首页 > 最新文献

Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering最新文献

英文 中文
Build system with lazy retrieval for Java projects 为Java项目构建带有延迟检索的系统
Ahmet Çelik, Alexander Knaust, Aleksandar Milicevic, Miloš Gligorić
In the modern-day development, projects use Continuous Integration Services (CISs) to execute the build for every change in the source code. To ensure that the project remains correct and deployable, a CIS performs a clean build each time. In a clean environment, a build system needs to retrieve the project's dependencies (e.g., guava.jar). The retrieval, however, can be costly due to dependency bloat: despite a project using only a few files from each library, the existing build systems still eagerly retrieve all the libraries at the beginning of the build. This paper presents a novel build system, Molly, which lazily retrieves parts of libraries (i.e., files) that are needed during the execution of a build target. For example, the compilation target needs only public interfaces of classes within the libraries and the test target needs only implementation of the classes that are being invoked by the tests. Additionally, Molly generates a transfer script that retrieves parts of libraries based on prior builds. Molly's design requires that we ignore the boundaries set by the library developers and look at the files within the libraries. We implemented Molly for Java and evaluated it on 17 popular open-source projects. We show that test targets (on average) depend on only 9.97% of files in libraries. A variant of Molly speeds up retrieval by 44.28%. Furthermore, the scripts generated by Molly retrieve dependencies, on average, 93.81% faster than the Maven build system.
在现代开发中,项目使用持续集成服务(Continuous Integration Services, CISs)对源代码中的每个更改执行构建。为了确保项目保持正确和可部署,CIS每次都执行一次干净的构建。在干净的环境中,构建系统需要检索项目的依赖项(例如,guava.jar)。然而,由于依赖关系的膨胀,检索的成本可能会很高:尽管项目只使用每个库中的几个文件,但现有的构建系统仍然会在构建开始时急切地检索所有库。本文提出了一个新的构建系统Molly,它可以惰性地检索构建目标执行期间所需的部分库(即文件)。例如,编译目标只需要库中类的公共接口,测试目标只需要由测试调用的类的实现。此外,Molly生成一个传输脚本,该脚本根据以前的构建检索库的部分内容。Molly的设计要求我们忽略库开发人员设置的边界,并查看库中的文件。我们为Java实现了Molly,并在17个流行的开源项目中对其进行了评估。我们显示测试目标(平均而言)只依赖于库中9.97%的文件。茉莉的一个变种将检索速度提高了44.28%。此外,Molly生成的脚本检索依赖项的速度平均比Maven构建系统快93.81%。
{"title":"Build system with lazy retrieval for Java projects","authors":"Ahmet Çelik, Alexander Knaust, Aleksandar Milicevic, Miloš Gligorić","doi":"10.1145/2950290.2950358","DOIUrl":"https://doi.org/10.1145/2950290.2950358","url":null,"abstract":"In the modern-day development, projects use Continuous Integration Services (CISs) to execute the build for every change in the source code. To ensure that the project remains correct and deployable, a CIS performs a clean build each time. In a clean environment, a build system needs to retrieve the project's dependencies (e.g., guava.jar). The retrieval, however, can be costly due to dependency bloat: despite a project using only a few files from each library, the existing build systems still eagerly retrieve all the libraries at the beginning of the build. This paper presents a novel build system, Molly, which lazily retrieves parts of libraries (i.e., files) that are needed during the execution of a build target. For example, the compilation target needs only public interfaces of classes within the libraries and the test target needs only implementation of the classes that are being invoked by the tests. Additionally, Molly generates a transfer script that retrieves parts of libraries based on prior builds. Molly's design requires that we ignore the boundaries set by the library developers and look at the files within the libraries. We implemented Molly for Java and evaluated it on 17 popular open-source projects. We show that test targets (on average) depend on only 9.97% of files in libraries. A variant of Molly speeds up retrieval by 44.28%. Furthermore, the scripts generated by Molly retrieve dependencies, on average, 93.81% faster than the Maven build system.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"41 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88413224","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
POLLUX: safely upgrading dependent application libraries 安全升级依赖的应用程序库
Sukrit Kalra, Ayush Goel, Dhriti Khanna, Mohan Dhawan, Subodh Sharma, Rahul Purandare
Software evolution in third-party libraries across version upgrades can result in addition of new functionalities or change in existing APIs. As a result, there is a real danger of impairment of backward compatibility. Application developers, therefore, must keep constant vigil over library enhancements to ensure application consistency, i.e., application retains its semantic behavior across library upgrades. In this paper, we present the design and implementation of POLLUX, a framework to detect application-affecting changes across two versions of the same dependent non-adversarial library binary, and provide feedback on whether the application developer should link to the newer version or not. POLLUX leverages relevant application test cases to drive execution through both versions of the concerned library binary, records all concrete effects on the environment, and compares them to determine semantic similarity across the same API invocation for the two library versions. Our evaluation with 16 popular, open-source library binaries shows that POLLUX is accurate with no false positives and works across compiler optimizations.
