Sound and Complete Concolic Testing for Higher-order Functions

Shu Hung You; Robert Bruce Findler; Christos Dimoulas

doi:10.1007/978-3-030-72019-3_23

Sound and Complete Concolic Testing for Higher-order Functions

Shu Hung You^*, Robert Bruce Findler, Christos Dimoulas

^*Corresponding author for this work

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Scopus citations

Abstract

Higher-order functions have become a staple of modern programming languages. However, such values stymie concolic testers, as the SMT solvers at their hearts are inherently first-order. This paper lays a formal foundations for concolic testing higher-order functional programs. Three ideas enable our results: (i) our tester considers only program inputs in a canonical form; (ii) it collects novel constraints from the evaluation of the canonical inputs to search the space of inputs with partial help from an SMT solver and (iii) it collects constraints from canonical inputs even when they are arguments to concretized calls. We prove that (i) concolic evaluation is sound with respect to concrete evaluation; (ii) modulo concretization and SMT solver incompleteness, the search for a counter-example succeeds if a user program has a bug and (iii) this search amounts to directed evolution of inputs targeting hard-to-reach corners of the program.

Original language	English (US)
Title of host publication	Programming Languages and Systems - 30th European Symposium on Programming, ESOP 2021 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2021, Proceedings
Editors	Nobuko Yoshida
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	635-663
Number of pages	29
ISBN (Print)	9783030720186
DOIs	https://doi.org/10.1007/978-3-030-72019-3_23
State	Published - 2021
Event	30th European Symposium on Programming, ESOP 2021 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2021 - Luxembourg, Luxembourg Duration: Mar 27 2021 → Apr 1 2021

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	12648 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	30th European Symposium on Programming, ESOP 2021 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2021
Country/Territory	Luxembourg
City	Luxembourg
Period	3/27/21 → 4/1/21

Funding

We appreciate Phúc C. Nguyễn, Sam Tobin-Hochstadt, David Van Horn, Aggelos Giantsios, Nikolaos Papaspyrou and Konstantinos Sagonas for explaining the details of their work and being an inspiration for ours. We thank Spencer P. Florence, Lukas Lazarek, Wung Jae Lee, Alex Owens, Peter Zhong, and the anonymous reviewers of their thoughtful feedback on earlier versions of this paper. This material is based upon work supported by the National Science Foundation under Grant No. CNS-1823244. Acknowledgments This work was supported by ERC Consolidator Grant Skye (grant number 682315), and by an ISCF Metrology Fellowship grant provided by the UK government’s Department for Business, Energy and Industrial Strategy (BEIS). We are grateful to Simon Fowler for feedback and to anonymous reviewers for constructive comments.

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-030-72019-3_23

Cite this

You, S. H., Findler, R. B., & Dimoulas, C. (2021). Sound and Complete Concolic Testing for Higher-order Functions. In N. Yoshida (Ed.), Programming Languages and Systems - 30th European Symposium on Programming, ESOP 2021 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2021, Proceedings (pp. 635-663). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12648 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-72019-3_23

You, Shu Hung ; Findler, Robert Bruce ; Dimoulas, Christos. / Sound and Complete Concolic Testing for Higher-order Functions. Programming Languages and Systems - 30th European Symposium on Programming, ESOP 2021 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2021, Proceedings. editor / Nobuko Yoshida. Springer Science and Business Media Deutschland GmbH, 2021. pp. 635-663 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{bf3c15a55f6b4cf28d82d0370f856b6c,

title = "Sound and Complete Concolic Testing for Higher-order Functions",

abstract = "Higher-order functions have become a staple of modern programming languages. However, such values stymie concolic testers, as the SMT solvers at their hearts are inherently first-order. This paper lays a formal foundations for concolic testing higher-order functional programs. Three ideas enable our results: (i) our tester considers only program inputs in a canonical form; (ii) it collects novel constraints from the evaluation of the canonical inputs to search the space of inputs with partial help from an SMT solver and (iii) it collects constraints from canonical inputs even when they are arguments to concretized calls. We prove that (i) concolic evaluation is sound with respect to concrete evaluation; (ii) modulo concretization and SMT solver incompleteness, the search for a counter-example succeeds if a user program has a bug and (iii) this search amounts to directed evolution of inputs targeting hard-to-reach corners of the program.",

