TY - GEN
T1 - Spectrum-Base Fault Localization by Exploiting the Failure Path
AU - Lu, Han Lin
AU - Gao, Ruizhi
AU - Huang, Shih-Kun
AU - Wong, W. Eric
PY - 2017/2/16
Y1 - 2017/2/16
N2 - Software security is crucial in every aspect of information technology. As today's software has become larger and more complex than ever before, software fault localization has become more time consuming and labor intensive accordingly. Consequently, a broad spectrum of software fault localization techniques are proposed and implemented. However, most of these techniques assume the existence of a test suite to enable their execution traces and results to be used in locating program bugs. However, this is not always true in practice. After the release of software, programmers begin debugging immediately after one failure is detected. Only the test case that results in the failure is available for programmers. In such a situation, fault localization techniques, which require multiple failed and successful test cases, cannot be applied. Hence, in this paper, we propose an innovative fault localization framework, CRAXfault, based on single-path concolic execution, which exploits the execution path of one failed test case to automatically generate numerous test cases that are then used in a fault localization technique (e.g., Tarantula, Ochiai, Crosstab, and DStar). CRAXfault is evaluated across 15 real-life programs. The results demonstrate a remarkable effectiveness of CRAXfault in the number of statements that must be examined before the first faulty statement for a given bug is identified and acceptable efficiency in the time cost for generating test cases.
AB - Software security is crucial in every aspect of information technology. As today's software has become larger and more complex than ever before, software fault localization has become more time consuming and labor intensive accordingly. Consequently, a broad spectrum of software fault localization techniques are proposed and implemented. However, most of these techniques assume the existence of a test suite to enable their execution traces and results to be used in locating program bugs. However, this is not always true in practice. After the release of software, programmers begin debugging immediately after one failure is detected. Only the test case that results in the failure is available for programmers. In such a situation, fault localization techniques, which require multiple failed and successful test cases, cannot be applied. Hence, in this paper, we propose an innovative fault localization framework, CRAXfault, based on single-path concolic execution, which exploits the execution path of one failed test case to automatically generate numerous test cases that are then used in a fault localization technique (e.g., Tarantula, Ochiai, Crosstab, and DStar). CRAXfault is evaluated across 15 real-life programs. The results demonstrate a remarkable effectiveness of CRAXfault in the number of statements that must be examined before the first faulty statement for a given bug is identified and acceptable efficiency in the time cost for generating test cases.
KW - Test case generation
KW - failure exploitation
KW - fault localization
KW - single-path concolic execution
UR - http://www.scopus.com/inward/record.url?scp=85015288194&partnerID=8YFLogxK
U2 - 10.1109/ICS.2016.0058
DO - 10.1109/ICS.2016.0058
M3 - Conference contribution
AN - SCOPUS:85015288194
T3 - Proceedings - 2016 International Computer Symposium, ICS 2016
SP - 252
EP - 257
BT - Proceedings - 2016 International Computer Symposium, ICS 2016
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2016 International Computer Symposium, ICS 2016
Y2 - 15 December 2016 through 17 December 2016
ER -