Read on Twitter
After oracles for memory-safety, what's next?
- generic correctness prop.
- dataflow based properties
- "unusually large" resource consumptions
* Program-specific vs generic oracles
* One input (e.g., crash) vs distribution (e.g. performance)
* Ref implementation(s)
#Dagstuhl
- generic correctness prop.
- dataflow based properties
- "unusually large" resource consumptions
* Program-specific vs generic oracles
* One input (e.g., crash) vs distribution (e.g. performance)
* Ref implementation(s)
#Dagstuhl
- Human artifacts (documentation) as oracles.
- How to infer oracles, e.g. from JavaDoc comments? What about false pos? Consider them as signal for user.
- Oracle problem impacts how good deduplication works.
- Metamorphic testing. Explore in other domains, e.g. perf. testing!
- How to infer oracles, e.g. from JavaDoc comments? What about false pos? Consider them as signal for user.
- Oracle problem impacts how good deduplication works.
- Metamorphic testing. Explore in other domains, e.g. perf. testing!
- Mine assertions and use them in a fuzzer feedback loop
- Assertions are the best way to build oracles into the code
- hyperproperties are free oracles (differential testing)
- ML to detect vuln patterns. Use as oracles
- Bugs as deviant behavior (Dawson)
- Assertions are the best way to build oracles into the code
- hyperproperties are free oracles (differential testing)
- ML to detect vuln patterns. Use as oracles
- Bugs as deviant behavior (Dawson)
- User as oracle. Testing in production
- HITL approaches to learn automated oracle from human
- HITL approaches to learn automated oracle from human
From industry: Assertions are indeed important and useful in different teams. The observation that they are ignored may only be a problem in *some* OSS projects.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
