Skip to main content
SpringerLink
Log in
Book cover

International Static Analysis Symposium

SAS 2008: Static Analysis pp 78–92Cite as

Protocol Inference Using Static Path Profiles

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 5079))

Abstract

Specification inference tools typically mine commonalities among states at relevant program points. For example, to infer the invariants that must hold at all calls to a procedure p requires examining the state abstractions found at all call-sites to p. Unfortunately, existing approaches to building these abstractions require being able to explore all paths (either static or dynamic) to all of p’s call-sites to derive specifications with any measure of confidence. Because programs that have complex control-flow structure may induce a large number of paths, naive path exploration is impractical.

In this paper, we propose a new specification inference technique that allows us to efficiently explore statically all paths to a program point. Our approach builds static path profiles, profile information constructed by a static analysis that accumulates predicates valid along different paths to a program point. To make our technique tractable, we employ a summarization scheme to merge predicates at join points based on the frequency with which they occur on different paths. For example, predicates present on a majority of static paths to all call-sites of any procedure p forms the pre-condition of p.

We have implemented a tool, marga, based on static path profiling. Qualitative analysis of the specifications inferred by marga indicates that it is more accurate than existing static mining techniques, can be used to derive useful specification even for APIs that occur infrequently (statically) in the program, and is robust against imprecision that may arise from examination of infeasible or infrequently occurring dynamic paths. A comparison of the specifications generated using marga with a dynamic specification inference engine based on cute, an automatic unit test generation tool, indicates that marga generates comparably precise specifications with smaller cost.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ammons, G., Bodik, R., Larus, J.: Mining specifications. In: Proceedings of POPL 2002, pp. 4–16 (2002)

    Google Scholar 

  2. Ammons, G., Mandelin, D., Bodik, R., Larus, J.: Debugging temporal specifications with concept analysis. In: Proceedings of PLDI 2003, pp. 182–195 (2003)

    Google Scholar 

  3. Anderson, P., Reps, T., Teitelbaum, T.: Design and implementation of a fine-grained software inspection tool. IEEE Trans. on Software Engineering 29(8), 721–733 (2003)

    Article  Google Scholar 

  4. Ball, T., Larus, J.: Efficient path profiling. In: MICRO-29 (December 1996)

    Google Scholar 

  5. Ball, T., Rajamani, S.K.: Automatically validating temporal safety properties of interfaces. In: Dwyer, M.B. (ed.) SPIN 2001. LNCS, vol. 2057, pp. 103–122. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  6. Burdick, D., Calimlim, M., Flannick, J., Gehrke, J., Yiu, T.: Mafia: A performance study of mining maximal frequent itemsets. In: FIMI 2003 (2003)

    Google Scholar 

  7. Chin, B., Markstrum, S., Millstein, T.: Semantic type qualifiers. In: Proceedings of PLDI 2005, pp. 85–95 (2005)

    Google Scholar 

  8. Ernst, M., Cockrell, J., Griswold, W., Notkin, D.: Dynamically discovering likely program invariants to support program evolution. IEEE TSE 27(2), 1–25 (2001)

    Google Scholar 

  9. Foster, J., Terauchi, T., Aiken, A.: Flow-sensitive type qualifiers. In: Proceedings of PLDI 2002 (2002)

    Google Scholar 

  10. Furr, M., Foster, J.: Checking type safety of foreign function calls. In: Proceedings of PLDI 2005 (2005)

    Google Scholar 

  11. Godefroid, P.: Compositional dynamic test generation. In: POPL 2007, pp. 47–54 (2007)

    Google Scholar 

  12. Godefroid, P., Klarslund, N., Sen, K.: Dart: Directed automated random testing. In: Proceedings of PLDI 2005, Chicago, Il, pp. 213–223 (2005)

    Google Scholar 

  13. Henzinger, T., Jhala, R., Majumdar, R.: Permissive interfaces. SIGSOFT Softw. Eng. Notes 30(5), 31–40 (2005)

    Article  Google Scholar 

  14. Holzmann, G.J.: The SPIN Model Checker: Primer and Reference Manual. Addison-Wesley, Reading (2004)

    Google Scholar 

  15. Kapadia, A.S., Chan, W., Moye, L.A.: Mathematical Statistics With Applications. CRC, Boca Raton (2005)

    MATH  Google Scholar 

  16. Kremenek, T., Twohey, P., Back, G., Ng, A., Engler, D.: From uncertainty to belief: Inferring the specification within. In: Proceedings of OSDI 2006 (2006)

    Google Scholar 

  17. Lam, P., Kuncak, V., Rinard, M.: Generalized typestate checking for data structure consistency. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, Springer, Heidelberg (2005)

    Google Scholar 

  18. Li, Z., Zhou, Y.: Pr-miner: Automatically extracting implicit programming rules and detecting violations in large software code. In: Proceedings of ESEC-FSE 2005 (September 2005)

    Google Scholar 

  19. Mandelin, D., Xu, L., Bodik, R., Kimelman, D.: Jungloid mining: Helping to navigate the api jungle. In: Proceedings of PLDI 2005, pp. 48–61 (2005)

    Google Scholar 

  20. Ramanathan, M.K., Grama, A., Jagannathan, S.: Path-sensitive inference of function precedence protocols. In: Proceedings of ICSE 2007 (May 2007)

    Google Scholar 

  21. Ramanathan, M.K., Grama, A., Jagannathan, S.: Static specification inference using predicate mining. In: Proceedings of PLDI 2007, pp. 123–134 (2007)

    Google Scholar 

  22. Sen, K., Marinov, D., Agha, G.: Cute: A concolic unit testing engine for c. In: Proceedings of ESEC-FSE, pp. 263–272 (2005)

    Google Scholar 

  23. Shoham, S., Yahav, E., Fink, S., Pistoia, M.: Static specification mining using automata-based abstractions. In: ISSTA 2007: International Symposium on Software Testing and Analysis, pp. 174–184 (July 2007)

    Google Scholar 

  24. Vaswani, K., Nori, A.V., Chilimbi, T.M.: Preferential path profiling: compactly numbering interesting paths. In: Proceedings of POPL 2007, Nice, France (January 2007)

    Google Scholar 

  25. Weimer, W., Necula, G.: Mining temporal specifications for error detection. In: Halbwachs, N., Zuck, L.D. (eds.) TACAS 2005. LNCS, vol. 3440, pp. 461–476. Springer, Heidelberg (2005)

    Google Scholar 

  26. Xie, Y., Aiken, A.: Scalable error detection using boolean satisfiability. In: Proceedings of POPL 2005 (2005)

    Google Scholar 

  27. Yang, J., Evans, D., Bhardwaj, D., Bhat, T., Das, M.: Perracotta: Mining temporal api rules from imperfect traces. In: Proceedings of ICSE 2006 (May 2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Purdue University,  

    Murali Krishna Ramanathan, Ananth Grama & Suresh Jagannathan

  2. Electrical Engineering and Computer Science, University of California, Berkeley,  

    Koushik Sen

Authors
  1. Murali Krishna Ramanathan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Koushik Sen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ananth Grama
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Suresh Jagannathan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

María Alpuente Germán Vidal

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ramanathan, M.K., Sen, K., Grama, A., Jagannathan, S. (2008). Protocol Inference Using Static Path Profiles. In: Alpuente, M., Vidal, G. (eds) Static Analysis. SAS 2008. Lecture Notes in Computer Science, vol 5079. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69166-2_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-69166-2_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-69163-1

  • Online ISBN: 978-3-540-69166-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation