Powered by
33rd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2024),
September 16–20, 2024,
Vienna, Austria
Frontmatter
Technical Papers
Papers Round 1
FortifyPatch: Towards Tamper-Resistant Live Patching in Linux-Based Hypervisor
Zhenyu Ye,
Lei Zhou,
Fengwei Zhang,
Wenqiang Jin,
Zhenyu Ning,
Yupeng Hu, and
Zheng Qin
(Hunan University, China; National University of Defense Technology, China; Southern University of Science and Technology, China; Xinchuang Haihe Laboratory, China)
Publisher's Version
Published Artifact
Artifacts Available
Enhancing ROS System Fuzzing through Callback Tracing
Yuheng Shen,
Jianzhong Liu,
Yiru Xu,
Hao Sun,
Mingzhe Wang,
Nan Guan,
Heyuan Shi, and
Yu Jiang
(Tsinghua University, China; ETH Zurich, Switzerland; City University of Hong Kong, China; Central South University, China)
Publisher's Version
Total Recall? How Good Are Static Call Graphs Really?
Dominik Helm,
Sven Keidel,
Anemone Kampkötter,
Johannes Düsing,
Tobias Roth,
Ben Hermann, and
Mira Mezini
(TU Darmstadt, Germany; National Research Center for Applied Cybersecurity ATHENE, Germany; TU Dortmund, Germany; hessian.AI, Germany)
Publisher's Version
Published Artifact
Artifacts Available
DAppFL: Just-in-Time Fault Localization for Decentralized Applications in Web3
Zhiying Wu,
Jiajing Wu,
Hui Zhang,
Ziwei Li,
Jiachi Chen,
Zibin Zheng,
Qing Xia,
Gang Fan, and
Yi Zhen
(Sun Yat-sen University, China; Institute of Software at Chinese Academy of Sciences, China; Independent, China)
Publisher's Version
Model-less Is the Best Model: Generating Pure Code Implementations to Replace On-Device DL Models
Mingyi Zhou,
Xiang Gao,
Pei Liu,
John Grundy,
Chunyang Chen,
Xiao Chen, and
Li Li
(Monash University, Australia; Beihang University, China; CSIRO’s Data61, Australia; TU Munich, Germany; University of Newcastle, Australia)
Publisher's Version
Published Artifact
Artifacts Available
UPBEAT: Test Input Checks of Q# Quantum Libraries
Tianmin Hu,
Guixin Ye,
Zhanyong Tang,
Shin Hwei Tan,
Huanting Wang,
Meng Li, and
Zheng Wang
(Northwest University, China; Concordia University, Canada; University of Leeds, United Kingdom; Hefei University of Technology, China)
Publisher's Version
Published Artifact
Artifacts Available
Artifacts Functional
A Large-Scale Evaluation for Log Parsing Techniques: How Far Are We?
Zhihan Jiang,
Jinyang Liu,
Junjie Huang,
Yichen Li,
Yintong Huo,
Jiazhen Gu,
Zhuangbin Chen,
Jieming Zhu, and
Michael R. Lyu
(Chinese University of Hong Kong, China; Sun Yat-sen University, China; Huawei Noah’s Ark Lab, China)
Publisher's Version
Published Artifact
Artifacts Available
Artifacts Reusable
Define-Use Guided Path Exploration for Better Forced Execution
Dongnan He,
Dongchen Xie,
Yujie Wang,
Wei You,
Bin Liang,
Jianjun Huang,
Wenchang Shi,
Zhuo Zhang, and
Xiangyu Zhang
(Renmin University of China, China; Purdue University, USA)
Publisher's Version
Published Artifact
Artifacts Available
Artifacts Reusable
FT2Ra: A Fine-Tuning-Inspired Approach to Retrieval-Augmented Code Completion
Qi Guo,
Xiaohong Li,
Xiaofei Xie,
Shangqing Liu,
Ze Tang,
Ruitao Feng,
Junjie Wang,
Jidong Ge, and
Lei Bu
(Tianjin University, China; Singapore Management University, Singapore; Nanyang Technological University, Singapore; Nanjing University, China)
Publisher's Version
Graph Neural Networks for Vulnerability Detection: A Counterfactual Explanation
Zhaoyang Chu,
Yao Wan,
Qian Li,
Yang Wu,
Hongyu Zhang,
Yulei Sui,
Guandong Xu, and
Hai Jin
