Effective and Efficient API Misuse Detection via Exception Propagation and Search-Based Testing

Maria Kechagia, Xavier Devroey, Annibale Panichella, Georgios Gousios, Arie van Deursen

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

21 Citations (Scopus)
657 Downloads (Pure)

Abstract

Application Programming Interfaces (APIs) typically come with (implicit) usage constraints. The violations of these constraints (API misuses) can lead to software crashes. Even though there are several tools that can detect API misuses, most of them suffer from a very high rate of false positives. We introduce Catcher, a novel API misuse detection approach that combines static exception propagation analysis with automatic search-based test case generation to effectively and efficiently pinpoint crash-prone API misuses in client applications. We validate Catcher against 21 Java applications, targeting misuses of the Java platform’s API. Our results indicate that Catcher is able to generate test cases that uncover 243 (unique) API misuses that result in crashes. Our empirical evaluation shows that Catcher can detect a large number of misuses (77 cases) that would remain undetected by the traditional coverage-based test case generator EvoSuite. Additionally, on average, Catcher is eight times faster than EvoSuite in generating test cases for the identified misuses. Finally, we find that the majority of the exceptions triggered by Catcher are unexpected to developers, i.e., not only unhandled in the source code but also not listed in the documentation of the client applications.
Original languageEnglish
Title of host publicationISSTA 2019
Subtitle of host publicationProceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis
EditorsAnders Moller, Dongmei Zhang
Place of PublicationNew York
PublisherAssociation for Computing Machinery (ACM)
Pages192-203
Number of pages12
ISBN (Electronic)978-1-4503-6224-5
DOIs
Publication statusPublished - 2019
EventISSTA 2019: 28th ACM SIGSOFT International Symposium on Software Testing and Analysis - Beijing, China
Duration: 15 Jul 201919 Jul 2019
Conference number: 28
https://conf.researchr.org/home/issta-2019

Conference

ConferenceISSTA 2019: 28th ACM SIGSOFT International Symposium on Software Testing and Analysis
Abbreviated titleISSTA '19
Country/TerritoryChina
CityBeijing
Period15/07/1919/07/19
Internet address

Keywords

  • API misuse
  • Search-based software testing
  • Software crash
  • Static exception propagation

Fingerprint

Dive into the research topics of 'Effective and Efficient API Misuse Detection via Exception Propagation and Search-Based Testing'. Together they form a unique fingerprint.

Cite this