author = "You, {Shu Hung} and Findler, {Robert Bruce} and Christos Dimoulas",

note = "Publisher Copyright: {\textcopyright} 2021, The Author(s).; 30th European Symposium on Programming, ESOP 2021 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2021 ; Conference date: 27-03-2021 Through 01-04-2021",

year = "2021",

doi = "10.1007/978-3-030-72019-3_23",

language = "English (US)",

isbn = "9783030720186",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "635--663",

editor = "Nobuko Yoshida",

booktitle = "Programming Languages and Systems - 30th European Symposium on Programming, ESOP 2021 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2021, Proceedings",

address = "Germany",

}

You, SH, Findler, RB & Dimoulas, C 2021, Sound and Complete Concolic Testing for Higher-order Functions. in N Yoshida (ed.), Programming Languages and Systems - 30th European Symposium on Programming, ESOP 2021 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2021, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 12648 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 635-663, 30th European Symposium on Programming, ESOP 2021 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2021, Luxembourg, Luxembourg, 3/27/21. https://doi.org/10.1007/978-3-030-72019-3_23

Sound and Complete Concolic Testing for Higher-order Functions. / You, Shu Hung; Findler, Robert Bruce ; Dimoulas, Christos.
Programming Languages and Systems - 30th European Symposium on Programming, ESOP 2021 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2021, Proceedings. ed. / Nobuko Yoshida. Springer Science and Business Media Deutschland GmbH, 2021. p. 635-663 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12648 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Sound and Complete Concolic Testing for Higher-order Functions

AU - You, Shu Hung

AU - Findler, Robert Bruce

AU - Dimoulas, Christos

PY - 2021

Y1 - 2021

N2 - Higher-order functions have become a staple of modern programming languages. However, such values stymie concolic testers, as the SMT solvers at their hearts are inherently first-order. This paper lays a formal foundations for concolic testing higher-order functional programs. Three ideas enable our results: (i) our tester considers only program inputs in a canonical form; (ii) it collects novel constraints from the evaluation of the canonical inputs to search the space of inputs with partial help from an SMT solver and (iii) it collects constraints from canonical inputs even when they are arguments to concretized calls. We prove that (i) concolic evaluation is sound with respect to concrete evaluation; (ii) modulo concretization and SMT solver incompleteness, the search for a counter-example succeeds if a user program has a bug and (iii) this search amounts to directed evolution of inputs targeting hard-to-reach corners of the program.

AB - Higher-order functions have become a staple of modern programming languages. However, such values stymie concolic testers, as the SMT solvers at their hearts are inherently first-order. This paper lays a formal foundations for concolic testing higher-order functional programs. Three ideas enable our results: (i) our tester considers only program inputs in a canonical form; (ii) it collects novel constraints from the evaluation of the canonical inputs to search the space of inputs with partial help from an SMT solver and (iii) it collects constraints from canonical inputs even when they are arguments to concretized calls. We prove that (i) concolic evaluation is sound with respect to concrete evaluation; (ii) modulo concretization and SMT solver incompleteness, the search for a counter-example succeeds if a user program has a bug and (iii) this search amounts to directed evolution of inputs targeting hard-to-reach corners of the program.

UR - http://www.scopus.com/inward/record.url?scp=85105001660&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85105001660&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-72019-3_23

DO - 10.1007/978-3-030-72019-3_23

M3 - Conference contribution

AN - SCOPUS:85105001660

SN - 9783030720186

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 635

EP - 663

BT - Programming Languages and Systems - 30th European Symposium on Programming, ESOP 2021 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2021, Proceedings

A2 - Yoshida, Nobuko

PB - Springer Science and Business Media Deutschland GmbH

T2 - 30th European Symposium on Programming, ESOP 2021 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2021

Y2 - 27 March 2021 through 1 April 2021

ER -

You SH, Findler RB , Dimoulas C. Sound and Complete Concolic Testing for Higher-order Functions. In Yoshida N, editor, Programming Languages and Systems - 30th European Symposium on Programming, ESOP 2021 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2021, Proceedings. Springer Science and Business Media Deutschland GmbH. 2021. p. 635-663. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-72019-3_23

Sound and Complete Concolic Testing for Higher-order Functions

Abstract

Publication series

Conference

Funding

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this