首页 > 最新文献

Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering最新文献

英文 中文
ARdoc: app reviews development oriented classifier ARdoc:面向应用评论开发的分类器
Sebastiano Panichella, Andrea Di Sorbo, Emitzá Guzmán, C. A. Visaggio, G. Canfora, H. Gall
Google Play, Apple App Store and Windows Phone Store are well known distribution platforms where users can download mobile apps, rate them and write review comments about the apps they are using. Previous research studies demonstrated that these reviews contain important information to help developers improve their apps. However, analyzing reviews is challenging due to the large amount of reviews posted every day, the unstructured nature of reviews and its varying quality. In this demo we present ARdoc, a tool which combines three techniques: (1) Natural Language Parsing, (2) Text Analysis and (3) Sentiment Analysis to automatically classify useful feedback contained in app reviews important for performing software maintenance and evolution tasks. Our quantitative and qualitative analysis (involving mobile professional developers) demonstrates that ARdoc correctly classifies feedback useful for maintenance perspectives in user reviews with high precision (ranging between 84% and 89%), recall (ranging between 84% and 89%), and F-Measure (ranging between 84% and 89%). While evaluating our tool developers of our study confirmed the usefulness of ARdoc in extracting important maintenance tasks for their mobile applications. Demo URL: https://youtu.be/Baf18V6sN8E Demo Web Page: http://www.ifi.uzh.ch/seal/people/panichella/tools/ARdoc.html
Google Play、苹果App Store和Windows Phone Store都是知名的分销平台,用户可以在这些平台上下载手机应用,对它们进行评分,并对自己使用的应用发表评论。之前的研究表明,这些评论包含了重要的信息,可以帮助开发者改进他们的应用。然而,由于每天发布的大量评论,评论的非结构化性质及其质量参差不齐,分析评论是具有挑战性的。在这个演示中,我们展示了ARdoc,一个结合了三种技术的工具:(1)自然语言解析,(2)文本分析和(3)情感分析,用于自动分类应用评论中包含的有用反馈,这些反馈对于执行软件维护和发展任务很重要。我们的定量和定性分析(涉及移动专业开发人员)表明,ARdoc正确地将用户评论中对维护观点有用的反馈分类为高精度(范围在84%到89%之间)、召回率(范围在84%到89%之间)和F-Measure(范围在84%到89%之间)。在评估我们的工具时,我们研究的开发人员证实了ARdoc在为他们的移动应用程序提取重要维护任务方面的有用性。演示网址:https://youtu.be/Baf18V6sN8E演示网页:http://www.ifi.uzh.ch/seal/people/panichella/tools/ARdoc.html
{"title":"ARdoc: app reviews development oriented classifier","authors":"Sebastiano Panichella, Andrea Di Sorbo, Emitzá Guzmán, C. A. Visaggio, G. Canfora, H. Gall","doi":"10.1145/2950290.2983938","DOIUrl":"https://doi.org/10.1145/2950290.2983938","url":null,"abstract":"Google Play, Apple App Store and Windows Phone Store are well known distribution platforms where users can download mobile apps, rate them and write review comments about the apps they are using. Previous research studies demonstrated that these reviews contain important information to help developers improve their apps. However, analyzing reviews is challenging due to the large amount of reviews posted every day, the unstructured nature of reviews and its varying quality. In this demo we present ARdoc, a tool which combines three techniques: (1) Natural Language Parsing, (2) Text Analysis and (3) Sentiment Analysis to automatically classify useful feedback contained in app reviews important for performing software maintenance and evolution tasks. Our quantitative and qualitative analysis (involving mobile professional developers) demonstrates that ARdoc correctly classifies feedback useful for maintenance perspectives in user reviews with high precision (ranging between 84% and 89%), recall (ranging between 84% and 89%), and F-Measure (ranging between 84% and 89%). While evaluating our tool developers of our study confirmed the usefulness of ARdoc in extracting important maintenance tasks for their mobile applications. Demo URL: https://youtu.be/Baf18V6sN8E Demo Web Page: http://www.ifi.uzh.ch/seal/people/panichella/tools/ARdoc.html","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"57 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83097347","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 95
Parallel data race detection for task parallel programs with locks 带锁的任务并行程序的并行数据竞争检测
Adarsh Yoga, Santosh Nagarakatte, Aarti Gupta
Programming with tasks is a promising approach to write performance portable parallel code. In this model, the programmer explicitly specifies tasks and the task parallel runtime employs work stealing to distribute tasks among threads. Similar to multithreaded programs, task parallel programs can also exhibit data races. Unfortunately, prior data race detectors for task parallel programs either run the program serially or do not handle locks, and/or detect races only in the schedule observed by the analysis. This paper proposes PTRacer, a parallel on-the-fly data race detector for task parallel programs that use locks. PTRacer detects data races not only in the observed schedule but also those that can happen in other schedules (which are permutations of the memory operations in the observed schedule) for a given input. It accomplishes the above goal by leveraging the dynamic execution graph of a task parallel execution to determine whether two accesses can happen in parallel and by maintaining constant amount of access history metadata with each distinct set of locks held for each shared memory location. To detect data races (beyond the observed schedule) in programs with branches sensitive to scheduling decisions, we propose static compiler instrumentation that records memory accesses that will be executed in the other path with simple branches. PTRacer has performance overheads similar to the state-of-the-art race detector for task parallel programs, SPD3, while detecting more races in programs with locks.
使用任务编程是编写性能可移植并行代码的一种很有前途的方法。在这个模型中,程序员显式地指定任务,任务并行运行时使用工作窃取在线程之间分配任务。与多线程程序类似,任务并行程序也可能出现数据竞争。不幸的是,以前用于任务并行程序的数据竞争检测器要么串行运行程序,要么不处理锁,和/或仅在分析观察到的调度中检测竞争。针对使用锁的任务并行程序,提出了一种并行的动态数据竞争检测器PTRacer。对于给定的输入,PTRacer不仅检测观察到的调度中的数据竞争,还检测可能发生在其他调度中的数据竞争(即观察到的调度中内存操作的排列)。它通过利用任务并行执行的动态执行图来确定两个访问是否可以并行发生,并通过为每个共享内存位置保留不同的锁集来维护恒定数量的访问历史元数据,从而实现上述目标。为了在对调度决策敏感的分支程序中检测数据竞争(超出观察到的调度),我们提出了静态编译器插装,它记录将在具有简单分支的其他路径中执行的内存访问。PTRacer的性能开销类似于用于任务并行程序的最先进的竞争检测器SPD3,同时在带有锁的程序中检测更多的竞争。
{"title":"Parallel data race detection for task parallel programs with locks","authors":"Adarsh Yoga, Santosh Nagarakatte, Aarti Gupta","doi":"10.1145/2950290.2950329","DOIUrl":"https://doi.org/10.1145/2950290.2950329","url":null,"abstract":"Programming with tasks is a promising approach to write performance portable parallel code. In this model, the programmer explicitly specifies tasks and the task parallel runtime employs work stealing to distribute tasks among threads. Similar to multithreaded programs, task parallel programs can also exhibit data races. Unfortunately, prior data race detectors for task parallel programs either run the program serially or do not handle locks, and/or detect races only in the schedule observed by the analysis. This paper proposes PTRacer, a parallel on-the-fly data race detector for task parallel programs that use locks. PTRacer detects data races not only in the observed schedule but also those that can happen in other schedules (which are permutations of the memory operations in the observed schedule) for a given input. It accomplishes the above goal by leveraging the dynamic execution graph of a task parallel execution to determine whether two accesses can happen in parallel and by maintaining constant amount of access history metadata with each distinct set of locks held for each shared memory location. To detect data races (beyond the observed schedule) in programs with branches sensitive to scheduling decisions, we propose static compiler instrumentation that records memory accesses that will be executed in the other path with simple branches. PTRacer has performance overheads similar to the state-of-the-art race detector for task parallel programs, SPD3, while detecting more races in programs with locks.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"20 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83329166","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
Model, execute, and deploy: answering the hard questions in end-user programming (showcase) 建模、执行和部署:回答最终用户编程中的难题(展示)
S. Huang
