A mutation testing tool takes as input a system under test and a test suite and produces as output the mutation score of the test suite. The tool systematically creates mutants by making small syntactic changes to the system under test and executes the test suite to determine which mutants give different results from the original system. Almost all mutation testing tools have been developed for statically typed languages. The lack of tools for dynamically typed languages may be rooted in additional challenges that are caused by the lack of precise type information until the program is executed. Existing tools for dynamically typed languages mostly focus on mutation of literals because the type of literals are known statically.� This paper presents SMutant, the first mutation testing tool for Smalltalk programs. In addition to literal replacement, SMutant supports many mutation operators that are commonly seen in tools for statically typed languages, such as operator replacement. Instead of applying mutations statically, SMutant postpones mutating until execution and applies mutations dynamically, when the types are available. Also, SMutant enables the user to define new mutation operators by sending a single message. The tool automatically generates code to support new mutation operators.
{"title":"SMutant: a tool for type-sensitive mutation testing in a dynamic language","authors":"Miloš Gligorić, Sandro Badame, Ralph E. Johnson","doi":"10.1145/2025113.2025181","DOIUrl":"https://doi.org/10.1145/2025113.2025181","url":null,"abstract":"A mutation testing tool takes as input a system under test and a test suite and produces as output the mutation score of the test suite. The tool systematically creates mutants by making small syntactic changes to the system under test and executes the test suite to determine which mutants give different results from the original system. Almost all mutation testing tools have been developed for statically typed languages. The lack of tools for dynamically typed languages may be rooted in additional challenges that are caused by the lack of precise type information until the program is executed. Existing tools for dynamically typed languages mostly focus on mutation of literals because the type of literals are known statically.\u0000 This paper presents SMutant, the first mutation testing tool for Smalltalk programs. In addition to literal replacement, SMutant supports many mutation operators that are commonly seen in tools for statically typed languages, such as operator replacement. Instead of applying mutations statically, SMutant postpones mutating until execution and applies mutations dynamically, when the types are available. Also, SMutant enables the user to define new mutation operators by sending a single message. The tool automatically generates code to support new mutation operators.","PeriodicalId":184518,"journal":{"name":"ESEC/FSE '11","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117350034","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Software systems are often built upon third party libraries. Developers may replace an old library with a new library, for the consideration of functionality, performance, security, and so on. It is tedious to learn the often complex APIs in the new library from the scratch. Instead, developers may identify the suitable APIs in the old library, and then find counterparts of these APIs in the new library. However, there is typically no such cross-references for APIs in different libraries. Previous work on automatic API recommendation often recommends related APIs in the same library. In this paper, we propose to mine search results of Web search engines to recommend related APIs of different libraries. In particular, we use Web search engines to collect relevant Web search results of a given API in the old library, and then recommend API candidates in the new library that are frequently appeared in the Web search results. Preliminary results of generating related C# APIs for the APIs in JDK show the feasibility of our approach.
{"title":"Cross-library API recommendation using web search engines","authors":"Wujie Zheng, Qirun Zhang, Michael R. Lyu","doi":"10.1145/2025113.2025197","DOIUrl":"https://doi.org/10.1145/2025113.2025197","url":null,"abstract":"Software systems are often built upon third party libraries. Developers may replace an old library with a new library, for the consideration of functionality, performance, security, and so on. It is tedious to learn the often complex APIs in the new library from the scratch. Instead, developers may identify the suitable APIs in the old library, and then find counterparts of these APIs in the new library. However, there is typically no such cross-references for APIs in different libraries. Previous work on automatic API recommendation often recommends related APIs in the same library. In this paper, we propose to mine search results of Web search engines to recommend related APIs of different libraries. In particular, we use Web search engines to collect relevant Web search results of a given API in the old library, and then recommend API candidates in the new library that are frequently appeared in the Web search results. Preliminary results of generating related C# APIs for the APIs in JDK show the feasibility of our approach.","PeriodicalId":184518,"journal":{"name":"ESEC/FSE '11","volume":"137 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122435499","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Developers of JavaScript web applications have little tool support for catching errors early in development. In comparison, an abundance of tools exist for statically typed languages, including sophisticated integrated development environments and specialized static analyses. Transferring such technologies to the domain of JavaScript web applications is challenging. In this paper, we discuss the challenges, which include the dynamic aspects of JavaScript and the complex interactions between JavaScript, HTML, and the browser. From this, we present the first static analysis that is capable of reasoning about the flow of control and data in modern JavaScript applications that interact with the HTML DOM and browser API.� One application of such a static analysis is to detect type-related and dataflow-related programming errors. We report on experiments with a range of modern web applications, including Chrome Experiments and IE Test Drive applications, to measure the precision and performance of the technique. The experiments indicate that the analysis is able to show absence of errors related to missing object properties and to identify dead and unreachable code. By measuring the precision of the types inferred for object properties, the analysis is precise enough to show that most expressions have unique types. By also producing precise call graphs, the analysis additionally shows that most invocations in the programs are monomorphic. We furthermore study the usefulness of the analysis to detect spelling errors in the code. Despite the encouraging results, not all problems are solved and some of the experiments indicate a potential for improvement, which allows us to identify central remaining challenges and outline directions for future work.
