Efficient Computation of Parameterized Pointer Information for Interprocedural Analyses

Pointer information that is provided by many algorithms identifies a memory location using the same name throughout a program. Such pointer information is inappropriate for use in analyzing C programs because, using such information, a program analysis may propagate a large amount of spurious information across procedure boundaries. This paper presents a modular algorithm that efficiently computes parameterized pointer information in which symbolic names are introduced to identify memory locations whose addresses may be passed into a procedure. Because a symbolic name may identify different memory locations when the procedure is invoked under different callsites, using parameterized pointer information can help a program analysis reduce the spurious information that is propagated across procedure boundaries. The paper also presents a set of empirical studies, that demonstrate (a) the efficiency of the algorithm, and (b) the benefits of using parameterized pointer information over using non-parameterized pointer information in program analyses. The studies show that using parameterized pointer information may significantly improve the precision and the efficiency of many program analyses

Automated concolic testing of smartphone apps

We present an algorithm and a system for generating input events to exercise smartphone apps. Our approach is based on concolic testing and generates sequences of events automatically and systematically. It alleviates the path-explosion problem by checking a condition on program executions that identifies subsumption between different event sequences. We also describe our implementation of the approach for Android, the most popular smartphone app platform, and the results of an evaluation that demonstrates its effectiveness on five Android apps

An Informatics Framework for Testing Data Integrity and Correctness of Federated Biomedical Databases

Clinical research is increasingly relying on information gathered and managed in different database systems and institutions. Distributed data collection and management processes in such settings can be extremely complex and lead to a range of issues involving the integrity and accuracy of the distributed data. To address this challenge, we propose a middleware framework for assessing the data integrity and correctness in federated environments. The framework has two main elements: (1) a test model describing the dependencies between and constraints on data sources and datasets, and (2) a family of testing techniques that create and execute test cases based on the model

Analyzing Regression Test Selection Techniques

Regression testing is a necessary but expensive maintenance activity aimed at showing that code has not been adversely affected by changes. Regression test selection techniques reuse tests from an existing test suite to test a modified program. Many regression test selection techniques have been proposed; however, it is difficult to compare and evaluate these techniques because they have different goals. This paper outlines the issues relevant to regression test selection techniques, and uses these issues as the basis for a framework within which to evaluate the techniques. We illustrate the application of our framework by using it to evaluate existing regression test selection techniques. The evaluation reveals the strengths and weaknesses of existing techniques, and highlights some problems that future work in this area should address

Separate Computation of Alias Information fior Reuse

Interprocedural data flow information IS useful for many software testing and analysis techniques, including data flow testing, regression testing, program slicing, and impact analysis. For programs with aliases, these testing and analysis techniques can yield invalid results, unless the data flow information accounts for aliasing effects. Recent research provides algorithms for performing interprocedural data flow analysis in the presence of aliases; however, these algorithms are expensive, and achieve precise results only on complete programs. This paper presents an algorithm for performing alias analysis on incomplete programs that lets individual software components such as library routines, subroutines, or subsystems be independently analyzed. The paper also presents an algorithm for reusing the results of this separate analysis when the individual software components are linked with calling modules. Our algorithms let us analyze frequently used software components, such as library routines or classes, independently, and reuse the results of that analysis when analyzing calling programs, without incurring the expense of completely reanalyzing each calling program. Our algorithms also provide a way to analyze large systems incrementally