<scp>iBiR</scp>
            : Bug-report-driven Fault Injection

Khanfir, Ahmed; Koyuncu, Anil; Papadakis, Mike; Cordy, Maxime; Bissyandé, Tegawendé F.; Klein, Jacques; Traon, Yves Le

doi:10.1145/3542946

Cited by 9 publications

(10 citation statements)

References 75 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Their results are promising, however, the fact that these techniques depend on the availability of numerous, diverse, comprehensive and untangled fix commits [27] of not coupled faults [43], which is often hard to fulfil in practice, may hinder their performance. Acknowledging for the injection location [13], [42], Khanfir et al [32] combined the usage of information retrieved from bug reports with inverted automated-program-repair patterns to replicate real faults fixable by the original fix-patterns. Their results showed that they can generate faults that mimic real ones, however, their approach remains dependent and limited to the presence of good bug reports.…”

Section: Related Workmentioning

confidence: 99%

“…Similarly, Mirshokraie et al [41] compute complexity metrics from program executions to extract loca-tions with good observability to mutate. Other approaches restrict the fault injection on specific locations of the program, such as the code impacted by the last commits [38], [58] for better usability in continuous integration, or targeting locations related to a given bug-report [32] to target a specific feature or behaviour, etc. More recent advances have resulted in powerful techniques for cost-effectively selecting mutants, i.e., by avoiding the analysis of redundant mutants (basically, equivalent and subsumed ones) [24], [25], [28].…”

Section: Related Workmentioning

confidence: 99%

“…Recent research [32] has shown that some real faults are only captured by using complex patterns, i.e. patterns that require more than one token mutation.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Efficient Mutation Testing via Pre-Trained Language Models

Khanfir¹,

Degiovanni²,

Papadakis³

et al. 2023

Preprint

View full text Add to dashboard Cite

Mutation testing is an established fault-based testing technique. It operates by seeding faults into the programs under test and asking developers to write tests that reveal these faults. These tests have the potential to reveal a large number of faults -those that couple with the seeded ones -and thus are deemed important. To this end, mutation testing should seed faults that are both "natural" in a sense easily understood by developers and strong (have high chances to reveal faults). To achieve this we propose using pre-trained generative language models (i.e. CodeBERT) that have the ability to produce developer-like code that operates similarly, but not exactly, as the target code. This means that the models have the ability to seed natural faults, thereby offering opportunities to perform mutation testing. We realise this idea by implementing µBERT, a mutation testing technique that performs mutation testing using CodeBert and empirically evaluated it using 689 faulty program versions. Our results show that the fault revelation ability of µBERT is higher than that of a state-of-the-art mutation testing (PiTest), yielding tests that have up to 17% higher fault detection potential than that of PiTest. Moreover, we observe that µBERT can complement PiTest, being able to detect 47 bugs missed by PiTest, while at the same time, PiTest can find 13 bugs missed by µBERT.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Efficient Mutation Testing via Pre-Trained Language Models

Khanfir¹,

Degiovanni²,

Papadakis³

et al. 2023

Preprint

View full text Add to dashboard Cite

show abstract

“…The vulnerability intent is predefined rather than learnt as INT-JECT does. In contrast, IBIR exploits bug reports to identify source code locations to be made faulty and inverts program repair fixes to inject faults [13]. Notably, both BUG-INJECTOR and IBIR do not specifically target vulnerabilities.…”

Section: Limitations Of the State-of-the-artmentioning

confidence: 99%

IntJect: Vulnerability Intent Bug Seeding

Petit

Khanfir

Soremekun

et al. 2022

2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)

Self Cite

View full text Add to dashboard Cite

Studying and exposing software vulnerabilities is important to ensure software security, safety, and reliability. Software engineers often inject vulnerabilities into their programs to test the reliability of their test suites, vulnerability detectors, and security measures. However, state-of-the-art vulnerability injection methods only capture code syntax/patterns, they do not learn the intent of the vulnerability and are limited to the syntax of the original dataset. To address this challenge, we propose the first intent-based vulnerability injection method that learns both the program syntax and vulnerability intent. Our approach applies a combination of NLP methods and semantic-preserving program mutations (at the bytecode level) to inject code vulnerabilities. Given a dataset of known vulnerabilities (containing benign and vulnerable code pairs), our approach proceeds by employing semantic-preserving program mutations to transform the existing dataset to semantically similar code. Then, it learns the intent of the vulnerability via neural machine translation (Seq2Seq) models. The key insight is to employ Seq2Seq to learn the intent (context) of the vulnerable code in a manner that is agnostic of the specific program instance. We evaluate the performance of our approach using 1275 vulnerabilities belonging to five (5) CWEs from the Juliet test suite. We examine the effectiveness of our approach in producing compilable and vulnerable code. Our results show that INTJECT is effective, almost all (99%) of the code produced by our approach is vulnerable and compilable. We also demonstrate that the vulnerable programs generated by INTJECT are semantically similar to the withheld original vulnerable code. Finally, we show that our mutation-based data transformation approach outperforms its alternatives, namely data obfuscation and using the original data.

show abstract

“…Most approaches inject faults based on predefined syntactic transformation rules (aka mutation operators) [6], [18], such as replacing an instance of a relational operator with another operator, e.g., replacing > with >=. Other approaches aim at injecting faults by either following fault patterns created or learned from recurrent fault instances [29], [51], [48] or by employing code pretrained language models [19]. These approaches have been implemented and made openly available as tools, serving the main purposes of mutation testing -tests assessment and guidance criterion.…”

Section: Introductionmentioning

confidence: 99%

On Comparing Mutation Testing Tools through Learning-based Mutant Selection

Ojdanić

Khanfir

Garg

et al. 2023

2023 IEEE/ACM International Conference on Automation of Software Test (AST)

View full text Add to dashboard Cite

Recently many mutation testing tools have been proposed that rely on bug-fix patterns and natural language models trained on large code corpus. As these tools operate fundamentally differently from the grammar-based traditional approaches, a question arises of how these tools compare in terms of 1) fault detection and 2) cost-effectiveness. Simultaneously, mutation testing research proposes mutant selection approaches based on machine learning to mitigate its application cost. This raises another question: How do the existing mutation testing tools compare when guided by mutant selection approaches? To answer these questions, we compare four existing tools -μBERT (uses pre-trained language model for fault seeding), IBIR (relies on inverted fix-patterns), DeepMutation (generates mutants by employing Neural Machine Translation) and PIT (applies standard grammar-based rules) in terms of fault detection capability and cost-effectiveness, in conjunction with standard and deep learning based mutant selection strategies. Our results show that IBIR has the highest fault detection capability among the four tools; however, it is not the most cost-effective when considering different selection strategies. On the other hand, μBERT having a relatively lower fault detection capability, is the most cost-effective among the four tools. Our results also indicate that comparing mutation testing tools when using deep learning-based mutant selection strategies can lead to different conclusions than the standard mutant selection. For instance, our results demonstrate that combining μBERT with deep learningbased mutant selection yields 12% higher fault detection than the considered tools.

show abstract

iBiR : Bug-report-driven Fault Injection

Cited by 9 publications

References 75 publications

Efficient Mutation Testing via Pre-Trained Language Models

Efficient Mutation Testing via Pre-Trained Language Models

IntJect: Vulnerability Intent Bug Seeding

On Comparing Mutation Testing Tools through Learning-based Mutant Selection

Contact Info

Product

Resources

About