{"title":"Modeling the HTML DOM and browser API in static analysis of JavaScript web applications","authors":"S. Jensen, Magnus Madsen, Anders Møller","doi":"10.1145/2025113.2025125","DOIUrl":"https://doi.org/10.1145/2025113.2025125","url":null,"abstract":"Developers of JavaScript web applications have little tool support for catching errors early in development. In comparison, an abundance of tools exist for statically typed languages, including sophisticated integrated development environments and specialized static analyses. Transferring such technologies to the domain of JavaScript web applications is challenging. In this paper, we discuss the challenges, which include the dynamic aspects of JavaScript and the complex interactions between JavaScript, HTML, and the browser. From this, we present the first static analysis that is capable of reasoning about the flow of control and data in modern JavaScript applications that interact with the HTML DOM and browser API.\u0000 One application of such a static analysis is to detect type-related and dataflow-related programming errors. We report on experiments with a range of modern web applications, including Chrome Experiments and IE Test Drive applications, to measure the precision and performance of the technique. The experiments indicate that the analysis is able to show absence of errors related to missing object properties and to identify dead and unreachable code. By measuring the precision of the types inferred for object properties, the analysis is precise enough to show that most expressions have unique types. By also producing precise call graphs, the analysis additionally shows that most invocations in the programs are monomorphic. We furthermore study the usefulness of the analysis to detect spelling errors in the code. Despite the encouraging results, not all problems are solved and some of the experiments indicate a potential for improvement, which allows us to identify central remaining challenges and outline directions for future work.","PeriodicalId":184518,"journal":{"name":"ESEC/FSE '11","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114276705","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Software systems are modularized to make their inherent complexity manageable. While there exists a set of well-known principles that may guide software engineers to design the modules of a software system, we do not know which principles are followed in practice. In a study based on 16 open source projects, we look at different kinds of coupling concepts between source code entities, including structural dependencies, fan-out similarity, evolutionary coupling, code ownership, code clones, and semantic similarity. The congruence between these coupling concepts and the modularization of the system hints at the modularity principles used in practice. Furthermore, the results provide insights on how to support developers to modularize software systems.
{"title":"On the congruence of modularity and code coupling","authors":"Fabian Beck, S. Diehl","doi":"10.1145/2025113.2025162","DOIUrl":"https://doi.org/10.1145/2025113.2025162","url":null,"abstract":"Software systems are modularized to make their inherent complexity manageable. While there exists a set of well-known principles that may guide software engineers to design the modules of a software system, we do not know which principles are followed in practice. In a study based on 16 open source projects, we look at different kinds of coupling concepts between source code entities, including structural dependencies, fan-out similarity, evolutionary coupling, code ownership, code clones, and semantic similarity. The congruence between these coupling concepts and the modularization of the system hints at the modularity principles used in practice. Furthermore, the results provide insights on how to support developers to modularize software systems.","PeriodicalId":184518,"journal":{"name":"ESEC/FSE '11","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130220214","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The ACM SIGPLAN-SIGSOFT PASTE Workshop presents exciting research, empirical results, and new directions in Program Analysis for Software Tools and Engineering. The program includes two technical sessions as well as a keynote talk on program synthesis for automating end-user programming and education.
