered may include some that are infeasible. It is impossible to find test data to cover those paths. Rather than searching indefinitely, or until a fixed limit of generations is reached, it would be desirable to stop searching as soon it seems likely that feasible paths have been covered and all remaining un-covered target paths are infeasible.ObjectiveThe objective is to develop criteria to halt the evolutionary test data generation process as soon as it seems not worth continuing, without compromising testing confidence level.MethodDrawing on software reliability growth models as an analogy, this paper proposes and evaluates a method for determining when it is no longer worthwhile to continue searching for test data to cover un-covered target paths. We outline the method, its key parameters, and how it can be used as the basis for different decision rules for early termination of a search. Twenty-one test programs from the SBSE path testing literature are used to evaluate the method.ResultsCompared to searching for a standard number of generations, an average of 30–75% of total computation was avoided in test programs with infeasible paths, and no feasible paths were missed due to early termination. The extra computation in programs with no infeasible paths was negligible.ConclusionsThe method is effective and efficient. It avoids the need to specify a limit on the number of generations for searching. It can help to overcome problems caused by infeasible paths in search-based test data generation for path testing.     

Comparing model-based and dynamic event-extraction based GUI testing techniques: An empirical study

Graphical user interfaces are pervasive in modern software systems, and to ensure their quality it is important to test them. Two primary classes of automated GUI testing approaches, those based on static models and those based on dynamic event-extraction, present tradeoffs in cost and effectiveness. For example, static model-based GUI testing techniques can create test cases that contain nonexecutable events, whereas dynamic event-extraction based GUI testing techniques can create larger numbers of duplicate test cases. To better understand the effects of these tradeoffs, we created a GUI testing framework that facilitates fair comparison of different GUI testing techniques, and we conducted a controlled experiment comparing representative versions of static-model based and dynamic event-extraction based testing techniques on several GUI-based Java applications. Our study reveals several cost and effectiveness tradeoffs between the techniques, with implications for research and practice.     

JCrasher: an automatic robustness tester for Java

JCrasher is an automatic robustness testing tool for Java code. JCrasher examines the type information of a set of Java classes and constructs code fragments that will create instances of different types to test the behavior of public methods under random data. JCrasher attempts to detect bugs by causing the program under test to ‘crash’, that is, to throw an undeclared runtime exception. Although in general the random testing approach has many limitations, it also has the advantage of being completely automatic: o supervision is required except for off‐line inspection of the test ases that have caused a crash. Compared to other similar commercial and research tools, JCrasher offers several novelties: it transitively analyzes methods, determines the size of each tested method's parameter‐space and selects parameter combinations and therefore test cases at random, taking into account the time allocated for testing; it defines heuristics for determining whether a Java exception should be considered as a program bug or whether the JCrasher supplied inputs have violated the code's preconditions; it includes support for efficiently undoing all the state changes introduced by previous tests; it produces test files for JUnit, a popular Java testing tool; and it can be integrated in the Eclipse IDE. Copyright © 2004 John Wiley & Sons, Ltd.     

基于分支相关性分析的不可达路径检测方法

软件测试中,不可达路径的存在会导致测试资源浪费,有效地检测程序中的不可达路径有助于节约测试资源、提高测试效率.分支相关性的存在是不可达路径产生的主要起因.因此,确定分支的相关性在不可达路径的检测中占据十分重要的地位.提出了一种利用关联分析和数据流分析确定分支相关性的方法,进而实现不可达路径的自动检测.首先,结合静态分析和动态分析,构建反映程序中各分支判断语句静态依赖关系和动态执行信息的数据集;然后,利用关联分析和数据流分析技术确定分支的相关性;最后,根据分支相关性信息检测不可达路径.基于一组基准程序和开源程序,开展不可达路径检测实验.实验结果表明,该方法能够准确地检测出程序中的不可达路径,可以有效地提高软件测试的效率.     

Data Generation for Path Testing

We present two stochastic search algorithms for generating test cases that execute specified paths in a program. The two algorithms are: a simulated annealing algorithm (SA), and a genetic algorithm (GA). These algorithms are based on an optimization formulation of the path testing problem which include both integer- and real-value test cases. We empirically compare the SA and GA algorithms with each other and with a hill-climbing algorithm, Korel's algorithm (KA), for integer-value-input subject programs and compare SA and GA with each other on real-value subject programs. Our empirical work uses several subject programs with a number of paths. The results show that: (a) SA and GA are superior to KA in the number of executed paths, (b) SA tends to perform slightly better than GA in terms of the number of executed paths, and (c) GA is faster than SA; however, KA, when it succeeds in finding the solution, is the fastest.