Fuzzing class specifications
- Autores
- Molina, Facundo; d’Amorim, Marcelo; Aguirre, Nazareno Matías
- Año de publicación
- 2022
- Idioma
- español castellano
- Tipo de recurso
- documento de conferencia
- Estado
- versión publicada
- Descripción
- Expressing class specifications via executable constraints is important for various software engineering tasks such as test generation, bug finding and automated debugging, but developers rarely write them. Techniques that infer specifications from code exist to fill this gap, but they are designed to support specific kinds of assertions and are difficult to adapt to support different assertion languages, e.g., to add support for quantification, or additional comparison operators, such as membership or containment.To address the above issue, we propose SpecFuzzer, a novel technique that combines grammar-based fuzzing, dynamic invariant detection, and mutation analysis, to automatically produce class specifications. SpecFuzzer uses: (i) a fuzzer as a generator of candidate assertions derived from a grammar that is automatically obtained from the class definition; (ii) a dynamic invariant detector –Daikon– to filter out assertions invalidated by a test suite; and (iii) a mutationbased mechanism to cluster and rank assertions, so that similar constraints are grouped and then the stronger prioritized. Fuzzing, traditionally used to efficiently produce structured random data for testing, has two key advantages in this context: (1) it eliminates the need of developers to manually define candidate assertions and (2) it enables developers to straightforwardly adapt the language of assertions by manipulating the fuzzing grammar, e.g., to include additional operators.We evaluated our technique on a benchmark of 43 Java methods employed in the evaluation of the state-of-the-art techniques GAssert and EvoSpex. In our evaluation, we used the same benchmarks from the evaluation of GAssert and EvoSpex, carefully studied the subjects, and manually produced corresponding “ground truth” assertions capturing the intended behavior of the subjects. We then used this ground truth to accurately assess precision and recall of SpecFuzzer, GAssert, and EvoSpex. Our results show that SpecFuzzer can easily support a more expressive assertion language, over which is more effective than GAssert and EvoSpex in inferring specifications, according to standard performance metrics. More precisely, SpecFuzzer was able to express ∼45% more assertions in the ground truth than these tools. Also, SpecFuzzer was able to detect 75% of all assertions in the ground truth, showing a better overall performance compared to previous techniques. The results we obtained provide initial, yet strong evidence that SpecFuzzer is effective. This work was published at the 44th International Conference on Software Engineering (ICSE 2022) held in Pittsburgh, PA, USA on 22-27 May 2022.
Sociedad Argentina de Informática e Investigación Operativa - Materia
-
Ciencias Informáticas
Assertion languages
SpecFuzzer - Nivel de accesibilidad
- acceso abierto
- Condiciones de uso
- http://creativecommons.org/licenses/by-nc-sa/4.0/
- Repositorio
.jpg)
- Institución
- Universidad Nacional de La Plata
- OAI Identificador
- oai:sedici.unlp.edu.ar:10915/151641
Ver los metadatos del registro completo
| id |
SEDICI_87feb74f64881be22d7a46ab57f0e5f2 |
|---|---|
| oai_identifier_str |
oai:sedici.unlp.edu.ar:10915/151641 |
| network_acronym_str |
SEDICI |
| repository_id_str |
1329 |
| network_name_str |
SEDICI (UNLP) |
| spelling |
Fuzzing class specificationsMolina, Facundod’Amorim, MarceloAguirre, Nazareno MatíasCiencias InformáticasAssertion languagesSpecFuzzerExpressing class specifications via executable constraints is important for various software engineering tasks such as test generation, bug finding and automated debugging, but developers rarely write them. Techniques that infer specifications from code exist to fill this gap, but they are designed to support specific kinds of assertions and are difficult to adapt to support different assertion languages, e.g., to add support for quantification, or additional comparison operators, such as membership or containment.To address the above issue, we propose SpecFuzzer, a novel technique that combines grammar-based fuzzing, dynamic invariant detection, and mutation analysis, to automatically produce class specifications. SpecFuzzer uses: (i) a fuzzer as a generator of candidate assertions derived from a grammar that is automatically obtained from the class definition; (ii) a dynamic invariant detector –Daikon– to filter out assertions invalidated by a test suite; and (iii) a mutationbased mechanism to cluster and rank assertions, so that similar constraints are grouped and then the stronger prioritized. Fuzzing, traditionally used to efficiently produce structured random data for testing, has two key advantages in this context: (1) it eliminates the need of developers to manually define candidate assertions and (2) it enables developers to straightforwardly adapt the language of assertions by manipulating