TY - GEN
T1 - Effective and efficient API misuse detection via exception propagation and search-based testing
AU - Kechagia, Maria
AU - Devroey, Xavier
AU - Panichella, Annibale
AU - Gousios, Georgios
AU - van Deursen, Arie
N1 - Publisher Copyright:
© 2019 Association for Computing Machinery.
Copyright:
Copyright 2020 Elsevier B.V., All rights reserved.
PY - 2019/7/10
Y1 - 2019/7/10
N2 - Application Programming Interfaces (APIs) typically come with (implicit) usage constraints. The violations of these constraints (API misuses) can lead to software crashes. Even though there are several tools that can detect API misuses, most of them suffer from a very high rate of false positives. We introduce Catcher, a novel API misuse detection approach that combines static exception propagation analysis with automatic search-based test case generation to effectively and efficiently pinpoint crash-prone API misuses in client applications. We validate Catcher against 21 Java applications, targeting misuses of the Java platform’s API. Our results indicate that Catcher is able to generate test cases that uncover 243 (unique) API misuses that result in crashes. Our empirical evaluation shows that Catcher can detect a large number of misuses (77 cases) that would remain undetected by the traditional coverage-based test case generator EvoSuite. Additionally, on average, Catcher is eight times faster than EvoSuite in generating test cases for the identified misuses. Finally, we find that the majority of the exceptions triggered by Catcher are unexpected to developers, i.e., not only unhandled in the source code but also not listed in the documentation of the client applications.
AB - Application Programming Interfaces (APIs) typically come with (implicit) usage constraints. The violations of these constraints (API misuses) can lead to software crashes. Even though there are several tools that can detect API misuses, most of them suffer from a very high rate of false positives. We introduce Catcher, a novel API misuse detection approach that combines static exception propagation analysis with automatic search-based test case generation to effectively and efficiently pinpoint crash-prone API misuses in client applications. We validate Catcher against 21 Java applications, targeting misuses of the Java platform’s API. Our results indicate that Catcher is able to generate test cases that uncover 243 (unique) API misuses that result in crashes. Our empirical evaluation shows that Catcher can detect a large number of misuses (77 cases) that would remain undetected by the traditional coverage-based test case generator EvoSuite. Additionally, on average, Catcher is eight times faster than EvoSuite in generating test cases for the identified misuses. Finally, we find that the majority of the exceptions triggered by Catcher are unexpected to developers, i.e., not only unhandled in the source code but also not listed in the documentation of the client applications.
KW - API misuse
KW - Search-based software testing
KW - Software crash
KW - Static exception propagation
UR - http://dl.acm.org/citation.cfm?doid=3293882.3330552
UR - http://www.scopus.com/inward/record.url?scp=85070649482&partnerID=8YFLogxK
U2 - 10.1145/3293882.3330552
DO - 10.1145/3293882.3330552
M3 - Conference contribution
SN - 9781450362245
T3 - ISSTA 2019 - Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis
SP - 192
EP - 203
BT - ISSTA 2019 - Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis
A2 - Zhang, Dongmei
A2 - Moller, Anders
PB - ACM Press
CY - New York, New York, USA
ER -