{"title":"PASTE'11: Proceedings of the 10th ACM sigplan-sigsoft workshop on program analysis for software tools and engineering","authors":"Jeff Foster, L. Pollock","doi":"10.1145/2025113.2025210","DOIUrl":"https://doi.org/10.1145/2025113.2025210","url":null,"abstract":"The ACM SIGPLAN-SIGSOFT PASTE Workshop presents exciting research, empirical results, and new directions in Program Analysis for Software Tools and Engineering. The program includes two technical sessions as well as a keynote talk on program synthesis for automating end-user programming and education.","PeriodicalId":184518,"journal":{"name":"ESEC/FSE '11","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129611073","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We describe techniques for analyzing data polymorphism in C, and show that understanding data polymorphism is important for statically verifying type casts in the Linux kernel, where our techniques prove the safety of 75% of downcasts to structure types, out of a population of 28767. We also discuss prevalent patterns of data polymorphism in Linux, including code patterns we can handle and those we cannot.
{"title":"Inferring data polymorphism in systems code","authors":"Brian Hackett, A. Aiken","doi":"10.1145/2025113.2025159","DOIUrl":"https://doi.org/10.1145/2025113.2025159","url":null,"abstract":"We describe techniques for analyzing data polymorphism in C, and show that understanding data polymorphism is important for statically verifying type casts in the Linux kernel, where our techniques prove the safety of 75% of downcasts to structure types, out of a population of 28767. We also discuss prevalent patterns of data polymorphism in Linux, including code patterns we can handle and those we cannot.","PeriodicalId":184518,"journal":{"name":"ESEC/FSE '11","volume":"83 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117258617","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Efficient program path exploration is important for many software engineering activities such as testing, debugging and verification. However, enumerating all paths of a program is prohibitively expensive. In this paper, we develop a partitioning of program paths based on the program output. Two program paths are placed in the same partition if they derive the output similarly, that is, the symbolic expression connecting the output with the inputs is the same in both paths. Our grouping of paths is gradually created by a smart path exploration. Our experiments show the benefits of the proposed pathexploration in test-suite construction.� Our path partitioning produces a semantic signature of a program --- describing all the different symbolic expressions that the output can assume along different program paths. To reason about changes between program versions, we can therefore analyze their semantic signatures. In particular, we demonstrate the applications of our path partitioning in debugging of software regressions.
{"title":"Path exploration based on symbolic output","authors":"Dawei Qi, Hoang D. T. Nguyen, Abhik Roychoudhury","doi":"10.1145/2025113.2025152","DOIUrl":"https://doi.org/10.1145/2025113.2025152","url":null,"abstract":"Efficient program path exploration is important for many software engineering activities such as testing, debugging and verification. However, enumerating all paths of a program is prohibitively expensive. In this paper, we develop a partitioning of program paths based on the program output. Two program paths are placed in the same partition if they derive the output similarly, that is, the symbolic expression connecting the output with the inputs is the same in both paths. Our grouping of paths is gradually created by a smart path exploration. Our experiments show the benefits of the proposed pathexploration in test-suite construction.\u0000 Our path partitioning produces a semantic signature of a program --- describing all the different symbolic expressions that the output can assume along different program paths. To reason about changes between program versions, we can therefore analyze their semantic signatures. In particular, we demonstrate the applications of our path partitioning in debugging of software regressions.","PeriodicalId":184518,"journal":{"name":"ESEC/FSE '11","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126585435","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Database-centric applications (DCAs) are common in enterprise computing, and they use nontrivial databases. Testing of DCAs is increasingly outsourced to test centers in order to achieve lower cost and higher quality. When proprietary DCAs are released, their databases should also be made available to test engineers. However, different data privacy laws prevent organizations from sharing this data with test centers because databases contain sensitive information. Currently, testing is performed with anonymized data, which often leads to worse test coverage (such as code coverage) and fewer uncovered faults, thereby reducing the quality of DCAs and obliterating benefits of test outsourcing. To address this issue, we offer a novel approach that combines program analysis with a new data privacy framework that we design to address constraints of software testing. With our approach, organizations can balance the level of privacy with needs of testing. We have built a tool for our approach and applied it to nontrivial Java DCAs. Our results show that test coverage can be preserved at a higher level by anonymizing data based on their effect on corresponding DCAs.
