Effective and Efficient API Misuse Detection via Exception Propagation and Search-Based Testing

Maria Kechagia; Xavier Devroey; Annibale Panichella; Georgios Gousios; Arie van Deursen

doi:10.1145/3293882.3330552

Effective and Efficient API Misuse Detection via Exception Propagation and Search-Based Testing

Maria Kechagia, Xavier Devroey, Annibale Panichella, Georgios Gousios, Arie van Deursen

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

19 Citations (Scopus)

630 Downloads (Pure)

Abstract

Application Programming Interfaces (APIs) typically come with (implicit) usage constraints. The violations of these constraints (API misuses) can lead to software crashes. Even though there are several tools that can detect API misuses, most of them suffer from a very high rate of false positives. We introduce Catcher, a novel API misuse detection approach that combines static exception propagation analysis with automatic search-based test case generation to effectively and efficiently pinpoint crash-prone API misuses in client applications. We validate Catcher against 21 Java applications, targeting misuses of the Java platform’s API. Our results indicate that Catcher is able to generate test cases that uncover 243 (unique) API misuses that result in crashes. Our empirical evaluation shows that Catcher can detect a large number of misuses (77 cases) that would remain undetected by the traditional coverage-based test case generator EvoSuite. Additionally, on average, Catcher is eight times faster than EvoSuite in generating test cases for the identified misuses. Finally, we find that the majority of the exceptions triggered by Catcher are unexpected to developers, i.e., not only unhandled in the source code but also not listed in the documentation of the client applications.

Original language	English
Title of host publication	ISSTA 2019
Subtitle of host publication	Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis
Editors	Anders Moller, Dongmei Zhang
Place of Publication	New York
Publisher	Association for Computing Machinery (ACM)
Pages	192-203
Number of pages	12
ISBN (Electronic)	978-1-4503-6224-5
DOIs	https://doi.org/10.1145/3293882.3330552
Publication status	Published - 2019
Event	ISSTA 2019: 28th ACM SIGSOFT International Symposium on Software Testing and Analysis - Beijing, China Duration: 15 Jul 2019 → 19 Jul 2019 Conference number: 28 https://conf.researchr.org/home/issta-2019

Conference

Conference	ISSTA 2019: 28th ACM SIGSOFT International Symposium on Software Testing and Analysis
Abbreviated title	ISSTA '19
Country/Territory	China
City	Beijing
Period	15/07/19 → 19/07/19
Internet address	https://conf.researchr.org/home/issta-2019

Keywords

API misuse
Search-based software testing
Software crash
Static exception propagation

Access to Document

10.1145/3293882.3330552

catcherSubmitted manuscript, 911 KB

Cite this

Kechagia, M., Devroey, X., Panichella, A., Gousios, G., & van Deursen, A. (2019). Effective and Efficient API Misuse Detection via Exception Propagation and Search-Based Testing. In A. Moller, & D. Zhang (Eds.), ISSTA 2019 : Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis (pp. 192-203). Association for Computing Machinery (ACM). https://doi.org/10.1145/3293882.3330552

Kechagia, Maria ; Devroey, Xavier ; Panichella, Annibale et al. / Effective and Efficient API Misuse Detection via Exception Propagation and Search-Based Testing. ISSTA 2019 : Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis . editor / Anders Moller ; Dongmei Zhang. New York : Association for Computing Machinery (ACM), 2019. pp. 192-203

@inproceedings{b3cc4b4ca4604e2d9dd17b1f45368525,

title = "Effective and Efficient API Misuse Detection via Exception Propagation and Search-Based Testing",

abstract = "Application Programming Interfaces (APIs) typically come with (implicit) usage constraints. The violations of these constraints (API misuses) can lead to software crashes. Even though there are several tools that can detect API misuses, most of them suffer from a very high rate of false positives. We introduce Catcher, a novel API misuse detection approach that combines static exception propagation analysis with automatic search-based test case generation to effectively and efficiently pinpoint crash-prone API misuses in client applications. We validate Catcher against 21 Java applications, targeting misuses of the Java platform{\textquoteright}s API. Our results indicate that Catcher is able to generate test cases that uncover 243 (unique) API misuses that result in crashes. Our empirical evaluation shows that Catcher can detect a large number of misuses (77 cases) that would remain undetected by the traditional coverage-based test case generator EvoSuite. Additionally, on average, Catcher is eight times faster than EvoSuite in generating test cases for the identified misuses. Finally, we find that the majority of the exceptions triggered by Catcher are unexpected to developers, i.e., not only unhandled in the source code but also not listed in the documentation of the client applications.",

keywords = "API misuse, Search-based software testing, Software crash, Static exception propagation",

author = "Maria Kechagia and Xavier Devroey and Annibale Panichella and Georgios Gousios and {van Deursen}, Arie",