the fuzzing grammar, e.g., to include additional operators.We evaluated our technique on a benchmark of 43 Java methods employed in the evaluation of the state-of-the-art techniques GAssert and EvoSpex. In our evaluation, we used the same benchmarks from the evaluation of GAssert and EvoSpex, carefully studied the subjects, and manually produced corresponding “ground truth” assertions capturing the intended behavior of the subjects. We then used this ground truth to accurately assess precision and recall of SpecFuzzer, GAssert, and EvoSpex. Our results show that SpecFuzzer can easily support a more expressive assertion language, over which is more effective than GAssert and EvoSpex in inferring specifications, according to standard performance metrics. More precisely, SpecFuzzer was able to express ∼45% more assertions in the ground truth than these tools. Also, SpecFuzzer was able to detect 75% of all assertions in the ground truth, showing a better overall performance compared to previous techniques. The results we obtained provide initial, yet strong evidence that SpecFuzzer is effective. This work was published at the 44th International Conference on Software Engineering (ICSE 2022) held in Pittsburgh, PA, USA on 22-27 May 2022.Sociedad Argentina de Informática e Investigación Operativa2022-10info:eu-repo/semantics/conferenceObjectinfo:eu-repo/semantics/publishedVersionResumenhttp://purl.org/coar/resource_type/c_5794info:ar-repo/semantics/documentoDeConferenciaapplication/pdf72-72http://sedici.unlp.edu.ar/handle/10915/151641spainfo:eu-repo/semantics/altIdentifier/url/https://publicaciones.sadio.org.ar/index.php/JAIIO/article/download/304/253info:eu-repo/semantics/altIdentifier/issn/2451-7496info:eu-repo/semantics/openAccesshttp://creativecommons.org/licenses/by-nc-sa/4.0/Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0)reponame:SEDICI (UNLP)instname:Universidad Nacional de La Platainstacron:UNLP2025-10-22T17:19:58Zoai:sedici.unlp.edu.ar:10915/151641Institucionalhttp://sedici.unlp.edu.ar/Universidad públicaNo correspondehttp://sedici.unlp.edu.ar/oai/snrdalira@sedici.unlp.edu.arArgentinaNo correspondeNo correspondeNo correspondeopendoar:13292025-10-22 17:19:58.374SEDICI (UNLP) - Universidad Nacional de La Platafalse |
| dc.title.none.fl_str_mv |
Fuzzing class specifications |
| title |
Fuzzing class specifications |
| spellingShingle |
Fuzzing class specifications Molina, Facundo Ciencias Informáticas Assertion languages SpecFuzzer |
| title_short |
Fuzzing class specifications |
| title_full |
Fuzzing class specifications |
| title_fullStr |
Fuzzing class specifications |
| title_full_unstemmed |
Fuzzing class specifications |
| title_sort |
Fuzzing class specifications |
| dc.creator.none.fl_str_mv |
Molina, Facundo d’Amorim, Marcelo Aguirre, Nazareno Matías |
| author |
Molina, Facundo |
| author_facet |
Molina, Facundo d’Amorim, Marcelo Aguirre, Nazareno Matías |
| author_role |
author |
| author2 |
d’Amorim, Marcelo Aguirre, Nazareno Matías |
| author2_role |
author author |
| dc.subject.none.fl_str_mv |
Ciencias Informáticas Assertion languages SpecFuzzer |
| topic |
Ciencias Informáticas Assertion languages SpecFuzzer |
| dc.description.none.fl_txt_mv |
Expressing class specifications via executable constraints is important for various software engineering tasks such as test generation, bug finding and automated debugging, but developers rarely write them. Techniques that infer specifications from code exist to fill this gap, but they are designed to support specific kinds of assertions and are difficult to adapt to support different assertion languages, e.g., to add support for quantification, or additional comparison operators, such as membership or containment.To address the above issue, we propose SpecFuzzer, a novel technique that combines grammar-based fuzzing, dynamic invariant detection, and mutation analysis, to automatically produce class specifications. SpecFuzzer uses: (i) a fuzzer as a generator of candidate assertions derived from a grammar that is automatically obtained from the class definition; (ii) a dynamic invariant detector –Daikon– to filter out assertions invalidated by a test suite; and (iii) a mutationbased mechanism to cluster and rank assertions, so that similar constraints are grouped and then the stronger prioritized. Fuzzing, traditionally used to efficiently produce structured random data for testing, has two key advantages in this context: (1) it eliminates the need of developers to manually define candidate assertions and (2) it enables developers to straightforwardly adapt the language of assertions by manipulating the fuzzing grammar, e.g., to include additional operators.We evaluated our technique on a benchmark of 43 Java methods employed in the evaluation of the state-of-the-art techniques GAssert and EvoSpex. In our evaluation, we used the same benchmarks from the evaluation of GAssert and EvoSpex, carefully studied the subjects, and manually produced corresponding “ground truth” assertions capturing the intended behavior of the subjects. We then used this ground truth to accurately assess precision and recall of SpecFuzzer, GAssert, and EvoSpex. Our results show that SpecFuzzer can easily support a more expressive assertion language, over which is more effective than GAssert and EvoSpex in inferring specifications, according to standard performance metrics. More precisely, SpecFuzzer was able to express ∼45% more assertions in the ground truth than these tools. Also, SpecFuzzer was able to detect 75% of all assertions in the ground truth, showing a better overall performance compared to previous techniques. The results we obtained provide initial, yet strong evidence that SpecFuzzer is effective. This work was published at the 44th International Conference on Software Engineering (ICSE 2022) held in Pittsburgh, PA, USA on 22-27 May 2022. Sociedad Argentina de Informática e Investigación Operativa |
| description |
Expressing class specifications via executable constraints is important for various software engineering tasks such as test generation, bug finding and automated debugging, but developers rarely write them. Techniques that infer specifications from code exist to fill this gap, but they are designed to support specific kinds of assertions and are difficult to adapt to support different assertion languages, e.g., to add support for quantification, or additional comparison operators, such as membership or containment.To address the above issue, we propose SpecFuzzer, a novel technique that combines grammar-based fuzzing, dynamic invariant detection, and mutation analysis, to automatically produce class specifications. SpecFuzzer uses: (i) a fuzzer as a generator of candidate assertions derived from a grammar that is automatically obtained from the class definition; (ii) a dynamic invariant detector –Daikon– to filter out assertions invalidated by a test suite; and (iii) a mutationbased mechanism to cluster and rank assertions, so that similar constraints are grouped and then the stronger prioritized. Fuzzing, traditionally used to efficiently produce structured random data for testing, has two key advantages in this context: (1) it eliminates the need of developers to manually define candidate assertions and (2) it enables developers to straightforwardly adapt the language of assertions by manipulating the fuzzing grammar, e.g., to include additional operators.We evaluated our technique on a benchmark of 43 Java methods employed in the evaluation of the state-of-the-art techniques GAssert and EvoSpex. In our evaluation, we used the same benchmarks from the evaluation of GAssert and EvoSpex, carefully studied the subjects, and manually produced corresponding “ground truth” assertions capturing the intended behavior of the subjects. We then used this ground truth to accurately assess precision and recall of SpecFuzzer, GAssert, and EvoSpex. Our results show that SpecFuzzer can easily support a more expressive assertion language, over which is more effective than GAssert and EvoSpex in inferring specifications, according to standard performance metrics. More precisely, SpecFuzzer was able to express ∼45% more assertions in the ground truth than these tools. Also, SpecFuzzer was able to detect 75% of all assertions in the ground truth, showing a better overall performance compared to previous techniques. The results we obtained provide initial, yet strong evidence that SpecFuzzer is effective. This work was published at the 44th International Conference on Software Engineering (ICSE 2022) held in Pittsburgh, PA, USA on 22-27 May 2022. |
| publishDate |
2022 |
| dc.date.none.fl_str_mv |
2022-10 |
| dc.type.none.fl_str_mv |
info:eu-repo/semantics/conferenceObject info:eu-repo/semantics/publishedVersion Resumen http://purl.org/coar/resource_type/c_5794 info:ar-repo/semantics/documentoDeConferencia |
| format |
conferenceObject |
| status_str |
publishedVersion |
| dc.identifier.none.fl_str_mv |
http://sedici.unlp.edu.ar/handle/10915/151641 |
| url |
http://sedici.unlp.edu.ar/handle/10915/151641 |
| dc.language.none.fl_str_mv |
spa |
| language |
spa |
| dc.relation.none.fl_str_mv |
info:eu-repo/semantics/altIdentifier/url/https://publicaciones.sadio.org.ar/index.php/JAIIO/article/download/304/253 info:eu-repo/semantics/altIdentifier/issn/2451-7496 |
| dc.rights.none.fl_str_mv |
info:eu-repo/semantics/openAccess http://creativecommons.org/licenses/by-nc-sa/4.0/ Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) |
| eu_rights_str_mv |
openAccess |
| rights_invalid_str_mv |
http://creativecommons.org/licenses/by-nc-sa/4.0/ Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) |
| dc.format.none.fl_str_mv |
application/pdf 72-72 |
| dc.source.none.fl_str_mv |
reponame:SEDICI (UNLP) instname:Universidad Nacional de La Plata instacron:UNLP |
| reponame_str |
SEDICI (UNLP) |
| collection |
SEDICI (UNLP) |
| instname_str |
Universidad Nacional de La Plata |
| instacron_str |
UNLP |
| institution |
UNLP |
| repository.name.fl_str_mv |
SEDICI (UNLP) - Universidad Nacional de La Plata |
| repository.mail.fl_str_mv |
alira@sedici.unlp.edu.ar |
| _version_ |
1846783621451481088 |
| score |
12.982451 |