Toward Using Fuzzers and Lightweight Specifications to Reveal Semantic Bugs.

Abstract: Although fuzzers have been successful in revealing semantic bugs that lead to crashes, they do not reveal semantic bugs that do not lead to crashes. Furthermore, the inputs that lead to crashes may be invalid and invalid inputs do not reveal semantic bugs at all, since they are outside the program's intended input domain. On the other hand, runtime assertion checking (RAC) may be used for revealing semantic bugs, although it needs input test data that can trigger these bugs.In this idea paper, we propose the i… Show more