跨版本升级的第三方库中的软件演进可能导致新功能的增加或现有api的更改。因此,存在损害向后兼容性的真正危险。因此,应用程序开发人员必须时刻关注库的增强,以确保应用程序的一致性,也就是说,应用程序在库升级期间保持其语义行为。在本文中,我们介绍了POLLUX的设计和实现,这是一个框架,用于检测相同的依赖非对抗性库二进制文件的两个版本之间影响应用程序的更改,并提供关于应用程序开发人员是否应该链接到较新的版本的反馈。POLLUX利用相关的应用程序测试用例来驱动相关库二进制文件的两个版本的执行,记录对环境的所有具体影响,并对它们进行比较,以确定两个库版本的相同API调用之间的语义相似性。我们对16个流行的开源库二进制文件进行了评估,结果表明,POLLUX是准确的,没有误报,并且可以跨编译器优化工作。
{"title":"POLLUX: safely upgrading dependent application libraries","authors":"Sukrit Kalra, Ayush Goel, Dhriti Khanna, Mohan Dhawan, Subodh Sharma, Rahul Purandare","doi":"10.1145/2950290.2950345","DOIUrl":"https://doi.org/10.1145/2950290.2950345","url":null,"abstract":"Software evolution in third-party libraries across version upgrades can result in addition of new functionalities or change in existing APIs. As a result, there is a real danger of impairment of backward compatibility. Application developers, therefore, must keep constant vigil over library enhancements to ensure application consistency, i.e., application retains its semantic behavior across library upgrades. In this paper, we present the design and implementation of POLLUX, a framework to detect application-affecting changes across two versions of the same dependent non-adversarial library binary, and provide feedback on whether the application developer should link to the newer version or not. POLLUX leverages relevant application test cases to drive execution through both versions of the concerned library binary, records all concrete effects on the environment, and compares them to determine semantic similarity across the same API invocation for the two library versions. Our evaluation with 16 popular, open-source library binaries shows that POLLUX is accurate with no false positives and works across compiler optimizations.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"3 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86392988","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
"Womenomics" and gender-inclusive software: what software engineers need to know (invited talk) “女性经济学”和性别包容软件:软件工程师需要知道什么(特邀演讲)
M. Burnett
This short paper is a summary of my keynote at FSE’16, with accompanying references for follow-up.
这篇短文是我在FSE ' 16上的主题演讲的总结,并附有后续参考资料。
{"title":"\"Womenomics\" and gender-inclusive software: what software engineers need to know (invited talk)","authors":"M. Burnett","doi":"10.1145/2950290.2994159","DOIUrl":"https://doi.org/10.1145/2950290.2994159","url":null,"abstract":"This short paper is a summary of my keynote at FSE’16, with accompanying references for follow-up.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"21 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82778533","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Efficiency of projectional editing: a controlled experiment 投影编辑的效率:一项对照实验
T. Berger, M. Völter, Hans Peter Jensen, Taweesap Dangprasert, J. Siegmund
Projectional editors are editors where a user's editing actions directly change the abstract syntax tree without using a parser. They promise essentially unrestricted language com position as well as flexible notations, which supports aligning languages with their respective domain and constitutes an essential ingredient of model-driven development. Such editors have existed since the 1980s and gained widespread attention with the Intentional Programming paradigm, which used projectional editing at its core. However, despite the benefits, programming still mainly relies on editing textual code, where projectional editors imply a very different -- typically perceived as worse -- editing experience, often seen as the main challenge prohibiting their widespread adoption. We present an experiment of code-editing activities in a projectional editor, conducted with 19 graduate computer-science students and industrial developers. We investigate the effects of projectional editing on editing efficiency, editing strategies, and error rates -- each of which we also compare to conventional, parser-based editing. We observe that editing is efficient for basic-editing tasks, but that editing strategies and typical errors differ. More complex tasks require substantial experience and a better understanding of the abstract-syntax-tree structure -- then, projectional editing is also efficient. We also witness a tradeoff between fewer typing mistakes and an increased complexity of code editing.
投影编辑器是这样一种编辑器,用户的编辑操作可以直接更改抽象语法树,而无需使用解析器。它们承诺基本上不受限制的语言com位置以及灵活的符号,这支持将语言与各自的领域对齐,并构成模型驱动开发的基本组成部分。自20世纪80年代以来,这种编辑器就已经存在,并以使用投影编辑为核心的故意编程范式获得了广泛的关注。然而,尽管有这些好处,编程仍然主要依赖于编辑文本代码,而投影编辑器意味着一种非常不同的——通常被认为是更糟糕的——编辑体验,通常被视为阻碍其广泛采用的主要挑战。我们提出了一个在投影编辑器中进行代码编辑活动的实验,由19名计算机科学研究生和工业开发人员进行。我们研究了投影编辑对编辑效率、编辑策略和错误率的影响——我们还将每一项都与传统的、基于解析器的编辑进行了比较。我们观察到,编辑对基本的编辑任务是有效的,但编辑策略和典型错误不同。更复杂的任务需要丰富的经验和对抽象语法树结构的更好理解——然后,投影编辑也是有效的。我们还见证了在更少的输入错误和增加的代码编辑复杂性之间的权衡。
{"title":"Efficiency of projectional editing: a controlled experiment","authors":"T. Berger, M. Völter, Hans Peter Jensen, Taweesap Dangprasert, J. Siegmund","doi":"10.1145/2950290.2950315","DOIUrl":"https://doi.org/10.1145/2950290.2950315","url":null,"abstract":"Projectional editors are editors where a user's editing actions directly change the abstract syntax tree without using a parser. They promise essentially unrestricted language com position as well as flexible notations, which supports aligning languages with their respective domain and constitutes an essential ingredient of model-driven development. Such editors have existed since the 1980s and gained widespread attention with the Intentional Programming paradigm, which used projectional editing at its core. However, despite the benefits, programming still mainly relies on editing textual code, where projectional editors imply a very different -- typically perceived as worse -- editing experience, often seen as the main challenge prohibiting their widespread adoption. We present an experiment of code-editing activities in a projectional editor, conducted with 19 graduate computer-science students and industrial developers. We investigate the effects of projectional editing on editing efficiency, editing strategies, and error rates -- each of which we also compare to conventional, parser-based editing. We observe that editing is efficient for basic-editing tasks, but that editing strategies and typical errors differ. More complex tasks require substantial experience and a better understanding of the abstract-syntax-tree structure -- then, projectional editing is also efficient. We also witness a tradeoff between fewer typing mistakes and an increased complexity of code editing.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"10 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90661672","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 44
CacheOptimizer: helping developers configure caching frameworks for hibernate-based database-centric web applications CacheOptimizer:帮助开发者为基于hibernate的以数据库为中心的web应用配置缓存框架
T. Chen, Weiyi Shang, A. Hassan, Mohamed N. Nasser, P. Flora
To help improve the performance of database-centric cloud-based web applications, developers usually use caching frameworks to speed up database accesses. Such caching frameworks require extensive knowledge of the application to operate effectively. However, all too often developers have limited knowledge about the intricate details of their own application. Hence, most developers find configuring caching frameworks a challenging and time-consuming task that requires extensive and scattered code changes. Furthermore, developers may also need to frequently change such configurations to accommodate the ever changing workload. In this paper, we propose CacheOptimizer, a lightweight approach that helps developers optimize the configuration of caching frameworks for web applications that are implemented using Hibernate. CacheOptimizer leverages readily-available web logs to create mappings between a workload and database accesses. Given the mappings, CacheOptimizer discovers the optimal cache configuration using coloured Petri nets, and automatically adds the appropriate cache configurations to the application. We evaluate CacheOptimizer on three open-source web applications. We find that i) CacheOptimizer improves the throughput by 27--138%; and ii) after considering both the memory cost and throughput improvement, CacheOptimizer still brings statistically significant gains (with mostly large effect sizes) in comparison to the application's default cache configuration and to blindly enabling all possible caches.
为了帮助提高以数据库为中心的基于云的web应用程序的性能,开发人员通常使用缓存框架来加速数据库访问。这样的缓存框架需要广泛的应用程序知识才能有效地运行。然而,开发人员对自己应用程序的复杂细节了解有限。因此,大多数开发人员发现配置缓存框架是一项具有挑战性且耗时的任务,需要大量且分散的代码更改。此外,开发人员可能还需要经常更改这样的配置,以适应不断变化的工作负载。在本文中,我们提出了CacheOptimizer,这是一种轻量级的方法,可以帮助开发人员优化使用Hibernate实现的web应用程序缓存框架的配置。CacheOptimizer利用随时可用的web日志来创建工作负载和数据库访问之间的映射。给定映射,CacheOptimizer使用彩色Petri网发现最佳缓存配置,并自动将适当的缓存配置添加到应用程序中。我们在三个开源web应用程序上评估了CacheOptimizer。我们发现i) CacheOptimizer将吞吐量提高了27- 138%;ii)在考虑了内存成本和吞吐量改进之后,与应用程序的默认缓存配置和盲目启用所有可能的缓存相比,CacheOptimizer仍然带来了统计上显著的收益(大多数效果很大)。
{"title":"CacheOptimizer: helping developers configure caching frameworks for hibernate-based database-centric web applications","authors":"T. Chen, Weiyi Shang, A. Hassan, Mohamed N. Nasser, P. Flora","doi":"10.1145/2950290.2950303","DOIUrl":"https://doi.org/10.1145/2950290.2950303","url":null,"abstract":"To help improve the performance of database-centric cloud-based web applications, developers usually use caching frameworks to speed up database accesses. Such caching frameworks require extensive knowledge of the application to operate effectively. However, all too often developers have limited knowledge about the intricate details of their own application. Hence, most developers find configuring caching frameworks a challenging and time-consuming task that requires extensive and scattered code changes. Furthermore, developers may also need to frequently change such configurations to accommodate the ever changing workload. In this paper, we propose CacheOptimizer, a lightweight approach that helps developers optimize the configuration of caching frameworks for web applications that are implemented using Hibernate. CacheOptimizer leverages readily-available web logs to create mappings between a workload and database accesses. Given the mappings, CacheOptimizer discovers the optimal cache configuration using coloured Petri nets, and automatically adds the appropriate cache configurations to the application. We evaluate CacheOptimizer on three open-source web applications. We find that i) CacheOptimizer improves the throughput by 27--138%; and ii) after considering both the memory cost and throughput improvement, CacheOptimizer still brings statistically significant gains (with mostly large effect sizes) in comparison to the application's default cache configuration and to blindly enabling all possible caches.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"4 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89493979","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 60
How to break an API: cost negotiation and community values in three software ecosystems 如何打破API:三个软件生态系统中的成本谈判和社区价值
C. Bogart, Christian Kästner, J. Herbsleb, Ferdian Thung
Change introduces conflict into software ecosystems: breaking changes may ripple through the ecosystem and trigger rework for users of a package, but often developers can invest additional effort or accept opportunity costs to alleviate or delay downstream costs. We performed a multiple case study of three software ecosystems with different tooling and philosophies toward change, Eclipse, R/CRAN, and Node.js/npm, to understand how developers make decisions about change and change-related costs and what practices, tooling, and policies are used. We found that all three ecosystems differ substantially in their practices and expectations toward change and that those differences can be explained largely by different community values in each ecosystem. Our results illustrate that there is a large design space in how to build an ecosystem, its policies and its supporting infrastructure; and there is value in making community values and accepted tradeoffs explicit and transparent in order to resolve conflicts and negotiate change-related costs.
