generate-specs-issta2002 - Automatic Generation of Program...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Automatic Generation of Program Specifications Jeremy W. Nimmer and Michael D. Ernst MIT Lab for Computer Science 200 Technology Square Cambridge, MA 02139 USA { jwnimmer,mernst } Abstract Producing specifications by dynamic (runtime) analysis of program executions is potentially unsound, because the analyzed executions may not fully characterize all possible executions of the program. In practice, how accurate are the results of a dynamic analysis? This paper describes the results of an investigation into this ques- tion, determining how much specifications generalized from pro- gram runs must be changed in order to be verified by a static checker. Surprisingly, small test suites captured nearly all program behavior required by a specific type of static checking; the static checker guaranteed that the implementations satisfy the generated specifi- cations, and ensured the absence of runtime exceptions. Measured against this verification task, the generated specifications scored over 90% on precision, a measure of soundness, and on recall, a measure of completeness. This is a positive result for testing, because it suggests that dy- namic analyses can capture all semantic information of interest for certain applications. The experimental results demonstrate that a specific technique, dynamic invariant detection, is effective at generating consistent, sufficient specifications for use by a static checker. Finally, the research shows that combining static and dy- namic analyses over program specifications has benefits for users of each technique, guaranteeing soundness of the dynamic analysis and lessening the annotation burden for users of the static analysis. 1. Introduction This paper investigates combining dynamic and static analyses for the task of recovering formal program specifications. The pa- per evaluates the accuracy of a dynamic analysis by measuring the static verifiability of its result. The accuracy of a dynamic analy- sis is of interest because its accuracy affects its utility. Recovering specifications is a valuable goal because specifications are useful in testing, debugging, verification, maintenance, and optimization, among other tasks, but are frequently absent from programs, de- priving software engineers of their benefits. Dynamic (runtime) analysis obtains information from program executions; examples include profiling and testing. Rather than modeling the state of the program, dynamic analysis uses actual values computed during program executions. Dynamic analysis can be efficient and precise, but the results may not generalize to future program executions. This potential unsoundness makes dynamic analysis inappropriate for certain uses, and it may make users reluctant to depend on the results even in other contexts be- cause of uncertainty as to their reliability....
View Full Document

This note was uploaded on 02/24/2012 for the course CSE 503 taught by Professor Davidnotikin during the Spring '11 term at University of Washington.

Page1 / 11

generate-specs-issta2002 - Automatic Generation of Program...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online