ICST 2024
Mon 27 - Fri 31 May 2024 Canada
Thu 30 May 2024 11:20 - 11:40 at Room 2 & 3 - Mutation Testing and Test Prioritizaiton Chair(s): Facundo Molina

With the release of powerful language models trained on large code corpus (e.g., CodeBERT, trained on 6.4 million programs), a new family of mutation testing tools has arisen that promises to generate more “natural” mutants, where the mutated code aims at following the implicit rules and coding conventions produced by programmers. In this paper, we empirically study the observable behavior of CodeBERT-generated mutants and to what extent are these coupled with software vulnerabilities. To do so, we carefully analyze 45 reproducible vulnerabilities from the Vul4J dataset to determine whether the mutants and vulnerabilities fail the same tests and whether the failures are for the same reasons or not. Hence, we define different degrees of vulnerability-coupling classes. Strongly coupled mutants fail the same tests for the same reasons as the vulnerabilities, while test coupled mutants fail the same tests but for some different reason as the vulnerabilities. Partial coupling classes are also considered. Overall, CodeBERT-generated mutants strongly coupled with 32 out of these 45 vulnerabilities (i.e. the mutants fail on the same tests for the same reasons), while another 7 vulnerabilities are test-coupled by CodeBERT mutants (i.e. the mutants fail on the same tests but not for the same reasons). Interestingly, CodeBERT mutants are diverse enough to couple vulnerabilities from 14 out of the 15 types of vulnerabilities explored, i.e., CWEs (Common Weakness Enumeration). Finally, we observe that strongly coupled mutants are scarce (1.17% of the killable mutants), test coupled mutants represent 7.2%, and 64.9% of the killable mutants are not coupled with the vulnerabilities.

Thu 30 May

Displayed time zone: Eastern Time (US & Canada) change

11:00 - 12:40
Mutation Testing and Test PrioritizaitonResearch Papers / Journal-First Papers / Industry at Room 2 & 3
Chair(s): Facundo Molina IMDEA Software Institute
11:00
20m
Industry talk
Towards Mutation-guided Test Suites for Smart Contracts
Industry
Pre-print
11:20
20m
Research paper
On the Coupling between Vulnerabilities and LLM-generated Mutants: A Study on Vul4J dataset
Research Papers
Aayush Garg Luxembourg Institute of Science and Technology, Renzo Degiovanni Luxembourg Institute of Science and Technology, Mike Papadakis University of Luxembourg, Yves Le Traon University of Luxembourg, Luxembourg
Pre-print
11:40
20m
Long-paper
Mutation Testing Optimisations using the Clang Front-end
Journal-First Papers
Sten Vercammen , Serge Demeyer University of Antwerp; Flanders Make, Markus Borg CodeScene, Niklas Pettersson , Görel Hedin Lund University
12:00
20m
Research paper
MACS: Multi-agent Adversarial Reinforcement Learning for Finding Diverse Critical Driving Scenarios
Research Papers
Shuting Kang University of Chinese Academy of Sciences, Qian Dong Institute of Software Chinese Academy of Sciences, Yunzhi Xue Institute of Software Chinese Academy of Sciences, Yanjun Wu Institute of Software, Chinese Academy of Sciences
12:20
20m
Long-paper
Lessons learned from replicating a study on information-retrieval-based test case prioritization
Journal-First Papers
Nasir Mehmood Minhas Mälardalen University, Mohsin Irshad , Kai Petersen University of Applied Sciences Flensburg, Germany / Blekinge Institute of Technology, Sweden, Jürgen Börstler Blekinge Institute of Technology