year = "2019",

doi = "10.1145/3293882.3330552",

language = "English",

pages = "192--203",

editor = "Anders Moller and Dongmei Zhang",

booktitle = "ISSTA 2019",

publisher = "Association for Computing Machinery (ACM)",

address = "United States",

note = "ISSTA 2019: 28th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA '19 ; Conference date: 15-07-2019 Through 19-07-2019",

url = "https://conf.researchr.org/home/issta-2019",

}

Kechagia, M, Devroey, X, Panichella, A , Gousios, G & van Deursen, A 2019, Effective and Efficient API Misuse Detection via Exception Propagation and Search-Based Testing. in A Moller & D Zhang (eds), ISSTA 2019 : Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis . Association for Computing Machinery (ACM), New York, pp. 192-203, ISSTA 2019: 28th ACM SIGSOFT International Symposium on Software Testing and Analysis, Beijing, China, 15/07/19. https://doi.org/10.1145/3293882.3330552

Effective and Efficient API Misuse Detection via Exception Propagation and Search-Based Testing. / Kechagia, Maria; Devroey, Xavier; Panichella, Annibale et al.
ISSTA 2019 : Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis . ed. / Anders Moller; Dongmei Zhang. New York: Association for Computing Machinery (ACM), 2019. p. 192-203.

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

TY - GEN

T1 - Effective and Efficient API Misuse Detection via Exception Propagation and Search-Based Testing

AU - Kechagia, Maria

AU - Devroey, Xavier

AU - Panichella, Annibale

AU - Gousios, Georgios

AU - van Deursen, Arie

N1 - Conference code: 28

PY - 2019

Y1 - 2019

N2 - Application Programming Interfaces (APIs) typically come with (implicit) usage constraints. The violations of these constraints (API misuses) can lead to software crashes. Even though there are several tools that can detect API misuses, most of them suffer from a very high rate of false positives. We introduce Catcher, a novel API misuse detection approach that combines static exception propagation analysis with automatic search-based test case generation to effectively and efficiently pinpoint crash-prone API misuses in client applications. We validate Catcher against 21 Java applications, targeting misuses of the Java platform’s API. Our results indicate that Catcher is able to generate test cases that uncover 243 (unique) API misuses that result in crashes. Our empirical evaluation shows that Catcher can detect a large number of misuses (77 cases) that would remain undetected by the traditional coverage-based test case generator EvoSuite. Additionally, on average, Catcher is eight times faster than EvoSuite in generating test cases for the identified misuses. Finally, we find that the majority of the exceptions triggered by Catcher are unexpected to developers, i.e., not only unhandled in the source code but also not listed in the documentation of the client applications.

AB - Application Programming Interfaces (APIs) typically come with (implicit) usage constraints. The violations of these constraints (API misuses) can lead to software crashes. Even though there are several tools that can detect API misuses, most of them suffer from a very high rate of false positives. We introduce Catcher, a novel API misuse detection approach that combines static exception propagation analysis with automatic search-based test case generation to effectively and efficiently pinpoint crash-prone API misuses in client applications. We validate Catcher against 21 Java applications, targeting misuses of the Java platform’s API. Our results indicate that Catcher is able to generate test cases that uncover 243 (unique) API misuses that result in crashes. Our empirical evaluation shows that Catcher can detect a large number of misuses (77 cases) that would remain undetected by the traditional coverage-based test case generator EvoSuite. Additionally, on average, Catcher is eight times faster than EvoSuite in generating test cases for the identified misuses. Finally, we find that the majority of the exceptions triggered by Catcher are unexpected to developers, i.e., not only unhandled in the source code but also not listed in the documentation of the client applications.

KW - API misuse

KW - Search-based software testing

KW - Software crash

KW - Static exception propagation

UR - http://www.scopus.com/inward/record.url?scp=85070649482&partnerID=8YFLogxK

U2 - 10.1145/3293882.3330552

DO - 10.1145/3293882.3330552

M3 - Conference contribution

SP - 192

EP - 203

BT - ISSTA 2019

A2 - Moller, Anders

A2 - Zhang, Dongmei

PB - Association for Computing Machinery (ACM)

CY - New York

T2 - ISSTA 2019: 28th ACM SIGSOFT International Symposium on Software Testing and Analysis

Y2 - 15 July 2019 through 19 July 2019

ER -

Kechagia M, Devroey X, Panichella A , Gousios G , van Deursen A. Effective and Efficient API Misuse Detection via Exception Propagation and Search-Based Testing. In Moller A, Zhang D, editors, ISSTA 2019 : Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis . New York: Association for Computing Machinery (ACM). 2019. p. 192-203 doi: 10.1145/3293882.3330552

Effective and Efficient API Misuse Detection via Exception Propagation and Search-Based Testing

Abstract

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Catcher, artifact of the paper: “Effective and Efficient API Misuse Detection via Exception Propagation and Search-based Testing”.

Cite this

Effective and Efficient API Misuse Detection via Exception Propagation and Search-Based Testing

Abstract

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Datasets

Catcher, artifact of the paper: “Effective and Efficient API Misuse Detection via Exception Propagation and Search-based Testing”.

Cite this