Merge branch 'master' of https://github.com/WebFuzzing/EvoMaster into…

… sql-multidb-v3

.github/workflows/ci.yml

@@ -30,7 +30,7 @@ on:
 #      - "**"
 
 env:
-  evomaster-version: 3.3.1
+  evomaster-version: 3.4.1
   # Unfortunately, to use JPackage we need JDK 17 or above :(
   # Which is really bad due to the madness of --add-opens.
   # Even if hunt down all cases of reflections in EM, there is still the problem of

.github/workflows/release.yml

@@ -8,7 +8,7 @@ on:
       - "v*"
 
 env:
-  evomaster-version: 3.3.1
+  evomaster-version: 3.4.1
   jdk-jar: 1.8
   jdk-jpackage: 21
   retention-days: 1

README.md

@@ -31,7 +31,23 @@ _EvoMaster_ uses several kinds of AI heuristics to improve performance even furt
 building on decades of research in the field of [Search-Based Software Testing](https://en.wikipedia.org/wiki/Search-based_software_engineering).
 
 
-__Key features__:
+### 1-Minute Example 
+
+On a console, copy&paste the following (requires _Docker_ installed).
+It will fuzz the PetClinic example API from Swagger, for 30 seconds. 
+
+```
+docker run -v "$(pwd)/generated_tests":/generated_tests webfuzzing/evomaster  --blackBox true --maxTime 30s  --ratePerMinute 60 --bbSwaggerUrl  https://petstore.swagger.io/v2/swagger.json
+```
+Note, if run in a MSYS shell on Windows like _Git Bash_, there is the need of an extra / before the $ (as in the following video).
+
+
+![](docs/img/evomaster_docker_use.gif)
+
+Once the command is executed, you can inspect the generated files under `generated_tests` folder. 
+
+
+### Key features
 
 * _Web APIs_: At the moment, _EvoMaster_ can generate test cases for __REST__, __GraphQL__ and __RPC__ (e.g., __gRPC__ and __Thrift__) APIs.
 
@@ -54,6 +70,10 @@ __Key features__:
    If that is going to be higher than your current version of the JVM, if you cannot upgrade or have 2 different JDKs on your machine, then you should not use the uber-jar but rather one of the installers. 
    When you use one of the installers, keep in mind that currently they do not update the `PATH` variable. This needs to be done manually, [see documentation](docs/download.md). 
 
+* _Docker_: _EvoMaster_ is now released via Docker as well, under [webfuzzing/evomaster](https://hub.docker.com/r/webfuzzing/evomaster) on Docker Hub. For more information on how to use _EvoMaster_ via Docker, [see documentation](docs/docker.md).
+
+* _GitHub Action_: it is possible to run _EvoMaster_ in GitHub Actions, as part of Continuous Integration, by using the [following custom action](https://github.com/WebFuzzing/evomaster-action) (which is in a different GitHub repository).
+
 * _State-of-the-art_: an [independent study (2022)](https://arxiv.org/abs/2204.08348), comparing 10 fuzzers on 20 RESTful APIs, shows that _EvoMaster_ gives the best results. Another [independent study (2024)](https://arxiv.org/abs/2410.12547) done by a different research group confirms these results.
 
 * _Schema_: REST APIs must provide a schema in [OpenAPI/Swagger](https://swagger.io)
@@ -83,7 +103,7 @@ __Key features__:
   Besides using fixed HTTP headers, 
   it is also possible to declaratively specify which login endpoint should be used to dynamically obtain authentication info (e.g., auth tokens or cookies) for each test execution. [See documentation](docs/auth.md).
 
-__Known limitations__:
+### Known Limitations
 
 * _Driver_: to be used for _white-box_ testing, users need to write a [driver manually](docs/write_driver.md).
   We recommend to try _black-box_ mode first (should just need a few minutes to get it up and running) to get
@@ -212,6 +232,7 @@ Otherwise, if you are working in industry on closed-source APIs, we have options
   * [Technical notes for developers contributing to EvoMaster](docs/for_developers.md)
 * Troubleshooting
   * [Windows and networking](docs/troubleshooting/windows.md)
+  * [java.lang.OutOfMemoryError](docs/troubleshooting/outofmemory.md)
 * More Info
   * [Academic papers related to EvoMaster](docs/publications.md)
   * [Slides of presentations/seminars](docs/presentations.md)

client-java/ci-utils/pom.xml

@@ -13,7 +13,7 @@
     <parent>
         <artifactId>evomaster-client-java</artifactId>
         <groupId>org.evomaster</groupId>
-        <version>3.3.1-SNAPSHOT</version>
+        <version>3.4.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>evomaster-ci-utils</artifactId>

client-java/client-util/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.evomaster</groupId>
         <artifactId>evomaster-client-java</artifactId>
-        <version>3.3.1-SNAPSHOT</version>
+        <version>3.4.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>evomaster-client-java-util</artifactId>

client-java/controller-api/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.evomaster</groupId>
         <artifactId>evomaster-client-java</artifactId>
-        <version>3.3.1-SNAPSHOT</version>
+        <version>3.4.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>evomaster-client-java-controller-api</artifactId>

client-java/controller/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.evomaster</groupId>
         <artifactId>evomaster-client-java</artifactId>
-        <version>3.3.1-SNAPSHOT</version>
+        <version>3.4.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>evomaster-client-java-controller</artifactId>

client-java/dependencies/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.evomaster</groupId>
         <artifactId>evomaster-client-java</artifactId>
-        <version>3.3.1-SNAPSHOT</version>
+        <version>3.4.1-SNAPSHOT</version>
     </parent>
 
