research-article

Public Access

Synthesizing framework models for symbolic execution

Authors:

Jonathan Fetter-Degges,

Jeffrey S. Foster,

Armando Solar-LezamaAuthors Info & Claims

ICSE '16: Proceedings of the 38th International Conference on Software Engineering

Pages 156 - 167

https://doi.org/10.1145/2884781.2884856

Published: 14 May 2016 Publication History

Abstract

Symbolic execution is a powerful program analysis technique, but it is difficult to apply to programs built using frameworks such as Swing and Android, because the framework code itself is hard to symbolically execute. The standard solution is to manually create a framework model that can be symbolically executed, but developing and maintaining a model is difficult and error-prone. In this paper, we present Pasket, a new system that takes a first step toward automatically generating Java framework models to support symbolic execution. Pasket's focus is on creating models by instantiating design patterns. Pasket takes as input class, method, and type information from the framework API, together with tutorial programs that exercise the framework. From these artifacts and Pasket's internal knowledge of design patterns, Pasket synthesizes a framework model whose behavior on the tutorial programs matches that of the original framework. We evaluated Pasket by synthesizing models for subsets of Swing and Android. Our results show that the models derived by Pasket are sufficient to allow us to use off-the-shelf symbolic execution tools to analyze Java programs that rely on frameworks.

References

[1]

H. Albin-amiot, Y. gaël Guéhéneuc, and R. A. Kastler. Meta-Modeling Design Patterns: Application to Pattern Detection and Code Synthesis. In Workshop Automating OOSD Methods, pages 01--35, 2001.

[2]

T. R. Andersen. Add Logging at Class Load Time, Apr. 22 2008. https://today.java.net/article/2008/04/22/add-logging-class-load-time-java-instrumentation.

[3]

M. Antkiewicz, T. T. Bartolomei, and K. Czarnecki. Automatic extraction of framework-specific models from framework-based application code. In Proceedings of the Twenty-second IEEE/ACM International Conference on Automated Software Engineering, ASE '07, pages 214--223, 2007.

Digital Library

[4]

S. Blackshear, A. Gendreau, and B.-Y. E. Chang. Droidel: A general approach to android framework modeling. In SOAP, pages 19--25. ACM, 2015.

Digital Library

[5]

C. Cadar, D. Dunbar, and D. R. Engler. KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs. In OSDI, pages 209--224, 2008.

Digital Library

[6]

Y. Cao, Y. Fratantonio, A. Bianchi, M. Egele, C. Kruegel, G. Vigna, and Y. Chen. Edgeminer: Automatically detecting implicit control flow transitions through the android framework. In NDSS '15, 2015.

[7]

M. Ceccarello and O. Tkachuk. Automated generation of model classes for java pathfinder. SIGSOFT Softw. Eng. Notes, 39(1):1--5, Feb. 2014.

Digital Library

[8]

S. Chiba. Load-Time Structural Reflection in Java. In ECOOP, pages 313--336, 2000.

Digital Library

[9]

L. Clapp, S. Anand, and A. Aiken. Modelgen: Mining explicit information flow specifications from concrete executions. In ISSTA, pages 129--140. ACM, 2015.

Digital Library

[10]

A. Demaille, R. Levillain, and B. Sigoure. TWEAST: A Simple and Effective Technique to Implement Concrete-syntax AST Rewriting Using Partial Parsing. In SAC, pages 1924--1929, 2009.

Digital Library

[11]

M. Fowler. InversionOfControl, June 2005. http://martinfowler.com/bliki/InversionOfControl.html.

[12]

E. Gamma, R. Helm, R. Johnson, and J. Vlissides. Design Patterns: Elements of Reusable Object-Oriented Software. Addison-Wesley Professional, 1994.

Digital Library

[13]

P. Godefroid and A. Taly. Automated Synthesis of Symbolic Instruction Encodings from I/O Samples. In PLDI, pages 441--452, 2012.

Digital Library

[14]

S. Gulwani, S. Jha, A. Tiwari, and R. Venkatesan. Synthesis of Loop-free Programs. In PLDI, pages 62--73, 2011.

Digital Library

[15]

S. Heule, M. Sridharan, and S. Chandra. Mimic: Computing models for opaque code. In European Software Engineering Conference and Foundations of Software Engineering (ESEC/FSE), pages 710--720. ACM, Sep 2015.

Digital Library

[16]

J. Jeon. Framework Synthesis for Symbolic Execution of Event-Driven Frameworks. PhD thesis, University of Maryland, College Park, Feb 2016.

[17]

J. Jeon, K. K. Micinski, and J. S. Foster. SymDroid: Symbolic Execution for Dalvik Bytecode. Technical Report CS-TR-5022, Department of Computer Science, University of Maryland, College Park, Jul 2012.

[18]

J. Jeon, K. K. Micinski, J. A. Vaughan, A. Fogel, N. Reddy, J. S. Foster, and T. Millstein. Dr. Android and Mr. Hide: Fine-grained Permissions in Android Applications. In ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), pages 3--14, Oct 2012.

Digital Library

[19]

J. Jeon, X. Qiu, A. Solar-Lezama, and J. S. Foster. Adaptive Concretization for Parallel Program Synthesis. In Computer Aided Verification (CAV), volume 9207 of Lecture Notes in Computer Science, pages 377--394, Jul 2015.

[20]

J. Jeon, X. Qiu, A. Solar-Lezama, and J. S. Foster. JSketch: Sketching for Java. In European Software Engineering Conference and Foundations of Software Engineering (ESEC/FSE), Sep 2015.

[21]

S.-U. Jeon, J.-S. Lee, and D.-H. Bae. An automated refactoring approach to design pattern-based program transformations in Java programs. In Asia-Pacific Software Engineering Conference, pages 337--345, 2002.

Digital Library

[22]

S. Jha, S. Gulwani, S. A. Seshia, and A. Tiwari. Oracle-guided component-based program synthesis. In ICSE, pages 215--224, 2010.

Digital Library

[23]

M. Loy, R. Eckstein, D. Wood, J. Elliott, and B. Cole. Java swing, 2nd edition: Code examples, 2003. http://examples.oreilly.com/jswing2/code/.

[24]

P. C. Mehlitz, O. Tkachuk, and M. Ujma. JPF-AWT: Model checking GUI applications. In ASE, pages 584--587, 2011.

Digital Library

[25]

K. Micinski, J. Fetter-Degges, J. Jeon, J. S. Foster, and M. R. Clarkson. Checking Interaction-Based Declassification Policies for Android Using Symbolic Execution. In European Symposium on Research in Computer Security (ESORICS), Vienna, Austria, Sep 2015.

[26]

T. Mikkonen. Formalizing Design Patterns. In ICSE, pages 115--124, 1998.

Digital Library

[27]

Oracle Corporation. Using swing components: Examples, 2015. https://docs.oracle.com/javase/tutorial/uiswing/examples/components/.

[28]

T. Parr and K. Fisher. LL(*): The Foundation of the ANTLR Parser Generator. In PLDI, pages 425--436, 2011.

Digital Library

[29]

A. Pnueli and R. Rosner. On the Synthesis of an Asynchronous Reactive Module. In ICALP, pages 652--671, 1989.

Digital Library

[30]

N. Rungta, P. C. Mehlitz, and W. Visser. JPF Tutorial, ASE 2013, 2013. URL http://babelfish.arc.nasa.gov/trac/jpf/raw-attachment/wiki/presentations/start/ASE13-tutorial.pdf.

[31]

H. Samimi, R. Hicks, A. Fogel, and T. Millstein. Declarative mocking. In Proceedings of the 2013 International Symposium on Software Testing and Analysis, ISSTA 2013, pages 246--256, 2013.

Digital Library

[32]

R. Singh and A. Solar-Lezama. Synthesizing data structure manipulations from storyboards. In FSE, pages 289--299, 2011.

Digital Library

[33]

R. Singh, S. Gulwani, and A. Solar-Lezama. Automated Feedback Generation for Introductory Programming Assignments. In PLDI, pages 15--26, 2013.

Digital Library

[34]

A. Solar-Lezama. Program sketching. International Journal on Software Tools for Technology Transfer, 15 (5-6):475--495, 2013.

Digital Library

[35]

A. Solar-Lezama. The Sketch Programmers Manual, 2015. Version 1.6.7.

[36]

A. Solar-Lezama, R. Rabbah, R. Bodík, and K. Ebcioğlu. Programming by sketching for bit-streaming programs. In PLDI, pages 281--294, 2005.

Digital Library

[37]

A. Solar-Lezama, G. Arnold, L. Tancau, R. Bodik, V. Saraswat, and S. Seshia. Sketching stencils. In PLDI, pages 167--178, 2007.

Digital Library

[38]

A. Solar-Lezama, C. G. Jones, and R. Bodik. Sketching concurrent data structures. In PLDI, pages 136--148, 2008.

Digital Library

[39]

A. Udupa, A. Raghavan, J. V. Deshmukh, S. Mador-Haim, M. M. Martin, and R. Alur. TRANSIT: Specifying Protocols with Concolic Snippets. In PLDI, pages 287--296, 2013.

Digital Library

[40]

H. van der Merwe, O. Tkachuk, B. van der Merwe, and W. Visser. Generation of library models for verification of android applications. SIGSOFT Softw. Eng. Notes, 40(1):1--5, Feb. 2015.

Digital Library

Cited By

Guo ZCao DTjong DYang JSchlesinger CPolikarpova NJhala RDillig I(2022)Type-directed program synthesis for RESTful APIsProceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3519939.3523450(122-136)Online publication date: 9-Jun-2022
https://dl.acm.org/doi/10.1145/3519939.3523450
Huang KQiu X(2022)Bootstrapping Library-Based SynthesisStatic Analysis10.1007/978-3-031-22308-2_13(272-298)Online publication date: 2-Dec-2022
https://doi.org/10.1007/978-3-031-22308-2_13
Ye QLu M(2021)SPOT: Testing Stream Processing Programs with Symbolic Execution and Stream SynthesizingApplied Sciences10.3390/app1117805711:17(8057)Online publication date: 30-Aug-2021
https://doi.org/10.3390/app11178057
Show More Cited By

Recommendations

Android testing via synthetic symbolic execution
ASE '18: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering

Symbolic execution of Android applications is challenging as it involves either building a customized VM for Android or modeling the Android libraries. Since the Android Runtime evolves from one version to another, building a high-fidelity symbolic ...
Shadow Symbolic Execution with Java PathFinder

Regression testing ensures that a software system when it evolves still performs correctly and that the changes introduce no unintended side-effects. However, the creation of regression test cases that show divergent behavior needs a lot of effort. A ...
A generic framework for symbolic execution

We propose a language-independent symbolic execution framework. The approach is parameterised by a language definition, which consists of a signature for the syntax and execution infrastructure of the language, a model interpreting the signature, and ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ICSE '16: Proceedings of the 38th International Conference on Software Engineering

May 2016

1235 pages

ISBN:9781450339001

DOI:10.1145/2884781

General Chair:
Laura Dillon
Michigan State University
,
Program Chairs:
Willem Visser
Stellenbosch University, South Africa
,
Laurie Williams
North Carolina State University

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

ACM: Association for Computing Machinery
SIGSOFT: ACM Special Interest Group on Software Engineering
IEEE-CS\TCSE: TC on Software Engineering
IEEE-CS\DATC: IEEE Computer Society

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 May 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

the Laboratory for Telecommunication Sciences
National Science Foundation

Conference

ICSE '16

Sponsor:

ACM
SIGSOFT
IEEE-CS\TCSE
IEEE-CS\DATC

ICSE '16: 38th International Conference on Software Engineering

May 14 - 22, 2016

Texas, Austin

Acceptance Rates

Overall Acceptance Rate 276 of 1,856 submissions, 15%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

24
Total Citations
View Citations
1,145
Total Downloads

Downloads (Last 12 months)113
Downloads (Last 6 weeks)17

Reflects downloads up to 11 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Guo ZCao DTjong DYang JSchlesinger CPolikarpova NJhala RDillig I(2022)Type-directed program synthesis for RESTful APIsProceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3519939.3523450(122-136)Online publication date: 9-Jun-2022
https://dl.acm.org/doi/10.1145/3519939.3523450
Huang KQiu X(2022)Bootstrapping Library-Based SynthesisStatic Analysis10.1007/978-3-031-22308-2_13(272-298)Online publication date: 2-Dec-2022
https://doi.org/10.1007/978-3-031-22308-2_13
Ye QLu M(2021)SPOT: Testing Stream Processing Programs with Symbolic Execution and Stream SynthesizingApplied Sciences10.3390/app1117805711:17(8057)Online publication date: 30-Aug-2021
https://doi.org/10.3390/app11178057
Shen JRinard M(2021)Active Learning for Inference and Regeneration of Applications that Access DatabasesACM Transactions on Programming Languages and Systems10.1145/343095242:4(1-119)Online publication date: 22-Jan-2021
https://dl.acm.org/doi/10.1145/3430952
Coker ZSunshine JLe Goues C(2021)FrameFix: Automatically Repairing Statically-Detected Directive Violations in Framework Applications2021 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)10.1109/SANER50967.2021.00027(201-212)Online publication date: Mar-2021
https://doi.org/10.1109/SANER50967.2021.00027
Bragg NFoster JRoux CSolar-Lezama A(2021)Program Sketching by Automatically Generating Mocks from TestsComputer Aided Verification10.1007/978-3-030-81685-8_38(808-831)Online publication date: 15-Jul-2021
https://doi.org/10.1007/978-3-030-81685-8_38
Luo LZeng QCao CChen KLiu JLiu LGao NYang MXing XLiu P(2020)Tainting-Assisted and Context-Migrated Symbolic Execution of Android Framework for Vulnerability Discovery and Exploit GenerationIEEE Transactions on Mobile Computing10.1109/TMC.2019.293656119:12(2946-2964)Online publication date: 1-Dec-2020
https://doi.org/10.1109/TMC.2019.2936561
Bagchi SAggarwal VChaterji SDouglis FGamal AHan JHenz BHoffmann HJana SKulkarni MLin FMarais KMittal PMou SQiu XScutari G(2020)Vision Paper: Grand Challenges in Resilience: Autonomous System Resilience through Design and Runtime MeasuresIEEE Open Journal of the Computer Society10.1109/OJCS.2020.30068071(155-172)Online publication date: 2020
https://doi.org/10.1109/OJCS.2020.3006807
Mariano BReese JXu SNguyen TQiu XFoster JSolar-Lezama A(2019)Program synthesis with algebraic library specificationsProceedings of the ACM on Programming Languages10.1145/33605583:OOPSLA(1-25)Online publication date: 10-Oct-2019
https://dl.acm.org/doi/10.1145/3360558
Hu MWei TZhang MMallet FChen M(2019)Sample-Guided Automated Synthesis for CCSL SpecificationsProceedings of the 56th Annual Design Automation Conference 201910.1145/3316781.3317904(1-6)Online publication date: 2-Jun-2019
https://dl.acm.org/doi/10.1145/3316781.3317904
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents