DySy

Csallner, Christoph; Tillmann, Nikolai; Smaragdakis, Yannis

doi:10.1145/1368088.1368127

Cited by 124 publications

(7 citation statements)

References 44 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Daikon Ernst et al (2001) was the first, widely successful approach that used dynamic analysis, which offers a different trade-off: it is unsound (the "inferred" specifications are only "likely" to be correct) but it is applicable to any program that can be executed. Daikon approach's practicality also yielded a lot of follow-up work aimed at improving its precision and its flexibility Csallner and Smaragdakis (2006); authorname (2008); Wei et al (2011), or at combining it with static techniques Csallner and Smaragdakis (2006);authorname (2008); Wei et al (2011);Csallner et al (2008);Tillmann et al (2006); . wit is fundamentally based on static analysis, which can be very precise but incomplete Le Goues and Weimer (2009); its heuristics further make it lightweight, and hence applicable to real-world Java projects.…”

Section: Related Workmentioning

confidence: 99%

Lightweight precise automatic extraction of exception preconditions in java methods

Marcilio,

Furia

2023

Empir Software Eng

View full text Add to dashboard Cite

When a method throws an exception— its exception precondition—is a crucial element of the method’s documentation that clients should know to properly use it. Unfortunately, exceptional behavior is often poorly documented, and sensitive to changes in a project’s implementation details that can be onerous to keep synchronized with the documentation. We present wit, an automated technique that extracts the exception preconditions of Java methods and constructors. wit uses static analysis to analyze the paths in a method’s implementation that lead to throwing an exception. wit’s analysis is precise, in that it only reports exception preconditions that are correct and correspond to feasible exceptional behavior. It is also lightweight: it only needs the source code of the class (or classes) to be analyzed— without building or running the whole project. To this end, its design uses heuristics that give up some completeness (wit cannot infer all exception preconditions) in exchange for precision and ease of applicability. We ran wit on the JDK and 46 Java projects, where it discovered 30 487 exception preconditions in 24 461 methods, taking less than two seconds per analyzed public method on average. A manual analysis of a significant sample of these exception preconditions confirmed that wit is 100% precise, and demonstrated that it can document the exceptional behavior of Java methods.

show abstract

Section: Related Workmentioning

confidence: 99%

Lightweight precise automatic extraction of exception preconditions in java methods

Marcilio,

Furia

2023

Empir Software Eng

View full text Add to dashboard Cite

show abstract

“…Various techniques have been proposed to infer specifications for programmes. Some approaches infer API specifications by statically mining API usage patterns from the client code and constructing common constraints as the specifications [6,28,29], while others detect invariants by dynamically running a programme and using machine learning algorithms to analyse the execution traces [1,2]. Recently, researchers proposed new techniques to infer specifications in a ‘guess and validate’ fashion [30‐32].…”

Section: Related Workmentioning

confidence: 99%

“…Since manually writing specifications for methods can be prohibitively expensive and error‐prone, researchers have proposed various techniques in the past few years to automatically infer specifications for library methods, for example, through dynamic [1‐5] or static [6,7] programme analysis, so that their implementation details can be abstracted away and complex programme analysis tasks may become possible or scalable. Another line of such work aims to infer specifications for methods from their natural language descriptions, in the form of API documentations [8,9] or code comments [10,11].…”

Section: Introductionmentioning

confidence: 99%

Documentation‐based functional constraint generation for library methods

Jiang

Chen

Pei

et al. 2021

Software Testing Verif & Rel

View full text Add to dashboard Cite

Summary Although software libraries promote code reuse and facilitate software development, they increase the complexity of programme analysis tasks. To effectively analyse programmes built on top of software libraries, it is essential to have specifications for the library methods that can be easily processed by analysis tools. However, the availability of such specifications is seriously limited at the moment. Manually writing the specifications can be prohibitively expensive and error‐prone, while existing automated approaches to inferring the specifications seldom produce results that are strong enough to be used in programme analysis. In this work, we propose the Doc2smt approach to generating strong functional constraints in SMT for library methods based on their documentations. Doc2smt first applies natural language processing (NLP) techniques and a set of rules to translate a method's natural language documentation into a large number of candidate constraint clauses in OCL. Then, it utilizes a manually enhanced domain model to identify OCL candidate constraint clauses that comply with the problem domain in static validation, translates well‐formed OCL constraints into the SMT‐LIB format, and checks whether each SMB‐LIB constraint rightly abstracts the functionalities of the method under consideration via testing in dynamic validation. In the end, it reports the first functional constraint that survives both validations to the user as the result. We have implemented the approach into a supporting tool with the same name. In experiments conducted on 451 methods from the Java Collections Framework and the Java IO library, Doc2smt generated correct constraints for 309 methods, with the average generation time for each correct constraint being merely 2.7 min. We have also applied the generated constraints to facilitate symbolic‐execution‐based test generation with the Symbolic Java PathFinder (SPF) tool. For 24 utility methods manipulating Java container and IO objects, SPF with access to the generated constraints produced 51.2 times more test cases than SPF without the access.

show abstract

“…In invariant inference, Daikon [Ernst et al 2001] initiated the black-box learning of likely program invariants [see e.g. Csallner et al 2008;Sankaranarayanan et al 2008]. In this paper we are interested in inferring necessarily correct inductive invariants.…”

Section: Related Workmentioning

confidence: 99%

Complexity and information in invariant inference

Feldman

Immerman

Sagiv

et al. 2019

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

This paper addresses the complexity of SAT-based invariant inference, a prominent approach to safety verification. We consider the problem of inferring an inductive invariant of polynomial length given a transition system and a safety property. We analyze the complexity of this problem in a black-box model, called the Hoare-query model, which is general enough to capture algorithms such as IC3/PDR and its variants. An algorithm in this model learns about the system's reachable states by querying the validity of Hoare triples.We show that in general an algorithm in the Hoare-query model requires an exponential number of queries. Our lower bound is information-theoretic and applies even to computationally unrestricted algorithms, showing that no choice of generalization from the partial information obtained in a polynomial number of Hoare queries can lead to an efficient invariant inference procedure in this class.We then show, for the first time, that by utilizing rich Hoare queries, as done in PDR, inference can be exponentially more efficient than approaches such as ICE learning, which only utilize inductiveness checks of candidates. We do so by constructing a class of transition systems for which a simple version of PDR with a single frame infers invariants in a polynomial number of queries, whereas every algorithm using only inductiveness checks and counterexamples requires an exponential number of queries.Our results also shed light on connections and differences with the classical theory of exact concept learning with queries, and imply that learning from counterexamples to induction is harder than classical exact learning from labeled examples. This demonstrates that the convergence rate of Counterexample-Guided Inductive Synthesis depends on the form of counterexamples.

show abstract

DySy

Cited by 124 publications

References 44 publications

Lightweight precise automatic extraction of exception preconditions in java methods

Lightweight precise automatic extraction of exception preconditions in java methods

Documentation‐based functional constraint generation for library methods

Complexity and information in invariant inference

Contact Info

Product

Resources

About