ISSTA 2019
Mon 15 - Fri 19 July 2019 Beijing, China
Wed 17 Jul 2019 17:00 - 17:10 at Grand Ballroom - ISSTA Tool Demonstrations

We present JQF, a platform for performing coverage-guided fuzz testing in Java. JQF is designed both for practitioners, who wish to find bugs in Java programs, as well as for researchers, who wish to implement new fuzzing algorithms. Practitioners write QuickCheck-style test methods that take inputs as formal parameters. JQF instruments the test program’s bytecode and continuously executes tests using inputs that are generated in a coverage-guided fuzzing loop. JQF’s input-generation mechanism is extensible. Researchers can implement custom fuzzing algorithms by extending JQF’s Guidance interface. A Guidance instance responds to code coverage events generated during the execution of a test case, such as function calls and conditional jumps, and provides the next input. We describe several guidances that currently ship with JQF, such as: semantic fuzzing with Zest, binary fuzzing with AFL, and complexity fuzzing with PerfFuzz. JQF is a mature tool that is open-source and publicly available. At the time of writing, JQF has been successful in discovering 42 previously unknown bugs in widely used open-source software such as OpenJDK, Apache Commons, and the Google Closure Compiler.

Wed 17 Jul

Displayed time zone: Beijing, Chongqing, Hong Kong, Urumqi change

16:00 - 17:30
ISSTA Tool DemonstrationsTool Demonstration at Grand Ballroom
16:00
10m
Talk
Go-Clone: Graph-Embedding Based Clone Detector for Golang
Tool Demonstration
Cong Wang Tsinghua University, Jian Gao School of Software, Tsinghua University, Yu Jiang , Zhenchang Xing Australia National University, Huafeng Zhang , Weiliang Ying , Ming Gu Tsinghua University, Jiaguang Sun
16:10
10m
Talk
VFQL: Combinational Static Analysis as Query Language
Tool Demonstration
Guang Chen , Yuexing Wang , Min Zhou Tsinghua University, Jiaguang Sun
16:20
10m
Talk
VBSAC: A Value-Based Static Analyzer for C
Tool Demonstration
Li Chi Tsinghua University, Min Zhou Tsinghua University, Zuxing Gu School of Software, Tsinghua University, Guang Chen , Yuexing Wang , Jiecheng Wu Tsinghua University, Ming Gu Tsinghua University
16:30
10m
Talk
SAFEVM: A Safety Verifier for Ethereum Smart Contracts
Tool Demonstration
16:40
10m
Talk
CoCoTest: Collaborative Crowdsourced Testing for Android Applications
Tool Demonstration
Haoyu Li , Chunrong Fang , Zhibin Wei , Zhenyu Chen Nanjing University
16:50
10m
Talk
Androlic: An Extensible Flow, Context, Object, Field, and Path-Sensitive Static Analysis Framework for Android
Tool Demonstration
Linjie Pan Institute of Software, Chinese Academy of Sciences, Baoquan Cui , Jiwei Yan Institute of Software, Chinese Academy of Sciences, Xutong Ma , Jun Yan Institute of Software, Chinese Academy of Sciences, Jian Zhang Beihang University
17:00
10m
Talk
JQF: Coverage-guided Property-based Testing in Java
Tool Demonstration
Rohan Padhye University of California, Berkeley, Caroline Lemieux University of California, Berkeley, Koushik Sen University of California, Berkeley
17:10
10m
Talk
Ukwikora: Continuous inspection for Keyword-Driven Testing
Tool Demonstration
Renaud Rwemalika , Marinos Kintis , Mike Papadakis University of Luxembourg, Yves Le Traon University of Luxembourg, Pierre Lorrach
17:20
10m
Talk
CTRAS: A Tool for Aggregating and Summarizing Crowdsourced Test Reports
Tool Demonstration
Yuying Li State Key Laboratory for Novel Software Technology, Nanjing University, Rui Hao Nanjing University, China, Yang Feng University of California, Irvine, James Jones University of California, Irvine, Xiaofang Zhang , Zhenyu Chen Nanjing University