Skip to main content
Springer Nature Link
Log in

Using a bounded model checker for test generation: How to kill two birds with one SMT solver

  • Published:
Automatic Control and Computer Sciences Aims and scope Submit manuscript

Abstract

Automated test generation has received a lot of attention in recent decades, because it is one possible solution to the problems inherent to software testing: the need to write tests in the first place and providing test coverage for the human factor. De facto the most promising technique to automatically generate a test is dynamic symbolic execution assisted by an automated constraint solver, e.g., an SMT solver. This process is very similar to bounded model checking, which also deals with generating models from source code, asserting logic properties in it, and processing the returned model. This paper describes a prototype unit test generator for C based on a working bounded model checker called Borealis and shows that these two techniques are very similar and can be easily implemented using the same basic components. The prototype test generator has been evaluated on a number of examples and has shown good results in terms of test coverage and test excessiveness.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Akhin, M., Belyaev, M., and Itsykson, V., Yet another defect detection: Combining bounded model checking and code contracts, PSSV'13, 2013, p. 1–11.

    Google Scholar 

  2. Armando, A., Mantovani, J., and Platania, L., Bounded model checking of software using SMT solvers instead of SAT solvers, Int. J. Software Tools Technol. Transf., 2009, no. 11(1), pp. 69–83.

    Article  Google Scholar 

  3. Baudin, P., Filliatre, J.C., Hubert, T., Marche, C., Monate, B., Moy, Y., and Prevosto, V., ACSL: ANSI/ISO C Specification Language. Preliminary Design, version 1.4, 2008, preliminary edition, 2008.

    Google Scholar 

  4. Beck, K., Test-driven development: By example, Addison-Wesley Professional, 2003.

    Google Scholar 

  5. Beizer, B., Software testing techniques, Dreamtech Press, 2003.

    Google Scholar 

  6. Beyer, D., Competition on software verification, TACAS'12, 2012, p. 504–524.

    Google Scholar 

  7. Biere, A., Cimatti, A., Clarke, E.M., and Zhu, Yu., Symbolic model checking without BDDs, TACAS'9, 1999, p. 193–207.

    Google Scholar 

  8. Clarke, E., Kroening, D., and Lerda, F., A tool for checking ANSI-C programs, TACAS'04, 2004, p. 168–176.

    Google Scholar 

  9. Cohen, D.M., Dalal, S.R., Parelius, J., and Patton, G.C., The combinatorial design approach to automatic test generation, IEEE software, 1996, 13(5), pp. 83–88.

    Article  Google Scholar 

  10. Cordeiro, L., Fischer, B., and Marques-Silva, J., SMT-based bounded model checking for embedded ANSI-C software, ASE'09, 2009, p. 137–148.

    Google Scholar 

  11. de Moura, L. and Bjrner, N., Z3: An Efficient SMT Solver, 2008, p. 337–340.

    Google Scholar 

  12. DeMilli, R.A. and Offutt, A.J., Constraint-based automatic test data generation, IEEE Trans. Software Eng., 1991, no. 17(9), pp. 900–910.

    Article  Google Scholar 

  13. Godefroid, P., Klarlund, N., and Sen, K., DART: Directed automated random testing, ACM Sigplan Notices. ACM, 2005, vol. 40. pp. 213–223.

    Article  Google Scholar 

  14. Hamlet, R., Random testing, Encyclopedia of Software Engineering, 1994.

    Google Scholar 

  15. Ivančicć, F. and Sankaranarayanan, S, NECLA Static Analysis Benchmarks.

  16. Kumar, A. and Clair, J.St., CUnit. A unit testing framework for C. http://cunit.sourceforge.net/doc/index.html

  17. Lattner, C., LLVM and Clang: Next generation compiler technology, The BSD Conference, 2008.

    Google Scholar 

  18. Lattner, C. and Adve, V., LLVM: A compilation framework for lifelong program analysis and transformation, CGO'04, 2004, p. 75–86.

    Google Scholar 

  19. Merz, F., Falke, S., and Sinz, C., LLBMC: Bounded model checking of C and C++ programs using a compiler IR, VSTTE'12, 2012, p. 146–161.

    Google Scholar 

  20. Bertrand, M., Applying ‘design by contract’, Computer, 1992, no. 25(10), pp. 40–51.

    Article  MathSciNet  Google Scholar 

  21. Myers, G.J., Sandler, C., and Badgett, T., The Art of Software Testing, John Wiley & Sons, 2011.

    Google Scholar 

  22. Nebut, C., Fleurey, F., le Traon, Y., and Jezequel, J.-M., Automatic test generation: A use case driven approach, IEEE Trans. Software Eng., 2006, no. 32(3), pp. 140–155.

    Article  Google Scholar 

  23. Pacheco, C., Lahiri, Sh.K., Ernst, M.D., and Ball, Th., Feedback-directed random test generation, ICSE 2007, 2007, p. 75–84.

    Google Scholar 

  24. Sen, K., Marinov, D., and Agha, G., CUTE: A concolic unit testing engine for C, ACM, 2005, vol. 30.

    Google Scholar 

  25. Tillmann, N. and de Halleux, J., Pex-white box test generation for. Net, in Tests and Proofs, Springer, 2008, p. 134–153.

    Chapter  Google Scholar 

  26. Xie, T., Tillmann, N., de Halleux, J., and Schulte, W., Fitness-guided path exploration in dynamic symbolic execution, IEEE, 2009, p. 359–368.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. St. Petersburg State Polytechnical University, ul. Politekhnicheskaya 29, St. Petersburg, 195251, Russia

    M. Petrov, K. Gagarski, M. Belyaev & V. Itsykson

Authors
  1. M. Petrov
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. K. Gagarski
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. M. Belyaev
    View author publications

    You can also search for this author inPubMed Google Scholar

  4. V. Itsykson
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to M. Petrov.

Additional information

Original Russian Text © M. Petrov, K. Gagarski, M. Belyaev, V. Itsykson, 2014, published in Modelirovanie i Analiz Informatsionnykh Sistem, 2014, No. 6, pp. 83–93.

The article was translated by the authors.

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Petrov, M., Gagarski, K., Belyaev, M. et al. Using a bounded model checker for test generation: How to kill two birds with one SMT solver. Aut. Control Comp. Sci. 49, 466–472 (2015). https://doi.org/10.3103/S0146411615070172

Download citation

  • Received:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S0146411615070172

Keywords