(Huazhong University of Science and Technology, China; Curtin University, Perth, Australia; Chongqing University, China; UNSW, Sydney, Australia; University of Technology, Sydney, Australia)
Publisher's Version
DeFort: Automatic Detection and Analysis of Price Manipulation Attacks in DeFi Applications
Maoyi Xie,
Ming Hu,
Ziqiao Kong,
Cen Zhang,
Yebo Feng,
Haijun Wang,
Yue Xue,
Hao Zhang,
Ye Liu, and
Yang Liu
(Nanyang Technological University, Singapore; Xi’an Jiaotong University, China; MetaTrust Labs, Singapore)
Publisher's Version
Info
Silent Taint-Style Vulnerability Fixes Identification
Zhongzhen Wen,
Jiayuan Zhou,
Minxue Pan,
Shaohua Wang,
Xing Hu,
Tongtong Xu,
Tian Zhang, and
Xuandong Li
(Nanjing University, China; Huawei, Waterloo, Canada; Central University of Finance and Economics, China; Zhejiang University, China; Huawei, China)
Publisher's Version
CoEdPilot: Recommending Code Edits with Learned Prior Edit Relevance, Project-wise Awareness, and Interactive Nature
Chenyan Liu,
Yufan Cai,
Yun Lin,
Yuhuan Huang,
Yunrui Pei,
Bo Jiang,
Ping Yang,
Jin Song Dong, and
Hong Mei
(Shanghai Jiao Tong University, China; National University of Singapore, Singapore; Bytedance Network Technology, Beijing, China)
Publisher's Version
Info
CLAP: Learning Transferable Binary Code Representations with Natural Language Supervision
Hao Wang,
Zeyu Gao,
Chao Zhang,
Zihan Sha,
Mingyang Sun,
Yuchen Zhou,
Wenyu Zhu,
Wenju Sun,
Han Qiu, and
Xi Xiao
(Tsinghua University, China; Information Engineering University, China; University of Electronic Science and Technology of China, China; Beijing University of Technology, China)
Publisher's Version
Papers Round 2
FDI: Attack Neural Code Generation Systems through User Feedback Channel
Zhensu Sun,
Xiaoning Du,
Xiapu Luo,
Fu Song,
David Lo, and
Li Li
(Singapore Management University, Singapore; Hong Kong Polytechnic University, Hong Kong; Monash University, Australia; Institute of Software at Chinese Academy of Sciences, China; University of Chinese Academy of Sciences, China; Nanjing Institute of Software Technology, China; Beihang University, China)
Publisher's Version
Finding Cuts in Static Analysis Graphs to Debloat Software
Christoph Blumschein,
Fabio Niephaus,
Codruţ Stancu,
Christian Wimmer,
Jens Lincke, and
Robert Hirschfeld
(Hasso Plattner Institute, Germany; University of Potsdam, Germany; Oracle Labs, Germany; Oracle Labs, Switzerland; Oracle Labs, USA)
Publisher's Version
Published Artifact
Artifacts Available
Artifacts Functional
Beyond Pairwise Testing: Advancing 3-wise Combinatorial Interaction Testing for Highly Configurable Systems
Chuan Luo,
Shuangyu Lyu,
Qiyuan Zhao,
Wei Wu,
Hongyu Zhang, and
Chunming Hu
(Beihang University, China; National University of Singapore, Singapore; Central South University, China; Xiangjiang Laboratory, China; Chongqing University, China)
Publisher's Version
Published Artifact
Artifacts Available
Artifacts Functional
VRDSynth: Synthesizing Programs for Multilingual Visually Rich Document Information Extraction
Thanh-Dat Nguyen,
Tung Do-Viet,
Hung Nguyen-Duy,
Tuan-Hai Luu,
Hung Le,
Bach Le, and
Patanamon Thongtanunam
(University of Melbourne, Australia; Cinnamon AI, Vietnam; Independent Researcher, Vietnam; Deakin University, Australia)
Publisher's Version
Published Artifact
Info
Artifacts Available
Artifacts Functional
Synthesis-Based Enhancement for GUI Test Case Migration
Yakun Zhang,
Qihao Zhu,
Jiwei Yan,
Chen Liu,
Wenjie Zhang,
Yifan Zhao,
Dan Hao, and
Lu Zhang
(Peking University, China; DeepSeek-AI, China; Institute of Software at Chinese Academy of Sciences, China)
Publisher's Version
CREF: An LLM-Based Conversational Software Repair Framework for Programming Tutors
Boyang Yang,
Haoye Tian,
Weiguo Pian,
Haoran Yu,
Haitao Wang,
Jacques Klein,
Tegawendé F. Bissyandé, and
Shunfu Jin
(Yanshan University, China; Beijing JudaoYouda Network Technology, China; University of Melbourne, Australia; University of Luxembourg, Luxembourg)
Publisher's Version
Interpretability Based Neural Network Repair
Zuohui Chen,
Jun Zhou,
Youcheng Sun,
Jingyi Wang,
Qi Xuan, and
Xiaoniu Yang
(Zhejiang University of Technology, China; Binjiang Institute of Artificial Intelligence, China; University of Manchester, United Kingdom; Zhejiang University, China; National Key Laboratory of Electromagnetic Space Security, China)
Publisher's Version
DeLink: Source File Information Recovery in Binaries
Zhe Lang,
Zhengzi Xu,
Xiaohui Chen,
Shichao Lv,
Zhanwei Song,
Zhiqiang Shi, and
Limin Sun
(Institute of Information Engineering at Chinese Academy of Sciences, China; University of Chinese Academy of Sciences, China; Nanyang Technological University, Singapore; Imperial Global Singapore, Singapore; China Mobile Research Institute, China)
Publisher's Version
Feedback-Driven Automated Whole Bug Report Reproduction for Android Apps
Dingbang Wang,
Yu Zhao,
Sidong Feng,
Zhaoxu Zhang,
William G. J. Halfond,
Chunyang Chen,
Xiaoxia Sun,
Jiangfan Shi, and
Tingting Yu
(University of Connecticut, USA; University of Cincinnati, USA; Monash University, Australia; University of Southern California, USA; TU Munich, Germany; China Mobile (Suzhou) Software Technology, China; Zhejiang University, China)
Publisher's Version
When to Stop? Towards Efficient Code Generation in LLMs with Excess Token Prevention
Lianghong Guo,
Yanlin Wang,
Ensheng Shi,
Wanjun Zhong,
Hongyu Zhang,
Jiachi Chen,
Ruikai Zhang,
Yuchi Ma, and
Zibin Zheng
(Sun Yat-sen University, China; Xi’an Jiaotong University, China; Chongqing University, China; Huawei Cloud Computing Technologies, China)
Publisher's Version
Info
ACM SIGSOFT Distinguished Paper Award
Tacoma: Enhanced Browser Fuzzing with Fine-Grained Semantic Alignment
Jiashui Wang,
Peng Qian,
Xilin Huang,
Xinlei Ying,
Yan Chen,
Shouling Ji,
Jianhai Chen,
Jundong Xie, and
Long Liu
(Zhejiang University, China; Ant Group, China; Northwestern University, USA)
Publisher's Version
How Effective Are They? Exploring Large Language Model Based Fuzz Driver Generation
Cen Zhang,
Yaowen Zheng,
Mingqiang Bai,
Yeting Li,
Wei Ma,
Xiaofei Xie,
Yuekang Li,
Limin Sun, and
Yang Liu
(Nanyang Technological University, Singapore; Institute of Information Engineering at Chinese Academy of Sciences, China; University of Chinese Academy of Sciences, China; Singapore Management University, Singapore; UNSW, Sydney, Australia)
Publisher's Version
Info
Bugs in Pods: Understanding Bugs in Container Runtime Systems
Jiongchi Yu,
Xiaofei Xie,
Cen Zhang,
Sen Chen,
Yuekang Li, and
Wenbo Shen
(Singapore Management University, Singapore; Nanyang Technological University, Singapore; Tianjin University, China; UNSW, Sydney, Australia; Zhejiang University, China)
Publisher's Version
Automated Data Binding Vulnerability Detection for Java Web Frameworks via Nested Property Graph
Xiaoyong Yan,
Biao He,
Wenbo Shen,
Yu Ouyang,
Kaihang Zhou,
Xingjian Zhang,
Xingyu Wang,
Yukai Cao, and
Rui Chang
(Zhejiang University, China; Ant Group, China)
Publisher's Version
Published Artifact
Artifacts Available
CoSec: On-the-Fly Security Hardening of Code LLMs via Supervised Co-decoding
Dong Li,
Meng Yan,
Yaosheng Zhang,
Zhongxin Liu,
Chao Liu,
Xiaohong Zhang,
Ting Chen, and
David Lo
(Chongqing University, China; Zhejiang University, China; University of Electronic Science and Technology of China, China; Singapore Management University, Singapore)
Publisher's Version
Interoperability in Deep Learning: A User Survey and Failure Analysis of ONNX Model Converters
Purvish Jajal,
Wenxin Jiang,
Arav Tewari,
Erik Kocinare,
Joseph Woo,
Anusha Sarraf,
Yung-Hsiang Lu,
George K. Thiruvathukal, and
James C. Davis
(Purdue University, USA; Loyola University Chicago, USA)
Publisher's Version
Published Artifact
Artifacts Available
Artifacts Functional
Practitioners’ Expectations on Automated Test Generation
Xiao Yu,
Lei Liu,
Xing Hu,
Jacky Keung,
Xin Xia, and
David Lo
(Huawei, China; Xi’an Jiaotong University, China; Zhejiang University, China; City University of Hong Kong, China; Singapore Management University, Singapore)
Publisher's Version
Empirical Study of Move Smart Contract Security: Introducing MoveScan for Enhanced Analysis
Shuwei Song,
Jiachi Chen,
Ting Chen,
Xiapu Luo,
Teng Li,
Wenwu Yang,
Leqing Wang,
Weijie Zhang,
Feng Luo,
Zheyuan He,
Yi Lu, and
Pan Li
(University of Electronic Science and Technology of China, China; Sun Yat-sen University, China; Hong Kong Polytechnic University, China; Jiangsu University of Science and Technology, China; BitsLab, Singapore; MoveBit, China)
Publisher's Version
Testing Gremlin-Based Graph Database Systems via Query Disassembling
Yingying Zheng,
Wensheng Dou,
Lei Tang,
Ziyu Cui,
Yu Gao,
Jiansen Song,
Liang Xu,
Jiaxin Zhu,
Wei Wang,
Jun Wei,
Hua Zhong, and
Tao Huang
(Institute of Software at Chinese Academy of Sciences, China; Jinling Institute of Technology, China)
Publisher's Version
Published Artifact
Artifacts Available
Logos: Log Guided Fuzzing for Protocol Implementations
Feifan Wu,
Zhengxiong Luo,
Yanyang Zhao,
Qingpeng Du,
Junze Yu,
Ruikang Peng,
Heyuan Shi, and
Yu Jiang
(Tsinghua University, China; Beijing University of Posts and Telecommunications, China; Central South University, China)
Publisher's Version
ISSTA/ECOOP Tool Demonstrations
SeeWasm: An Efficient and Fully-Functional Symbolic Execution Engine for WebAssembly Binaries
Ningyu He,
Zhehao Zhao,
Hanqin Guan,
Jikai Wang,
Shuo Peng,
Ding Li,
Haoyu Wang,
Xiangqun Chen, and
Yao Guo
(Peking University, China; Huazhong University of Science and Technology, China)
Publisher's Version
Video
Info
JCWIT: A Correctness-Witness Validator for Java Programs Based on Bounded Model Checking
Zaiyu Cheng,
Tong Wu,
Peter Schrammel,
Norbert Tihanyi,
Eddie B. de Lima Filho, and
Lucas C. Cordeiro
(University of Manchester, United Kingdom; University of Sussex, United Kingdom; Eotvos Lorand University, Hungary; TPV Technology, Brazil; Federal University of Amazonas, Manaus, Brazil)
Publisher's Version
Archive submitted (150 kB)
Video
Info
PolyTracker: Whole-Input Dynamic Information Flow Tracing
Evan Sultanik,
Marek Surovič,
Henrik Brodin,
Kelly Kaoudis,
Facundo Tuesca,
Carson Harmon,
Lisa Overall,
Joseph Sweeney, and
Bradford Larsen
(Trail of Bits, USA; Trail of Bits, Czechia; Trail of Bits, Sweden; Trail of Bits, Netherlands)
Publisher's Version
Video
Info
ISSTA/ECOOP Doctoral Symposium
Late PhD Papers
Early PhD Papers
proc time: 28.97