变更将冲突引入软件生态系统:破坏性的变更可能会在整个生态系统中产生涟漪,并触发软件包用户的返工,但是开发人员通常可以投入额外的努力或接受机会成本来减轻或延迟下游成本。我们对三个软件生态系统(Eclipse、R/CRAN和Node.js/npm)进行了多个案例研究,这些生态系统使用了不同的工具和变更哲学,以了解开发人员如何对变更和与变更相关的成本做出决策,以及使用了哪些实践、工具和策略。我们发现,这三个生态系统在实践和对变化的期望方面存在很大差异,这些差异在很大程度上可以用每个生态系统中不同的群落价值来解释。我们的研究结果表明,在如何构建生态系统、政策和配套基础设施方面存在很大的设计空间;为了解决冲突和协商与变化相关的成本,使社区价值和可接受的权衡明确透明是有价值的。
{"title":"How to break an API: cost negotiation and community values in three software ecosystems","authors":"C. Bogart, Christian Kästner, J. Herbsleb, Ferdian Thung","doi":"10.1145/2950290.2950325","DOIUrl":"https://doi.org/10.1145/2950290.2950325","url":null,"abstract":"Change introduces conflict into software ecosystems: breaking changes may ripple through the ecosystem and trigger rework for users of a package, but often developers can invest additional effort or accept opportunity costs to alleviate or delay downstream costs. We performed a multiple case study of three software ecosystems with different tooling and philosophies toward change, Eclipse, R/CRAN, and Node.js/npm, to understand how developers make decisions about change and change-related costs and what practices, tooling, and policies are used. We found that all three ecosystems differ substantially in their practices and expectations toward change and that those differences can be explained largely by different community values in each ecosystem. Our results illustrate that there is a large design space in how to build an ecosystem, its policies and its supporting infrastructure; and there is value in making community values and accepted tradeoffs explicit and transparent in order to resolve conflicts and negotiate change-related costs.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"13 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78424707","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 179
What would users change in my app? summarizing app reviews for recommending software changes 用户会在我的应用中改变什么?总结应用程序评论,以推荐软件更改
Andrea Di Sorbo, Sebastiano Panichella, Carol V. Alexandru, Junji Shimagaki, C. A. Visaggio, G. Canfora, Harald C. Gall
Mobile app developers constantly monitor feedback in user reviews with the goal of improving their mobile apps and better meeting user expectations. Thus, automated approaches have been proposed in literature with the aim of reducing the effort required for analyzing feedback contained in user reviews via automatic classification/prioritization according to specific topics. In this paper, we introduce SURF (Summarizer of User Reviews Feedback), a novel approach to condense the enormous amount of information that developers of popular apps have to manage due to user feedback received on a daily basis. SURF relies on a conceptual model for capturing user needs useful for developers performing maintenance and evolution tasks. Then it uses sophisticated summarisation techniques for summarizing thousands of reviews and generating an interactive, structured and condensed agenda of recommended software changes. We performed an end-to-end evaluation of SURF on user reviews of 17 mobile apps (5 of them developed by Sony Mobile), involving 23 developers and researchers in total. Results demonstrate high accuracy of SURF in summarizing reviews and the usefulness of the recommended changes. In evaluating our approach we found that SURF helps developers in better understanding user needs, substantially reducing the time required by developers compared to manually analyzing user (change) requests and planning future software changes.
手机应用开发者不断监测用户评论的反馈,以改进他们的手机应用,更好地满足用户的期望。因此,文献中提出了自动化方法,目的是通过根据特定主题进行自动分类/优先级排序,减少分析用户评论中包含的反馈所需的工作量。在本文中,我们介绍了SURF(用户评论反馈总结器),这是一种新颖的方法,可以浓缩流行应用开发者必须管理的大量信息,这些信息是由于每天收到的用户反馈。SURF依赖于捕获用户需求的概念模型,这对执行维护和演进任务的开发人员很有用。然后,它使用复杂的总结技术来总结成千上万的评论,并生成一个交互式的、结构化的、浓缩的推荐软件更改议程。我们对17款手机应用(其中5款由Sony mobile开发)的用户评论进行了端到端的SURF评估,共有23名开发者和研究人员参与其中。结果表明SURF在总结综述方面具有较高的准确性和推荐的更改的有效性。在评估我们的方法时,我们发现SURF帮助开发人员更好地理解用户需求,与手工分析用户(变更)请求和计划未来的软件变更相比,大大减少了开发人员所需的时间。
{"title":"What would users change in my app? summarizing app reviews for recommending software changes","authors":"Andrea Di Sorbo, Sebastiano Panichella, Carol V. Alexandru, Junji Shimagaki, C. A. Visaggio, G. Canfora, Harald C. Gall","doi":"10.1145/2950290.2950299","DOIUrl":"https://doi.org/10.1145/2950290.2950299","url":null,"abstract":"Mobile app developers constantly monitor feedback in user reviews with the goal of improving their mobile apps and better meeting user expectations. Thus, automated approaches have been proposed in literature with the aim of reducing the effort required for analyzing feedback contained in user reviews via automatic classification/prioritization according to specific topics. In this paper, we introduce SURF (Summarizer of User Reviews Feedback), a novel approach to condense the enormous amount of information that developers of popular apps have to manage due to user feedback received on a daily basis. SURF relies on a conceptual model for capturing user needs useful for developers performing maintenance and evolution tasks. Then it uses sophisticated summarisation techniques for summarizing thousands of reviews and generating an interactive, structured and condensed agenda of recommended software changes. We performed an end-to-end evaluation of SURF on user reviews of 17 mobile apps (5 of them developed by Sony Mobile), involving 23 developers and researchers in total. Results demonstrate high accuracy of SURF in summarizing reviews and the usefulness of the recommended changes. In evaluating our approach we found that SURF helps developers in better understanding user needs, substantially reducing the time required by developers compared to manually analyzing user (change) requests and planning future software changes.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"141 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78434634","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 32
NonDex: a tool for detecting and debugging wrong assumptions on Java API specifications NonDex:一个检测和调试Java API规范错误假设的工具
A. Gyori, B. Lambeth, A. Shi, Owolabi Legunsen, D. Marinov
We present NonDex, a tool for detecting and debugging wrong assumptions on Java APIs. Some APIs have underdetermined specifications to allow implementations to achieve different goals, e.g., to optimize performance. When clients of such APIs assume stronger-than-specified guarantees, the resulting client code can fail. For example, HashSet’s iteration order is underdetermined, and code assuming some implementation-specific iteration order can fail. NonDex helps to proactively detect and debug such wrong assumptions. NonDex performs detection by randomly exploring different behaviors of underdetermined APIs during test execution. When a test fails during exploration, NonDex searches for the invocation instance of the API that caused the failure. NonDex is open source, well-integrated with Maven, and also runs from the command line. During our experiments with the NonDex Maven plugin, we detected 21 new bugs in eight Java projects from GitHub, and, using the debugging feature of NonDex, we identified the underlying wrong assumptions for these 21 new bugs and 54 previously detected bugs. We opened 13 pull requests; developers already accepted 12, and one project changed the continuous-integration configuration to run NonDex on every push. The demo video is at: https://youtu.be/h3a9ONkC59c
我们介绍NonDex,一个用于检测和调试Java api错误假设的工具。一些api有不确定的规范,以允许实现实现不同的目标,例如,优化性能。当这些api的客户机假定比指定的保证更强时,结果客户机代码可能会失败。例如,HashSet的迭代顺序未确定,假设某些特定于实现的迭代顺序的代码可能会失败。NonDex有助于主动检测和调试这些错误的假设。NonDex通过在测试执行过程中随机探索未确定api的不同行为来进行检测。当测试在探索过程中失败时,NonDex将搜索导致失败的API的调用实例。NonDex是开源的,与Maven集成得很好,也可以从命令行运行。在使用NonDex Maven插件的实验中,我们在GitHub的8个Java项目中发现了21个新错误,并且使用NonDex的调试功能,我们确定了这21个新错误和54个先前检测到的错误的潜在假设。我们打开了13个拉取请求;开发人员已经接受了12个,其中一个项目改变了持续集成配置,在每次推送时都运行NonDex。演示视频在:https://youtu.be/h3a9ONkC59c
{"title":"NonDex: a tool for detecting and debugging wrong assumptions on Java API specifications","authors":"A. Gyori, B. Lambeth, A. Shi, Owolabi Legunsen, D. Marinov","doi":"10.1145/2950290.2983932","DOIUrl":"https://doi.org/10.1145/2950290.2983932","url":null,"abstract":"We present NonDex, a tool for detecting and debugging wrong assumptions on Java APIs. Some APIs have underdetermined specifications to allow implementations to achieve different goals, e.g., to optimize performance. When clients of such APIs assume stronger-than-specified guarantees, the resulting client code can fail. For example, HashSet’s iteration order is underdetermined, and code assuming some implementation-specific iteration order can fail. NonDex helps to proactively detect and debug such wrong assumptions. NonDex performs detection by randomly exploring different behaviors of underdetermined APIs during test execution. When a test fails during exploration, NonDex searches for the invocation instance of the API that caused the failure. NonDex is open source, well-integrated with Maven, and also runs from the command line. During our experiments with the NonDex Maven plugin, we detected 21 new bugs in eight Java projects from GitHub, and, using the debugging feature of NonDex, we identified the underlying wrong assumptions for these 21 new bugs and 54 previously detected bugs. We opened 13 pull requests; developers already accepted 12, and one project changed the continuous-integration configuration to run NonDex on every push. The demo video is at: https://youtu.be/h3a9ONkC59c","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"133 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74690115","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
Extracting instruction semantics via symbolic execution of code generators 通过代码生成器的符号执行提取指令语义
N. Hasabnis, R. Sekar
Binary analysis and instrumentation form the basis of many tools and frameworks for software debugging, security hardening, and monitoring. Accurate modeling of instruction semantics is paramount in this regard, as errors can lead to program crashes, or worse, bypassing of security checks. Semantic modeling is a daunting task for modern processors such as x86 and ARM that support over a thousand instructions, many of them with complex semantics. This paper describes a new approach to automate this semantic modeling task. Our approach leverages instruction semantics knowledge that is already encoded into today's production compilers such as GCC and LLVM. Such an approach can greatly reduce manual effort, and more importantly, avoid errors introduced by manual modeling. Furthermore, it is applicable to any of the numerous architectures already supported by the compiler. In this paper, we develop a new symbolic execution technique to extract instruction semantics from a compiler's source code. Unlike previous applications of symbolic execution that were focused on identifying a single program path that violates a property, our approach addresses the all paths problem, extracting the entire input/output behavior of the code generator. We have applied it successfully to the 120K lines of C-code used in GCC's code generator to extract x86 instruction semantics. To demonstrate architecture-neutrality, we have also applied it to AVR, a processor used in the popular Arduino platform.
二进制分析和检测构成了许多用于软件调试、安全加固和监视的工具和框架的基础。在这方面,指令语义的准确建模是至关重要的,因为错误可能导致程序崩溃,或者更糟的是,绕过安全检查。对于支持上千条指令的现代处理器(如x86和ARM)来说,语义建模是一项艰巨的任务,其中许多指令具有复杂的语义。本文描述了一种自动化语义建模任务的新方法。我们的方法利用了指令语义知识,这些知识已经被编码到今天的生产编译器(如GCC和LLVM)中。这种方法可以大大减少人工工作量,更重要的是,可以避免人工建模带来的错误。此外,它适用于编译器已经支持的众多体系结构中的任何一个。在本文中,我们开发了一种新的符号执行技术来从编译器的源代码中提取指令语义。与以前的符号执行应用程序专注于识别违反属性的单个程序路径不同,我们的方法解决了所有路径问题,提取了代码生成器的整个输入/输出行为。我们已经成功地将它应用到GCC代码生成器中用于提取x86指令语义的120K行c代码中。为了证明架构中立性,我们还将其应用于AVR,这是流行的Arduino平台中使用的处理器。
{"title":"Extracting instruction semantics via symbolic execution of code generators","authors":"N. Hasabnis, R. Sekar","doi":"10.1145/2950290.2950335","DOIUrl":"https://doi.org/10.1145/2950290.2950335","url":null,"abstract":"Binary analysis and instrumentation form the basis of many tools and frameworks for software debugging, security hardening, and monitoring. Accurate modeling of instruction semantics is paramount in this regard, as errors can lead to program crashes, or worse, bypassing of security checks. Semantic modeling is a daunting task for modern processors such as x86 and ARM that support over a thousand instructions, many of them with complex semantics. This paper describes a new approach to automate this semantic modeling task. Our approach leverages instruction semantics knowledge that is already encoded into today's production compilers such as GCC and LLVM. Such an approach can greatly reduce manual effort, and more importantly, avoid errors introduced by manual modeling. Furthermore, it is applicable to any of the numerous architectures already supported by the compiler. In this paper, we develop a new symbolic execution technique to extract instruction semantics from a compiler's source code. Unlike previous applications of symbolic execution that were focused on identifying a single program path that violates a property, our approach addresses the all paths problem, extracting the entire input/output behavior of the code generator. We have applied it successfully to the 120K lines of C-code used in GCC's code generator to extract x86 instruction semantics. To demonstrate architecture-neutrality, we have also applied it to AVR, a processor used in the popular Arduino platform.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"19 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74427444","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
On-the-fly decomposition of specifications in software model checking 软件模型检查中规范的动态分解
S. Apel, Dirk Beyer, V. Mordan, V. Mutilin, Andreas Stahlbauer
Major breakthroughs have increased the efficiency and effectiveness of software model checking considerably, such that this technology is now applicable to industrial-scale software. However, verifying the full formal specification of a software system is still considered too complex, and in practice, sets of properties are verified one by one in isolation. We propose an approach that takes the full formal specification as input and first tries to verify all properties simultaneously in one verification run. Our verification algorithm monitors itself and detects situations for which the full set of properties is too complex. In such cases, we perform an automatic decomposition of the full set of properties into smaller sets, and continue the verification seamlessly. To avoid state-space explosion for large sets of properties, we introduce on-the-fly property weaving: properties get weaved into the program's transition system on the fly, during the analysis; which properties to weave and verify is determined dynamically during the verification process. We perform an extensive evaluation based on verification tasks that were derived from 4336 Linux kernel modules, and a set of properties that define the correct usage of the Linux API. Checking several properties simultaneously can lead to a significant performance gain, due to the fact that abstract models share many parts among different properties.
重大突破大大提高了软件模型检查的效率和有效性,因此这项技术现在可以应用于工业规模的软件。然而,验证软件系统的完整正式规范仍然被认为过于复杂,并且在实践中,属性集是孤立地一个接一个地验证的。我们建议采用一种方法,将完整的形式化规范作为输入,并首先尝试在一次验证运行中同时验证所有属性。我们的验证算法会自我监控,并检测全套属性过于复杂的情况。在这种情况下,我们执行将完整的属性集自动分解为更小的集合,并无缝地继续验证。为了避免大型属性集的状态空间爆炸,我们引入了动态属性编织:在分析过程中,动态地将属性编织到程序的转换系统中;在验证过程中动态确定要编织和验证的属性。我们基于来自4336个Linux内核模块的验证任务和一组定义Linux API正确用法的属性执行了广泛的评估。同时检查多个属性可以显著提高性能,因为抽象模型在不同属性之间共享许多部分。
{"title":"On-the-fly decomposition of specifications in software model checking","authors":"S. Apel, Dirk Beyer, V. Mordan, V. Mutilin, Andreas Stahlbauer","doi":"10.1145/2950290.2950349","DOIUrl":"https://doi.org/10.1145/2950290.2950349","url":null,"abstract":"Major breakthroughs have increased the efficiency and effectiveness of software model checking considerably, such that this technology is now applicable to industrial-scale software. However, verifying the full formal specification of a software system is still considered too complex, and in practice, sets of properties are verified one by one in isolation. We propose an approach that takes the full formal specification as input and first tries to verify all properties simultaneously in one verification run. Our verification algorithm monitors itself and detects situations for which the full set of properties is too complex. In such cases, we perform an automatic decomposition of the full set of properties into smaller sets, and continue the verification seamlessly. To avoid state-space explosion for large sets of properties, we introduce on-the-fly property weaving: properties get weaved into the program's transition system on the fly, during the analysis; which properties to weave and verify is determined dynamically during the verification process. We perform an extensive evaluation based on verification tasks that were derived from 4336 Linux kernel modules, and a set of properties that define the correct usage of the Linux API. Checking several properties simultaneously can lead to a significant performance gain, due to the fact that abstract models share many parts among different properties.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"772 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85016713","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
期刊
Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1