End-user programming, a frequently recurring dream, has thus far eluded large-scale, complex applications. Very real, hard questions stand in the way of its realization. How can its languages and tools support: (1) The development of applications with large data sets and sophisticated computation? (2) The co-development by end-users and professional developers when the complexity of an application demands it? (3) Beyond development, the maintenance, distribution, monitoring, and integration with other applications and services? We discuss our approach to these questions, as implemented in the LogicBlox Modeler. We discuss its use in developing applications for governments, major financial institutions, and large global retailers. We highlight the essential synergies between Programming Languages, Software Engineering, and Database research to achieve self-service at scale, and present open questions to which we look to the FSE community for inspirations and solutions.
最终用户编程是一个经常重复出现的梦想,迄今为止,它一直无法实现大规模、复杂的应用程序。非常真实、困难的问题阻碍了它的实现。它的语言和工具如何支持:(1)开发具有大数据集和复杂计算的应用程序?(2)当应用程序的复杂性需要时,由最终用户和专业开发人员共同开发?(3)除了开发、维护、分发、监控以及与其他应用程序和服务的集成之外?我们将讨论在LogicBlox Modeler中实现的解决这些问题的方法。我们讨论了它在为政府、主要金融机构和大型全球零售商开发应用程序中的用途。我们强调了编程语言、软件工程和数据库研究之间的基本协同作用,以实现大规模的自助服务,并提出了一些开放的问题,我们期待FSE社区的灵感和解决方案。
{"title":"Model, execute, and deploy: answering the hard questions in end-user programming (showcase)","authors":"S. Huang","doi":"10.1145/2950290.2994158","DOIUrl":"https://doi.org/10.1145/2950290.2994158","url":null,"abstract":"End-user programming, a frequently recurring dream, has thus far eluded large-scale, complex applications. Very real, hard questions stand in the way of its realization. How can its languages and tools support: (1) The development of applications with large data sets and sophisticated computation? (2) The co-development by end-users and professional developers when the complexity of an application demands it? (3) Beyond development, the maintenance, distribution, monitoring, and integration with other applications and services? We discuss our approach to these questions, as implemented in the LogicBlox Modeler. We discuss its use in developing applications for governments, major financial institutions, and large global retailers. We highlight the essential synergies between Programming Languages, Software Engineering, and Database research to achieve self-service at scale, and present open questions to which we look to the FSE community for inspirations and solutions.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"15 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72927861","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Automated change impact analysis between SysML models of requirements and design 需求和设计的SysML模型之间的自动变更影响分析
S. Nejati, M. Sabetzadeh, Chetan Arora, L. Briand, Felix Mandoux
An important activity in systems engineering is analyzing how a change in requirements will impact the design of a system. Performing this analysis manually is expensive, particularly for complex systems. In this paper, we propose an approach to automatically identify the impact of requirements changes on system design, when the requirements and design elements are expressed using models. We ground our approach on the Systems Modeling Language (SysML) due to SysML's increasing use in industrial applications. Our approach has two steps: For a given change, we first apply a static slicing algorithm to extract an estimated set of impacted model elements. Next, we rank the elements of the resulting set according to a quantitative measure designed to predict how likely it is for each element to be impacted. The measure is computed using Natural Language Processing (NLP) applied to the textual content of the elements. Engineers can then inspect the ranked list of elements and identify those that are actually impacted. We evaluate our approach on an industrial case study with 16 real-world requirements changes. Our results suggest that, using our approach, engineers need to inspect on average only 4.8% of the entire design in order to identify the actually-impacted elements. We further show that our results consistently improve when our analysis takes into account both structural and behavioral diagrams rather than only structural ones, and the natural-language content of the diagrams in addition to only their structural and behavioral content.
系统工程中的一个重要活动是分析需求的变化将如何影响系统的设计。手动执行这种分析是昂贵的,特别是对于复杂的系统。在本文中,我们提出了一种方法来自动识别需求变化对系统设计的影响,当需求和设计元素使用模型表示时。我们的方法基于系统建模语言(SysML),因为SysML在工业应用程序中的使用越来越多。我们的方法有两个步骤:对于给定的更改,我们首先应用静态切片算法来提取受影响模型元素的估计集。接下来,我们根据定量度量来对结果集中的元素进行排序,该度量旨在预测每个元素受到影响的可能性。该度量是使用应用于元素文本内容的自然语言处理(NLP)计算的。然后工程师可以检查元素的排序列表,并确定那些实际受到影响的元素。我们在一个包含16个真实需求变化的工业案例研究中评估了我们的方法。我们的结果表明,使用我们的方法,工程师平均只需要检查整个设计的4.8%,以确定实际受影响的元素。我们进一步表明,当我们的分析考虑到结构图和行为图而不仅仅是结构图,以及图的自然语言内容以及它们的结构和行为内容时,我们的结果会持续改进。
{"title":"Automated change impact analysis between SysML models of requirements and design","authors":"S. Nejati, M. Sabetzadeh, Chetan Arora, L. Briand, Felix Mandoux","doi":"10.1145/2950290.2950293","DOIUrl":"https://doi.org/10.1145/2950290.2950293","url":null,"abstract":"An important activity in systems engineering is analyzing how a change in requirements will impact the design of a system. Performing this analysis manually is expensive, particularly for complex systems. In this paper, we propose an approach to automatically identify the impact of requirements changes on system design, when the requirements and design elements are expressed using models. We ground our approach on the Systems Modeling Language (SysML) due to SysML's increasing use in industrial applications. Our approach has two steps: For a given change, we first apply a static slicing algorithm to extract an estimated set of impacted model elements. Next, we rank the elements of the resulting set according to a quantitative measure designed to predict how likely it is for each element to be impacted. The measure is computed using Natural Language Processing (NLP) applied to the textual content of the elements. Engineers can then inspect the ranked list of elements and identify those that are actually impacted. We evaluate our approach on an industrial case study with 16 real-world requirements changes. Our results suggest that, using our approach, engineers need to inspect on average only 4.8% of the entire design in order to identify the actually-impacted elements. We further show that our results consistently improve when our analysis takes into account both structural and behavioral diagrams rather than only structural ones, and the natural-language content of the diagrams in addition to only their structural and behavioral content.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"39 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73193955","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
Reasoning with imprecise privacy preferences 用不精确的隐私偏好推理
Inah Omoronyia
User reluctance and context-dependent factors during information disclosure imply that people cannot always be counted on to indicate their appropriate privacy preference. This phenomenon is the well-known 'privacy paradox', which shows that users of modern technologies are constantly concerned about their privacy, but do not apply these concerns to their usage behaviour accordingly. The problem is that this mismatch between privacy concerns and the indicated privacy preference in software, is not considered when reasoning about the satisfaction of privacy requirements. This paper is a research vision that draws connections between the imprecisions in user privacy preferences, and reasoning about the satisfaction of privacy requirements. We outline the close relationship between privacy and user beliefs and uncertainties. We then propose a multi-agent framework that leverage on this relationship when reasoning about the satisfaction of privacy requirements. We anticipate that this vision will help reduce the gap between an increasingly complex information age and the software techniques needed to protect user privacy.
信息披露过程中的用户不情愿和情境依赖因素意味着人们并不总是能够表明他们适当的隐私偏好。这种现象就是众所周知的“隐私悖论”,这表明现代技术的用户不断关注他们的隐私,但并没有将这些担忧应用到他们的使用行为中。问题是,在对隐私要求的满足进行推理时,没有考虑到隐私问题与软件中所指示的隐私偏好之间的不匹配。本文的研究愿景是将用户隐私偏好的不精确性与隐私需求满足的推理联系起来。我们概述了隐私与用户信念和不确定性之间的密切关系。然后,我们提出了一个多代理框架,在推理隐私需求的满足时利用这种关系。我们预计这一愿景将有助于缩小日益复杂的信息时代与保护用户隐私所需的软件技术之间的差距。
{"title":"Reasoning with imprecise privacy preferences","authors":"Inah Omoronyia","doi":"10.1145/2950290.2983982","DOIUrl":"https://doi.org/10.1145/2950290.2983982","url":null,"abstract":"User reluctance and context-dependent factors during information disclosure imply that people cannot always be counted on to indicate their appropriate privacy preference. This phenomenon is the well-known 'privacy paradox', which shows that users of modern technologies are constantly concerned about their privacy, but do not apply these concerns to their usage behaviour accordingly. The problem is that this mismatch between privacy concerns and the indicated privacy preference in software, is not considered when reasoning about the satisfaction of privacy requirements. This paper is a research vision that draws connections between the imprecisions in user privacy preferences, and reasoning about the satisfaction of privacy requirements. We outline the close relationship between privacy and user beliefs and uncertainties. We then propose a multi-agent framework that leverage on this relationship when reasoning about the satisfaction of privacy requirements. We anticipate that this vision will help reduce the gap between an increasingly complex information age and the software techniques needed to protect user privacy.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"49 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78205076","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Discovering bug patterns in JavaScript 发现JavaScript中的bug模式
Quinn Hanam, Fernando Brito, A. Mesbah
JavaScript has become the most popular language used by developers for client and server side programming. The language, however, still lacks proper support in the form of warnings about potential bugs in the code. Most bug finding tools in use today cover bug patterns that are discovered by reading best practices or through developer intuition and anecdotal observation. As such, it is still unclear which bugs happen frequently in practice and which are important for developers to be fixed. We propose a novel semi-automatic technique, called BugAID, for discovering the most prevalent and detectable bug patterns. BugAID is based on unsupervised machine learning using language-construct-based changes distilled from AST differencing of bug fixes in the code. We present a large-scale study of common bug patterns by mining 105K commits from 134 server-side JavaScript projects. We discover 219 bug fixing change types and discuss 13 pervasive bug patterns that occur across multiple projects and can likely be prevented with better tool support. Our findings are useful for improving tools and techniques to prevent common bugs in JavaScript, guiding tool integration for IDEs, and making developers aware of common mistakes involved with programming in JavaScript.
JavaScript已经成为开发人员用于客户端和服务器端编程的最流行的语言。然而,该语言仍然缺乏对代码中潜在错误的警告形式的适当支持。目前使用的大多数bug查找工具都涵盖了通过阅读最佳实践或通过开发人员的直觉和轶事观察发现的bug模式。因此,目前还不清楚哪些bug在实践中经常发生,哪些bug对开发人员来说很重要,需要修复。我们提出了一种新的半自动技术,称为BugAID,用于发现最普遍和可检测的错误模式。BugAID基于无监督机器学习,使用基于语言结构的更改,从代码中的错误修复的AST差异中提取。我们通过从134个服务器端JavaScript项目中挖掘105K次提交,对常见错误模式进行了大规模研究。我们发现了219种错误修复更改类型,并讨论了13种普遍的错误模式,这些模式发生在多个项目中,并且可以通过更好的工具支持来预防。我们的发现有助于改进工具和技术,以防止JavaScript中的常见错误,指导ide的工具集成,并使开发人员意识到JavaScript编程中涉及的常见错误。
{"title":"Discovering bug patterns in JavaScript","authors":"Quinn Hanam, Fernando Brito, A. Mesbah","doi":"10.1145/2950290.2950308","DOIUrl":"https://doi.org/10.1145/2950290.2950308","url":null,"abstract":"JavaScript has become the most popular language used by developers for client and server side programming. The language, however, still lacks proper support in the form of warnings about potential bugs in the code. Most bug finding tools in use today cover bug patterns that are discovered by reading best practices or through developer intuition and anecdotal observation. As such, it is still unclear which bugs happen frequently in practice and which are important for developers to be fixed. We propose a novel semi-automatic technique, called BugAID, for discovering the most prevalent and detectable bug patterns. BugAID is based on unsupervised machine learning using language-construct-based changes distilled from AST differencing of bug fixes in the code. We present a large-scale study of common bug patterns by mining 105K commits from 134 server-side JavaScript projects. We discover 219 bug fixing change types and discuss 13 pervasive bug patterns that occur across multiple projects and can likely be prevented with better tool support. Our findings are useful for improving tools and techniques to prevent common bugs in JavaScript, guiding tool integration for IDEs, and making developers aware of common mistakes involved with programming in JavaScript.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"168 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77318332","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 70
Discovering additional violations of Java API invariants 发现对Java API不变量的其他违反
Waylon Huang
In the absence of formal specifications or test oracles, automating testing is made possible by the fact that a program must satisfy certain requirements set down by the programming language. This work describes Randoop, an automatic unit test generator which checks for invariants specified by the Java API. Randoop is able to detect violations to invariants as specified by the Java API and create error tests that reveal related bugs. Randoop is also able to produce regression tests, meant to be added to regression test suites, that capture expected behavior. We discuss additional extensions that we have made to Randoop which expands its capability for the detection of violation of specified invariants. We also examine an optimization and a heuristic for making the invariant checking process more efficient.
在没有正式规范或测试指示的情况下,由于程序必须满足由编程语言设定的特定需求,自动化测试成为可能。这项工作描述了Randoop,一个自动单元测试生成器,它检查Java API指定的不变量。Randoop能够检测对Java API指定的不变量的违反,并创建显示相关错误的错误测试。Randoop还能够生成回归测试,用于添加到回归测试套件中,以捕获预期的行为。我们讨论了我们对Randoop所做的额外扩展,它扩展了检测违反指定不变量的能力。我们还研究了一种优化方法和一种启发式方法,以使不变检查过程更有效。
{"title":"Discovering additional violations of Java API invariants","authors":"Waylon Huang","doi":"10.1145/2950290.2983977","DOIUrl":"https://doi.org/10.1145/2950290.2983977","url":null,"abstract":"In the absence of formal specifications or test oracles, automating testing is made possible by the fact that a program must satisfy certain requirements set down by the programming language. This work describes Randoop, an automatic unit test generator which checks for invariants specified by the Java API. Randoop is able to detect violations to invariants as specified by the Java API and create error tests that reveal related bugs. Randoop is also able to produce regression tests, meant to be added to regression test suites, that capture expected behavior. We discuss additional extensions that we have made to Randoop which expands its capability for the detection of violation of specified invariants. We also examine an optimization and a heuristic for making the invariant checking process more efficient.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"253 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73760848","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Regression testing of web applications using Record/Replay tools 使用Record/Replay工具对web应用程序进行回归测试
Mouna Hammoudi
Software engineers often use record/replay tools to enable the automated testing of web applications. Tests created in this man- ner can then be used to regression test new versions of the web applications as they evolve. Web application tests recorded by record/replay tools, however, can be quite brittle; they can easily break as applications change. For this reason, researchers have be- gun to seek approaches for automatically repairing record/replay tests. This research investigates different aspects in relation to test- ing web applications using record/replay tools. The areas that we are interested in include taxonomizing the causes behind breakages and developing automated techniques to repair breakages, creating prevention techniques to stop the occurrence of breakages and de- veloping automated frameworks for root cause analysis. Finally, we intend to evaluate all of these activities via controlled studies involving software engineers and real web application tests.
软件工程师经常使用记录/重放工具来实现web应用程序的自动化测试。以这种方式创建的测试可以用来对web应用程序的新版本进行回归测试。然而,由记录/重放工具记录的Web应用程序测试可能相当脆弱;随着应用程序的变化,它们很容易中断。因此,研究人员一直在寻找自动修复记录/重播测试的方法。本研究探讨了使用记录/重放工具测试web应用程序的不同方面。我们感兴趣的领域包括对损坏背后的原因进行分类,开发自动化技术来修复损坏,创建预防技术来阻止损坏的发生,以及开发用于根本原因分析的自动化框架。最后,我们打算通过涉及软件工程师和实际web应用程序测试的对照研究来评估所有这些活动。
{"title":"Regression testing of web applications using Record/Replay tools","authors":"Mouna Hammoudi","doi":"10.1145/2950290.2983942","DOIUrl":"https://doi.org/10.1145/2950290.2983942","url":null,"abstract":"Software engineers often use record/replay tools to enable the automated testing of web applications. Tests created in this man- ner can then be used to regression test new versions of the web applications as they evolve. Web application tests recorded by record/replay tools, however, can be quite brittle; they can easily break as applications change. For this reason, researchers have be- gun to seek approaches for automatically repairing record/replay tests. This research investigates different aspects in relation to test- ing web applications using record/replay tools. The areas that we are interested in include taxonomizing the causes behind breakages and developing automated techniques to repair breakages, creating prevention techniques to stop the occurrence of breakages and de- veloping automated frameworks for root cause analysis. Finally, we intend to evaluate all of these activities via controlled studies involving software engineers and real web application tests.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"67 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74600977","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Proteus: computing disjunctive loop summary via path dependency analysis Proteus:通过路径依赖分析计算析取循环摘要
Xiaofei Xie, Bihuan Chen, Yang Liu, Wei Le, Xiaohong Li
Loops are challenging structures for program analysis, especially when loops contain multiple paths with complex interleaving executions among these paths. In this paper, we first propose a classification of multi-path loops to understand the complexity of the loop execution, which is based on the variable updates on the loop conditions and the execution order of the loop paths. Secondly, we propose a loop analysis framework, named Proteus, which takes a loop program and a set of variables of interest as inputs and summarizes path-sensitive loop effects on the variables. The key contribution is to use a path dependency automaton (PDA) to capture the execution dependency between the paths. A DFS-based algorithm is proposed to traverse the PDA to summarize the effect for all feasible executions in the loop. The experimental results show that Proteus is effective in three applications: Proteus can 1) compute a more precise bound than the existing loop bound analysis techniques; 2) significantly outperform state-of-the-art tools for loop verification; and 3) generate test cases for deep loops within one second, while KLEE and Pex either need much more time or fail.
对于程序分析来说,循环是具有挑战性的结构,特别是当循环包含多个路径,并且这些路径之间有复杂的交错执行时。在本文中,我们首先提出了一种基于循环条件的变量更新和循环路径的执行顺序的多路径循环分类来理解循环执行的复杂性。其次,我们提出了一个名为Proteus的循环分析框架,它以一个循环程序和一组感兴趣的变量作为输入,并总结了路径敏感循环对变量的影响。关键的贡献是使用路径依赖自动机(PDA)来捕获路径之间的执行依赖。提出了一种基于dfs的算法来遍历PDA,以总结循环中所有可行执行的效果。实验结果表明,Proteus在三个方面的应用是有效的:1)与现有的环界分析技术相比,Proteus可以计算出更精确的边界;2)显著优于最先进的循环验证工具;3)在一秒钟内生成深度循环的测试用例,而KLEE和Pex要么需要更多的时间,要么会失败。
{"title":"Proteus: computing disjunctive loop summary via path dependency analysis","authors":"Xiaofei Xie, Bihuan Chen, Yang Liu, Wei Le, Xiaohong Li","doi":"10.1145/2950290.2950340","DOIUrl":"https://doi.org/10.1145/2950290.2950340","url":null,"abstract":"Loops are challenging structures for program analysis, especially when loops contain multiple paths with complex interleaving executions among these paths. In this paper, we first propose a classification of multi-path loops to understand the complexity of the loop execution, which is based on the variable updates on the loop conditions and the execution order of the loop paths. Secondly, we propose a loop analysis framework, named Proteus, which takes a loop program and a set of variables of interest as inputs and summarizes path-sensitive loop effects on the variables. The key contribution is to use a path dependency automaton (PDA) to capture the execution dependency between the paths. A DFS-based algorithm is proposed to traverse the PDA to summarize the effect for all feasible executions in the loop. The experimental results show that Proteus is effective in three applications: Proteus can 1) compute a more precise bound than the existing loop bound analysis techniques; 2) significantly outperform state-of-the-art tools for loop verification; and 3) generate test cases for deep loops within one second, while KLEE and Pex either need much more time or fail.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"22 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73462939","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 43
Python predictive analysis for bug detection 用于bug检测的Python预测分析
Zhaogui Xu, Peng Liu, X. Zhang, Baowen Xu
Python is a popular dynamic language that allows quick software development. However, Python program analysis engines are largely lacking. In this paper, we present a Python predictive analysis. It first collects the trace of an execution, and then encodes the trace and unexecuted branches to symbolic constraints. Symbolic variables are introduced to denote input values, their dynamic types, and attribute sets, to reason about their variations. Solving the constraints identifies bugs and their triggering inputs. Our evaluation shows that the technique is highly effective in analyzing real-world complex programs with a lot of dynamic features and external library calls, due to its sophisticated encoding design based on traces. It identifies 46 bugs from 11 real-world projects, with 16 new bugs. All reported bugs are true positives.
Python是一种流行的动态语言,支持快速软件开发。然而,Python程序分析引擎在很大程度上是缺乏的。在本文中,我们提出了一个Python预测分析。它首先收集执行的跟踪,然后将跟踪和未执行的分支编码为符号约束。引入符号变量来表示输入值、它们的动态类型和属性集,以推断它们的变化。解决约束可以识别bug和它们的触发输入。我们的评估表明,由于其基于跟踪的复杂编码设计,该技术在分析具有大量动态特征和外部库调用的现实世界复杂程序方面非常有效。它从11个实际项目中识别出46个bug,其中16个是新bug。所有报告的bug都是真正的阳性。
{"title":"Python predictive analysis for bug detection","authors":"Zhaogui Xu, Peng Liu, X. Zhang, Baowen Xu","doi":"10.1145/2950290.2950357","DOIUrl":"https://doi.org/10.1145/2950290.2950357","url":null,"abstract":"Python is a popular dynamic language that allows quick software development. However, Python program analysis engines are largely lacking. In this paper, we present a Python predictive analysis. It first collects the trace of an execution, and then encodes the trace and unexecuted branches to symbolic constraints. Symbolic variables are introduced to denote input values, their dynamic types, and attribute sets, to reason about their variations. Solving the constraints identifies bugs and their triggering inputs. Our evaluation shows that the technique is highly effective in analyzing real-world complex programs with a lot of dynamic features and external library calls, due to its sophisticated encoding design based on traces. It identifies 46 bugs from 11 real-world projects, with 16 new bugs. All reported bugs are true positives.","PeriodicalId":20532,"journal":{"name":"Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"5 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73619122","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
期刊
Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1