     <groupId>org.evomaster</groupId>

client-java/distance-heuristics/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.evomaster</groupId>
         <artifactId>evomaster-client-java</artifactId>
-        <version>3.3.1-SNAPSHOT</version>
+        <version>3.4.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>evomaster-client-java-distance-heuristics</artifactId>

client-java/instrumentation-shared/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.evomaster</groupId>
         <artifactId>evomaster-client-java</artifactId>
-        <version>3.3.1-SNAPSHOT</version>
+        <version>3.4.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>evomaster-client-java-instrumentation-shared</artifactId>

client-java/instrumentation/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.evomaster</groupId>
         <artifactId>evomaster-client-java</artifactId>
-        <version>3.3.1-SNAPSHOT</version>
+        <version>3.4.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>evomaster-client-java-instrumentation</artifactId>

client-java/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.evomaster</groupId>
         <artifactId>evomaster</artifactId>
-        <version>3.3.1-SNAPSHOT</version>
+        <version>3.4.1-SNAPSHOT</version>
     </parent>
 
     <groupId>org.evomaster</groupId>

client-java/sql-dto/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.evomaster</groupId>
         <artifactId>evomaster-client-java</artifactId>
-        <version>3.3.1-SNAPSHOT</version>
+        <version>3.4.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>evomaster-client-java-sql-dto</artifactId>

client-java/sql/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.evomaster</groupId>
         <artifactId>evomaster-client-java</artifactId>
-        <version>3.3.1-SNAPSHOT</version>
+        <version>3.4.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>evomaster-client-java-sql</artifactId>

client-java/test-utils-java/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.evomaster</groupId>
         <artifactId>evomaster-client-java</artifactId>
-        <version>3.3.1-SNAPSHOT</version>
+        <version>3.4.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>evomaster-test-utils-java</artifactId>

core-driver-it/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <artifactId>evomaster</artifactId>
         <groupId>org.evomaster</groupId>
-        <version>3.3.1-SNAPSHOT</version>
+        <version>3.4.1-SNAPSHOT</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

core-graphql-it/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <artifactId>evomaster</artifactId>
         <groupId>org.evomaster</groupId>
-        <version>3.3.1-SNAPSHOT</version>
+        <version>3.4.1-SNAPSHOT</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

core-it/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <artifactId>evomaster</artifactId>
         <groupId>org.evomaster</groupId>
-        <version>3.3.1-SNAPSHOT</version>
+        <version>3.4.1-SNAPSHOT</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

core/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.evomaster</groupId>
         <artifactId>evomaster</artifactId>
-        <version>3.3.1-SNAPSHOT</version>
+        <version>3.4.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>evomaster-core</artifactId>

core/src/main/kotlin/org/evomaster/core/problem/rest/param/QueryParam.kt

@@ -22,7 +22,7 @@ class QueryParam(
     init {
         //https://swagger.io/docs/specification/serialization/
         /*
-            sending x=[1,2,3]  intead of x=1,2,3 is wrong, and can lead to crashes in
+            sending x=[1,2,3]  instead of x=1,2,3 is wrong, and can lead to crashes in
             server if desearilazation is not properly handled.
             TODO: But sending such malformatted string should be handled as part of Robustness Testing
          */

core/src/main/kotlin/org/evomaster/core/search/gene/datetime/TimeGene.kt

@@ -52,6 +52,7 @@ class TimeGene(
             .thenBy(TimeGene::minute)
             .thenBy(TimeGene::second)
             //TODO ms and offset
+            //FIXME: considering offset, this check is wrong.
     }
 
     fun selectZ(){
@@ -106,8 +107,10 @@ class TimeGene(
             val maps = mapOf<Gene, GeneImpact>(
                 hour to additionalGeneMutationInfo.impact.hourGeneImpact,
                 minute to additionalGeneMutationInfo.impact.minuteGeneImpact,
-                second to additionalGeneMutationInfo.impact.secondGeneImpact
-                // TODO millisecond and offset
+                second to additionalGeneMutationInfo.impact.secondGeneImpact,
+                //TODO should be handle in a correct way
+                millisecond to additionalGeneMutationInfo.impact.millisecondGeneImpact,
+                offset to additionalGeneMutationInfo.impact.offsetGeneImpact
             )
             return mwc.selectSubGene(
                 internalGenes,

core/src/main/kotlin/org/evomaster/core/search/gene/datetime/TimeNumOffsetGene.kt

@@ -20,11 +20,16 @@ import org.evomaster.core.search.service.mutator.genemutation.SubsetGeneMutation
  *    time-minute     = 2DIGIT  ; 00-59
  *    time-numoffset  = ("+" / "-") time-hour ":" time-minute
  *    time-offset     = "Z" / time-numoffset
+ *
+ *    Note: RFC3339 does NOT put constraints on hour, but Java does, ie, range -18,+18.
+ *    Apparently this is based on ISO8601, which RFC3339 "profiles"... but
+ *    that document costs money to read... also, it seems currently only -14,+12 is used
+ *    in practice in the world
  */
 class TimeNumOffsetGene(
   name: String,
   val sign: EnumGene<String> = EnumGene("sign", listOf("-","+"), treatAsNotString = true),
-  val hour: IntegerGene = IntegerGene("hour", min = 0, max = 23),
+  val hour: IntegerGene = IntegerGene("hour", min = 0, max = 18),
   val minute: IntegerGene = IntegerGene("minute", min = 0, max = 59)
 ) : CompositeFixedGene(name, listOf(sign, hour, minute)) {
 

core/src/main/kotlin/org/evomaster/core/search/gene/datetime/TimeOffsetGene.kt

@@ -6,7 +6,11 @@ import org.evomaster.core.search.gene.collection.EnumGene
 import org.evomaster.core.search.gene.optional.ChoiceGene
 import org.evomaster.core.search.gene.root.CompositeFixedGene
 import org.evomaster.core.search.gene.utils.GeneUtils
+import org.evomaster.core.search.impact.impactinfocollection.CompositeFixedGeneImpact
+import org.evomaster.core.search.impact.impactinfocollection.GeneImpact
+import org.evomaster.core.search.impact.impactinfocollection.value.date.TimeOffsetGeneImpact
 import org.evomaster.core.search.service.Randomness
+import org.evomaster.core.search.service.mutator.MutationWeightControl
 import org.evomaster.core.search.service.mutator.genemutation.AdditionalGeneMutationInfo
 import org.evomaster.core.search.service.mutator.genemutation.SubsetGeneMutationSelectionStrategy
 
@@ -86,4 +90,26 @@ class TimeOffsetGene(
         return false
     }
 
+    override fun adaptiveSelectSubsetToMutate(
+        randomness: Randomness,
+        internalGenes: List<Gene>,
+        mwc: MutationWeightControl,
+        additionalGeneMutationInfo: AdditionalGeneMutationInfo
+    ): List<Pair<Gene, AdditionalGeneMutationInfo?>> {
+        if (additionalGeneMutationInfo.impact != null && additionalGeneMutationInfo.impact is TimeOffsetGeneImpact) {
+            val maps = mapOf<Gene, GeneImpact>(
+                type to additionalGeneMutationInfo.impact.typeImpact
+            )
+            return mwc.selectSubGene(
+                internalGenes,
+                adaptiveWeight = true,
+                targets = additionalGeneMutationInfo.targets,
+                impacts = internalGenes.map { i -> maps.getValue(i) },
+                individual = null,
+                evi = additionalGeneMutationInfo.evi
+            )
+                .map { it to additionalGeneMutationInfo.copyFoInnerGene(maps.getValue(it), it) }
+        }
+        throw IllegalArgumentException("impact is null or not TimeOffsetGeneImpact")
+    }
 }

core/src/main/kotlin/org/evomaster/core/search/impact/impactinfocollection/ImpactUtils.kt

@@ -22,6 +22,7 @@ import org.evomaster.core.search.gene.collection.*
 import org.evomaster.core.search.gene.datetime.DateGene
 import org.evomaster.core.search.gene.datetime.DateTimeGene
 import org.evomaster.core.search.gene.datetime.TimeGene
+import org.evomaster.core.search.gene.datetime.TimeOffsetGene
 import org.evomaster.core.search.gene.numeric.*
 import org.evomaster.core.search.gene.optional.CustomMutationRateGene
 import org.evomaster.core.search.gene.optional.OptionalGene
@@ -32,6 +33,7 @@ import org.evomaster.core.search.gene.string.NumericStringGene
 import org.evomaster.core.search.gene.string.StringGene
 import org.evomaster.core.search.impact.impactinfocollection.regex.*
 import org.evomaster.core.search.impact.impactinfocollection.value.collection.SqlMultidimensionalArrayGeneImpact
+import org.evomaster.core.search.impact.impactinfocollection.value.date.TimeOffsetGeneImpact
 import org.evomaster.core.search.service.mutator.MutatedGeneSpecification
 import org.slf4j.Logger
 import org.slf4j.LoggerFactory
@@ -70,6 +72,7 @@ class ImpactUtils {
                 is DateGene -> DateGeneImpact(id, gene)
                 is DateTimeGene -> DateTimeGeneImpact(id, gene)
                 is TimeGene -> TimeGeneImpact(id, gene)
+                is TimeOffsetGene -> TimeOffsetGeneImpact(id, gene)
                 is SeededGene<*> -> SeededGeneImpact(id, gene)
                 // math
                 is BigDecimalGene -> BigDecimalGeneImpact(id)