{"title":"Testing software in age of data privacy: a balancing act","authors":"Kunal Taneja, M. Grechanik, R. Ghani, Tao Xie","doi":"10.1145/2025113.2025143","DOIUrl":"https://doi.org/10.1145/2025113.2025143","url":null,"abstract":"Database-centric applications (DCAs) are common in enterprise computing, and they use nontrivial databases. Testing of DCAs is increasingly outsourced to test centers in order to achieve lower cost and higher quality. When proprietary DCAs are released, their databases should also be made available to test engineers. However, different data privacy laws prevent organizations from sharing this data with test centers because databases contain sensitive information. Currently, testing is performed with anonymized data, which often leads to worse test coverage (such as code coverage) and fewer uncovered faults, thereby reducing the quality of DCAs and obliterating benefits of test outsourcing. To address this issue, we offer a novel approach that combines program analysis with a new data privacy framework that we design to address constraints of software testing. With our approach, organizations can balance the level of privacy with needs of testing. We have built a tool for our approach and applied it to nontrivial Java DCAs. Our results show that test coverage can be preserved at a higher level by anonymizing data based on their effect on corresponding DCAs.","PeriodicalId":184518,"journal":{"name":"ESEC/FSE '11","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123157839","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Raian Ali, C. Solís, M. Salehie, Inah Omoronyia, B. Nuseibeh, W. Maalej
Adaptation requires a system to monitor its operational context to ensure that when changes occur, a suitable adaptation action is planned and taken at runtime. The ultimate goal of adaptation is that users get their dynamic requirements met efficiently and correctly. Context changes and users' judgment of the role of the system in meeting their requirements are drivers for adaptation. In many cases, these drivers are hard to identify by designers at design time and hard to monitor by the use of exclusively technological means by the system at runtime. In this paper, we propose Social Sensing as the activity performed by users who act as monitors and provide information needed for adaptation at runtime. Such information helps the system cope with technology limitations and designers' uncertainty. We discuss the motivation and foundations of Social Sensing and outline a set of research challenges to address in future work.
{"title":"Social sensing: when users become monitors","authors":"Raian Ali, C. Solís, M. Salehie, Inah Omoronyia, B. Nuseibeh, W. Maalej","doi":"10.1145/2025113.2025196","DOIUrl":"https://doi.org/10.1145/2025113.2025196","url":null,"abstract":"Adaptation requires a system to monitor its operational context to ensure that when changes occur, a suitable adaptation action is planned and taken at runtime. The ultimate goal of adaptation is that users get their dynamic requirements met efficiently and correctly. Context changes and users' judgment of the role of the system in meeting their requirements are drivers for adaptation. In many cases, these drivers are hard to identify by designers at design time and hard to monitor by the use of exclusively technological means by the system at runtime. In this paper, we propose Social Sensing as the activity performed by users who act as monitors and provide information needed for adaptation at runtime. Such information helps the system cope with technology limitations and designers' uncertainty. We discuss the motivation and foundations of Social Sensing and outline a set of research challenges to address in future work.","PeriodicalId":184518,"journal":{"name":"ESEC/FSE '11","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117178319","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Self-adaptation endows a software system with the ability to satisfy certain objectives by automatically modifying its behavior. While many promising approaches for the construction of self-adaptive software systems have been developed, the majority of them ignore the uncertainty underlying the adaptation decisions. This has been one of the key obstacles to wide-spread adoption of self-adaption techniques in risk-averse real-world settings. In this paper, we describe an approach, called POssIbilistic SElf-aDaptation (POISED), for tackling the challenge posed by uncertainty in making adaptation decisions. POISED builds on possibility theory to assess both the positive and negative consequences of uncertainty. It makes adaptation decisions that result in the best range of potential behavior. We demonstrate POISED's application to the problem of improving a software system's quality of service via runtime reconfiguration of its customizable software components. We have extensively evaluated POISED using a prototype of a robotic software system.
{"title":"Taming uncertainty in self-adaptive software","authors":"N. Esfahani, Ehsan Kouroshfar, S. Malek","doi":"10.1145/2025113.2025147","DOIUrl":"https://doi.org/10.1145/2025113.2025147","url":null,"abstract":"Self-adaptation endows a software system with the ability to satisfy certain objectives by automatically modifying its behavior. While many promising approaches for the construction of self-adaptive software systems have been developed, the majority of them ignore the uncertainty underlying the adaptation decisions. This has been one of the key obstacles to wide-spread adoption of self-adaption techniques in risk-averse real-world settings. In this paper, we describe an approach, called POssIbilistic SElf-aDaptation (POISED), for tackling the challenge posed by uncertainty in making adaptation decisions. POISED builds on possibility theory to assess both the positive and negative consequences of uncertainty. It makes adaptation decisions that result in the best range of potential behavior. We demonstrate POISED's application to the problem of improving a software system's quality of service via runtime reconfiguration of its customizable software components. We have extensively evaluated POISED using a prototype of a robotic software system.","PeriodicalId":184518,"journal":{"name":"ESEC/FSE '11","volume":"65 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126631402","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: