Nomen est Omen: Exploring and Exploiting Name Similarities between Arguments and Parameters

Size: px
Start display at page:

Download "Nomen est Omen: Exploring and Exploiting Name Similarities between Arguments and Parameters"

Transcription

1 Nomen est Omen: Exploring and Exploiting Name Similarities between Arguments and Parameters Hui Liu 1 Qiurong Liu 1 Cristian-Alexandru Staicu 2 Michael Pradel 2 Yue Luo 1 1 Beijing Institute of Technology 2 Technical University of Darmstadt May 23, 2016

2 Motivation How we see the source code: void writeversionfile(file file, float version) { DataOutputStream dos = new DataOutputStream(file); dos.writefloat(version); dos.close(); } 1/15

3 Motivation How we see the source code: void writeversionfile(file file, float version) { DataOutputStream dos = new DataOutputStream(file); dos.writefloat(version); dos.close(); } How most analyses see the source code: void a(a b, B c) { C d = new C(b); d.e(c); d.f(); } 1/15

4 Motivation Main Idea Use similarities between arguments and parameters names in program analysis. 2/15

5 Motivation Main Idea Use similarities between arguments and parameters names in program analysis. Parameters (method definition) void writeversionfile(file file, float version) {...} Arguments (call site) writeversionfile(file, version); writeversionfile(myfile, currentversion); writeversionfile(target, v); 2/15

6 This talk Empirical evidence that: names of arguments and parameters are similar dissimilar names can be filtered out Two applications: anomaly detection arguments recommendation 3/15

7 This talk Empirical evidence that: names of arguments and parameters are similar dissimilar names can be filtered out Two applications: anomaly detection arguments recommendation [Allamanis et al., FSE2014], [Allamanis et al., FSE2015], [Butler et al. CSMR2010], [Pradel and Gross, ISSTA2011] 3/15

8 Empirical Study Are argument and parameter names similar? Yes, in 31% of the cases even identical. 4/15

9 Empirical Study Are argument and parameter names similar? Yes, in 31% of the cases even identical. Why are some dissimilar? Mostly because of short and generic names. 4/15

10 Empirical Study Are argument and parameter names similar? Yes, in 31% of the cases even identical. Why are some dissimilar? Mostly because of short and generic names. Can we eliminate dissimilar names? Yes, a significant part of them. 4/15

11 Empirical Study Are argument and parameter names similar? Yes, in 31% of the cases even identical. Why are some dissimilar? Mostly because of short and generic names. Can we eliminate dissimilar names? Yes, a significant part of them. Do developers pick the most similar arguments? Yes, in most of the cases. 4/15

12 Methodology and Setup 60 popular Java programs >600,000 arguments Retrieve parameters using JDT s static solving lexsim(arg, par) = included terms(arg,par) + included terms(par,arg) terms(arg) + terms(par) 5/15

13 Methodology and Setup 60 popular Java programs >600,000 arguments Retrieve parameters using JDT s static solving lexsim(arg, par) = included terms(arg,par) + included terms(par,arg) terms(arg) + terms(par) lexsim( length, inputlength ) = = /15

14 Are Argument and Parameter Names Similar? 60% 50% 40% 30% 20% 10% 0% [0.0, 0.1) [0.1, 0.2) [0.2, 0.3) [0.3, 0.4) [0.4, 0.5) [0.5, 0.6) [0.6, 0.7) [0.7, 0.8) [0.8, 0.9) [0.9, 1.0) 1 Similarity 6/15

15 Why are Some Names Dissimilar? Short identifiers: 40.5% of the dissimilar pairs have a parameter of length < = 3 7/15

16 Why are Some Names Dissimilar? Short identifiers: 40.5% of the dissimilar pairs have a parameter of length < = 3 Generic identifiers: index, item, key, value account for 14% of dissimilarities 7/15

17 Can We Eliminate Dissimilar Names? Example of code containing generic identifier names 1 : public int maxvalue(int array[]){ List<Integer> list = new ArrayList<Integer>(); for (int i = 0; i < array.length; i++) { list.add(array[i]); } return Collections.max(list); } 1 stackoverflow, question /15

18 Can We Eliminate Dissimilar Names? Example of code containing generic identifier names 1 : public int maxvalue(int array[]){ List<Integer> list = new ArrayList<Integer>(); for (int i = 0; i < array.length; i++) { list.add(array[i]); } return Collections.max(list); } Idea Use a corpus of programs to infer parameters names that are likely to appear in dissimilar pairs. 1 stackoverflow, question /15

19 Pruning Low-Similarity Parameters 60% 50% 40% 30% 20% 10% 0% [0.0, 0.1) [0.1, 0.2) [0.2, 0.3) [0.3, 0.4) [0.4, 0.5) [0.5, 0.6) [0.6, 0.7) [0.7, 0.8) [0.8, 0.9) [0.9, 1.0) 1 Similarity Before Filtering After Filtering ; 9/15

20 Do Developers Pick the Most Similar Arguments? Compare argument with potential alternatives. 10/15

21 Do Developers Pick the Most Similar Arguments? Compare argument with potential alternatives. Findings 50% of the arguments have no alternatives 13.5% are strictly more similar than any other alternative if filtering out is applied, this number increases two times 6.9% have a more similar alternative 10/15

22 Application 1: Anomaly Detection Idea An anomaly is a low-similarity pair that has a potential alternative that would significantly increase the similarity. 11/15

23 Application 1: Anomaly Detection Idea An anomaly is a low-similarity pair that has a potential alternative that would significantly increase the similarity. Issue in Lightweight Java Game Library: void writeversionfile(file file, float version) {... } File versionfile;... writeversionfile(dir, latestversion); 11/15

24 Application 1: Anomaly Detection Idea An anomaly is a low-similarity pair that has a potential alternative that would significantly increase the similarity. Issue in Lightweight Java Game Library: void writeversionfile(file file, float version) {... } File versionfile;... writeversionfile(dir, latestversion); 11/15

25 Anomaly Detection: Results Ground truth: 14 bugs in the history of the subject programs Approach detected: 6 / 14 and three additional ones 127 renaming opportunities Average precision: 80% 12/15

26 Application 2: Arguments Recommendation 13/15

27 Application 2: Arguments Recommendation Idea Suggest the most similar potential alternative. 13/15

28 Arguments Recommendation: Results Analyzed arguments in four applications. Recommended 1,588 arguments with a precision of 83%. Missing recommendations: complex expressions literals typecasts 14/15

29 Conclusions Empirical evidence that: names of arguments and parameters are similar short and generic parameters cause dissimilarity dissimilar names can be filtered out developers tend to pick the most similar arguments Two applications: anomaly detection arguments recommendation 15/15

30 Conclusions Empirical evidence that: names of arguments and parameters are similar short and generic parameters cause dissimilarity dissimilar names can be filtered out developers tend to pick the most similar arguments Two applications: anomaly detection arguments recommendation Promising opportunities for more name-based techniques 15/15

31 Conclusions Empirical evidence that: names of arguments and parameters are similar short and generic parameters cause dissimilarity dissimilar names can be filtered out developers tend to pick the most similar arguments Two applications: anomaly detection arguments recommendation Promising opportunities for more name-based techniques 15/15

Automatic Testing of Sequential and Concurrent Substitutability

Automatic Testing of Sequential and Concurrent Substitutability Automatic Testing of Sequential and Concurrent Substitutability Michael Pradel and Thomas R. Gross Department of Computer Science ETH Zurich 1 Motivation void bar(foo f) { f.m();... } bar() expects functionality

More information

Understanding and Automatically Preventing Injection Attacks on Node.js

Understanding and Automatically Preventing Injection Attacks on Node.js Understanding and Automatically Preventing Injection Attacks on Node.js Michael Pradel TU Darmstadt Joint work with Cristian Staicu (TU Darmstadt) and Ben Livshits (Microsoft Research, Redmond) 1 Why JavaScript?

More information

CS 112 Introduction to Computing II. Wayne Snyder Computer Science Department Boston University

CS 112 Introduction to Computing II. Wayne Snyder Computer Science Department Boston University 9/5/6 CS Introduction to Computing II Wayne Snyder Department Boston University Today: Arrays (D and D) Methods Program structure Fields vs local variables Next time: Program structure continued: Classes

More information

Static Detection of Brittle Parameter Typing

Static Detection of Brittle Parameter Typing Static Detection of Brittle Parameter Typing Michael Pradel, Severin Heiniger, and Thomas R. Gross Department of Computer Science ETH Zurich 1 Motivation void m(a a) {... } Object A.. B C D E F 2 Motivation

More information

Synode: Understanding and Automatically Preventing Injection Attacks on Node.js

Synode: Understanding and Automatically Preventing Injection Attacks on Node.js Synode: Understanding and Automatically Preventing Injection Attacks on Node.js Cristian-Alexandru Staicu 1 Michael Pradel 1 Ben Livshits 2 1 TU Darmstadt 2 Imperial College London, Brave Software February

More information

Saying Hi! Is Not Enough: Mining Inputs for Effective Test Generation

Saying Hi! Is Not Enough: Mining Inputs for Effective Test Generation Saying Hi! Is Not Enough: Mining Inputs for Effective Test Generation Luca Della Toffola Department of Computer Science ETH Zurich, Switzerland Cristian-Alexandru Staicu Department of Computer Science

More information

Automatic Generation of Program Specifications

Automatic Generation of Program Specifications Automatic Generation of Program Specifications Jeremy Nimmer MIT Lab for Computer Science http://pag.lcs.mit.edu/ Joint work with Michael Ernst Jeremy Nimmer, page 1 Synopsis Specifications are useful

More information

Fully Automatic and Precise Detection of Thread Safety Violations

Fully Automatic and Precise Detection of Thread Safety Violations Fully Automatic and Precise Detection of Thread Safety Violations Michael Pradel and Thomas R. Gross Department of Computer Science ETH Zurich 1 Motivation Thread-safe classes: Building blocks for concurrent

More information

DLint: Dynamically Checking Bad Coding Practices in JavaScript

DLint: Dynamically Checking Bad Coding Practices in JavaScript DLint: Dynamically Checking Bad Coding Practices in JavaScript Liang Gong 1, Michael Pradel 2, Manu Sridharan 3 and Koushik Sen 1 1 UC Berkeley 2 TU Darmstadt 3 Samsung Research America Why JavaScript?

More information

Analyzing Software using Deep Learning

Analyzing Software using Deep Learning Analyzing Software using Deep Learning Lecture 3: Sequence-to-Sequence Networks and their Applications Prof. Dr. Michael Pradel Software Lab, TU Darmstadt 1 Plan for Today (Part 2) Sequence-to-sequence

More information

Combined Static and Dynamic Automated Test Generation

Combined Static and Dynamic Automated Test Generation Combined Static and Dynamic Automated Test Generation Sai Zhang University of Washington Joint work with: David Saff, Yingyi Bu, Michael D. Ernst 1 Unit Testing for Object-oriented Programs Unit test =

More information

TypeDevil: Dynamic Type Inconsistency Analysis for JavaScript

TypeDevil: Dynamic Type Inconsistency Analysis for JavaScript TypeDevil: Dynamic Type Inconsistency Analysis for JavaScript Michael Pradel 1, Parker Schuh 2, Koushik Sen 2 1 TU Darmstadt, 2 UC Berkeley 1 Motivation JavaScript: Dynamic and permissive Problems remain

More information

Lightweight Verification of Array Indexing

Lightweight Verification of Array Indexing Lightweight Verification of Array Indexing Martin Kellogg*, Vlastimil Dort**, Suzanne Millstein*, Michael D. Ernst* * University of Washington, Seattle ** Charles University, Prague The problem: unsafe

More information

Performance Issues and Optimizations in JavaScript: An Empirical Study

Performance Issues and Optimizations in JavaScript: An Empirical Study Performance Issues and Optimizations in JavaScript: An Empirical Study Marija Selakovic Department of Computer Science TU Darmstadt, Germany m.selakovic89@gmail.com Michael Pradel Department of Computer

More information

MINING SOURCE CODE REPOSITORIES AT MASSIVE SCALE USING LANGUAGE MODELING COMP 5900 X ERIC TORUNSKI DEC 1, 2016

MINING SOURCE CODE REPOSITORIES AT MASSIVE SCALE USING LANGUAGE MODELING COMP 5900 X ERIC TORUNSKI DEC 1, 2016 MINING SOURCE CODE REPOSITORIES AT MASSIVE SCALE USING LANGUAGE MODELING COMP 5900 X ERIC TORUNSKI DEC 1, 2016 OVERVIEW Miltiadis Allamanis, Mining Source Code Repositories at Massive Scale using Language

More information

JITProf: Pinpointing JIT-Unfriendly JavaScript Code

JITProf: Pinpointing JIT-Unfriendly JavaScript Code JITProf: Pinpointing JIT-Unfriendly JavaScript Code Liang Gong 1, Michael Pradel 2, Koushik Sen 1 1 UC Berkeley, 2 TU Darmstadt 1 Motivation JavaScript: One of the most popular languages Performance: Crucial

More information

5) Attacker causes damage Different to gaining control. For example, the attacker might quit after gaining control.

5) Attacker causes damage Different to gaining control. For example, the attacker might quit after gaining control. Feb 23, 2009 CSE, 409/509 Mitigation of Bugs, Life of an exploit 1) Bug inserted into code 2) Bug passes testing 3) Attacker triggers bug 4) The Attacker gains control of the program 5) Attacker causes

More information

DLint: Dynamically Checking Bad Coding Practices in JavaScript

DLint: Dynamically Checking Bad Coding Practices in JavaScript DLint: Dynamically Checking Bad Coding Practices in JavaScript Liang Gong 1, Michael Pradel 2, Manu Sridharan 3 and Koushik Sen 1 1 UC Berkeley 2 TU Darmstadt 3 Samsung Research America Why JavaScript?

More information

Operators in java Operator operands.

Operators in java Operator operands. Operators in java Operator in java is a symbol that is used to perform operations and the objects of operation are referred as operands. There are many types of operators in java such as unary operator,

More information

Estimating Mobile Application Energy Consumption Using Program Analysis

Estimating Mobile Application Energy Consumption Using Program Analysis Estimating Mobile Application Energy Consumption Using Program Analysis Shuai Hao, Ding Li, William G.J. Halfond, and Ramesh Govindan University of Southern California Motivation Smartphones are popular

More information

Empirical Study on Impact of Developer Collaboration on Source Code

Empirical Study on Impact of Developer Collaboration on Source Code Empirical Study on Impact of Developer Collaboration on Source Code Akshay Chopra, Sahil Puri and Parul Verma 03 April 2018 Outline Introduction Research Questions Methodology Data Characteristics Analysis

More information

Variable Feature Usage Patterns in PHP

Variable Feature Usage Patterns in PHP Variable Feature Usage Patterns in PHP Mark Hills 30th IEEE/ACM International Conference on Automated Software Engineering November 9-13, 2015 Lincoln, Nebraska, USA http://www.rascal-mpl.org 1 Background

More information

Lessons learnt from the Beijing Olympic Games Website Measurement

Lessons learnt from the Beijing Olympic Games Website Measurement Lessons learnt from the Beijing Olympic Games Website Measurement Rocky K. C. Chang The Internet Infrastructure and Security Group The Hong Kong Polytechnic University September 30, 2008 1 Motivations

More information

Large-Scale API Protocol Mining for Automated Bug Detection

Large-Scale API Protocol Mining for Automated Bug Detection Large-Scale API Protocol Mining for Automated Bug Detection Michael Pradel Department of Computer Science ETH Zurich 1 Motivation LinkedList pinconnections =...; Iterator i = pinconnections.iterator();

More information

3.Constructors and Destructors. Develop cpp program to implement constructor and destructor.

3.Constructors and Destructors. Develop cpp program to implement constructor and destructor. 3.Constructors and Destructors Develop cpp program to implement constructor and destructor. Constructors A constructor is a special member function whose task is to initialize the objects of its class.

More information

CSCI Test 1.Spring 2004 Student Id: Grading: Undergrads, you are responsible for 110 points. Grads: you are responsible for 120 points

CSCI Test 1.Spring 2004 Student Id: Grading: Undergrads, you are responsible for 110 points. Grads: you are responsible for 120 points 1a.Define Programming Language. (3 b. From the point of view of development of software packages, list the kinds of activities that a programming language ought to support. (4 b. List the 3 factors in

More information

ANSWERS. Birkbeck (University of London) Software and Programming 1 In-class Test Feb Student Name Student Number. Answer all questions

ANSWERS. Birkbeck (University of London) Software and Programming 1 In-class Test Feb Student Name Student Number. Answer all questions Birkbeck (University of London) Software and Programming 1 In-class Test 1.1 9 Feb 2017 Student Name Student Number Answer all questions 1. Consider the following sequence of Java statements: int m = 3;

More information

Static Analysis in Practice

Static Analysis in Practice in Practice 15-313: Foundations of Software Engineering Jonathan Aldrich 1 Outline: in Practice Case study: Analysis at ebay Case study: Analysis at Microsoft Analysis Results and Process Example: Standard

More information

CMSC 132: Object-Oriented Programming II

CMSC 132: Object-Oriented Programming II CMSC 132: Object-Oriented Programming II Object-Oriented Programming Intro Department of Computer Science University of Maryland, College Park Object-Oriented Programming (OOP) Approach to improving software

More information

Program Testing and Analysis: Manual Testing Prof. Dr. Michael Pradel Software Lab, TU Darmstadt

Program Testing and Analysis: Manual Testing Prof. Dr. Michael Pradel Software Lab, TU Darmstadt Program Testing and Analysis: Manual Testing Prof. Dr. Michael Pradel Software Lab, TU Darmstadt Partly based on slides from Peter Müller, ETH Zurich 1 Warm-up Quiz What does the following code print?

More information

Type Inference Systems. Type Judgments. Deriving a Type Judgment. Deriving a Judgment. Hypothetical Type Judgments CS412/CS413

Type Inference Systems. Type Judgments. Deriving a Type Judgment. Deriving a Judgment. Hypothetical Type Judgments CS412/CS413 Type Inference Systems CS412/CS413 Introduction to Compilers Tim Teitelbaum Type inference systems define types for all legal programs in a language Type inference systems are to type-checking: As regular

More information

Static Analysis in Practice

Static Analysis in Practice in Practice 17-654/17-754: Analysis of Software Artifacts Jonathan Aldrich 1 Quick Poll Who is familiar and comfortable with design patterns? e.g. what is a Factory and why use it? 2 1 Outline: in Practice

More information

Internet Traffic Classification Using Machine Learning. Tanjila Ahmed Dec 6, 2017

Internet Traffic Classification Using Machine Learning. Tanjila Ahmed Dec 6, 2017 Internet Traffic Classification Using Machine Learning Tanjila Ahmed Dec 6, 2017 Agenda 1. Introduction 2. Motivation 3. Methodology 4. Results 5. Conclusion 6. References Motivation Traffic classification

More information

CS558 Programming Languages

CS558 Programming Languages CS558 Programming Languages Fall 2017 Lecture 7b Andrew Tolmach Portland State University 1994-2017 Type Inference Some statically typed languages, like ML (and to a lesser extent Scala), offer alternative

More information

Combining the Logical and the Probabilistic in Program Analysis. Xin Zhang Xujie Si Mayur Naik University of Pennsylvania

Combining the Logical and the Probabilistic in Program Analysis. Xin Zhang Xujie Si Mayur Naik University of Pennsylvania Combining the Logical and the Probabilistic in Program Analysis Xin Zhang Xujie Si Mayur Naik University of Pennsylvania What is Program Analysis? int f(int i) {... } Program Analysis x may be null!...

More information

Topics. Java arrays. Definition. Data Structures and Information Systems Part 1: Data Structures. Lecture 3: Arrays (1)

Topics. Java arrays. Definition. Data Structures and Information Systems Part 1: Data Structures. Lecture 3: Arrays (1) Topics Data Structures and Information Systems Part 1: Data Structures Michele Zito Lecture 3: Arrays (1) Data structure definition: arrays. Java arrays creation access Primitive types and reference types

More information

Refactoring with Eclipse

Refactoring with Eclipse Refactoring with Eclipse Seng 371 Lab 8 By Bassam Sayed Based on IBM article Explore refactoring functions in Eclipse JDT by Prashant Deva Code Refactoring Code refactoring is a disciplined way to restructure

More information

Procedural Programming

Procedural Programming Unit 18: Procedural Unit code: D/601/1293 QCF Level 4: BTEC Higher National Credit value: 15 Aim To provide learners with an understanding of the principles of procedural programming and to enable them

More information

VARIABLES AND TYPES CITS1001

VARIABLES AND TYPES CITS1001 VARIABLES AND TYPES CITS1001 Scope of this lecture Types in Java the eight primitive types the unlimited number of object types Values and References The Golden Rule Primitive types Every piece of data

More information

CSE 143. Computer Programming II

CSE 143. Computer Programming II Adam Blank Lecture 15 Spring 2015 CSE 143 Computer Programming II CSE 143: Computer Programming II More Interfaces & Iterators Today s Goals 1 We begin with ArrayIntList & LinkedIntList. Our goals are:

More information

Inheritance Usage Patterns in Open-Source Systems. Jamie Stevenson and Murray Wood. University of Strathclyde, Glasgow, UK

Inheritance Usage Patterns in Open-Source Systems. Jamie Stevenson and Murray Wood. University of Strathclyde, Glasgow, UK Inheritance Usage Patterns in Open-Source Systems Jamie Stevenson and Murray Wood University of Strathclyde, Glasgow, UK Aims of Study: To investigate how inheritance is used in practice To close the gap

More information

Northeastern University Systems Security Lab

Northeastern University Systems Security Lab Northeastern University Systems Security Lab Why is CSP Failing? Trends and Challenges in CSP Adoption Symposium on Research in Attacks, Intrusions and Defenses (RAID) Gothenburg, Sweden, September 2014

More information

INDEX. A SIMPLE JAVA PROGRAM Class Declaration The Main Line. The Line Contains Three Keywords The Output Line

INDEX. A SIMPLE JAVA PROGRAM Class Declaration The Main Line. The Line Contains Three Keywords The Output Line A SIMPLE JAVA PROGRAM Class Declaration The Main Line INDEX The Line Contains Three Keywords The Output Line COMMENTS Single Line Comment Multiline Comment Documentation Comment TYPE CASTING Implicit Type

More information

MACS 261J Final Exam. Question: Total Points: Score:

MACS 261J Final Exam. Question: Total Points: Score: MACS 261J Final Exam May 5, 2008 Name: Question: 1 2 3 4 5 6 7 8 9 Total Points: 15 10 15 5 10 5 20 8 12 100 Score: Question 1............................................................. (15 points) (a)

More information

Management. Software Quality. Dr. Stefan Wagner Technische Universität München. Garching 28 May 2010

Management. Software Quality. Dr. Stefan Wagner Technische Universität München. Garching 28 May 2010 Technische Universität München Software Quality Management Dr. Stefan Wagner Technische Universität München Garching 28 May 2010 Some of these slides were adapted from the tutorial "Clone Detection in

More information

Cover Page. The handle holds various files of this Leiden University dissertation

Cover Page. The handle   holds various files of this Leiden University dissertation Cover Page The handle http://hdl.handle.net/1887/22891 holds various files of this Leiden University dissertation Author: Gouw, Stijn de Title: Combining monitoring with run-time assertion checking Issue

More information

The Problem with Threads

The Problem with Threads The Problem with Threads Author Edward A Lee Presented by - Varun Notibala Dept of Computer & Information Sciences University of Delaware Threads Thread : single sequential flow of control Model for concurrent

More information

Introduction to Programming Using Java (98-388)

Introduction to Programming Using Java (98-388) Introduction to Programming Using Java (98-388) Understand Java fundamentals Describe the use of main in a Java application Signature of main, why it is static; how to consume an instance of your own class;

More information

Object Orientated Analysis and Design. Benjamin Kenwright

Object Orientated Analysis and Design. Benjamin Kenwright Notation Part 2 Object Orientated Analysis and Design Benjamin Kenwright Outline Review What do we mean by Notation and UML? Types of UML View Continue UML Diagram Types Conclusion and Discussion Summary

More information

Lessons learnt from the Beijing Olympic Games

Lessons learnt from the Beijing Olympic Games Lessons learnt from the Beijing Olympic Games Website Measurement Rocky K. C. Chang The Internet Infrastructure and Security Group The Hong Kong Polytechnic University October 28 1 Motivations Test and

More information

An Exploratory Study on Interface Similarities in Code Clones

An Exploratory Study on Interface Similarities in Code Clones 1 st WETSoDA, December 4, 2017 - Nanjing, China An Exploratory Study on Interface Similarities in Code Clones Md Rakib Hossain Misu, Abdus Satter, Kazi Sakib Institute of Information Technology University

More information

CS473: Course Review CS-473. Luo Si Department of Computer Science Purdue University

CS473: Course Review CS-473. Luo Si Department of Computer Science Purdue University CS473: CS-473 Course Review Luo Si Department of Computer Science Purdue University Basic Concepts of IR: Outline Basic Concepts of Information Retrieval: Task definition of Ad-hoc IR Terminologies and

More information

Rubicon: Scalable Bounded Verification of Web Applications

Rubicon: Scalable Bounded Verification of Web Applications Joseph P. Near Research Statement My research focuses on developing domain-specific static analyses to improve software security and reliability. In contrast to existing approaches, my techniques leverage

More information

PVS. Empirical Study of Usage and Performance of Java Collections. Diego Costa, 1 Artur Andrzejak, 1 Janos Seboek, 2 David Lo

PVS. Empirical Study of Usage and Performance of Java Collections. Diego Costa, 1 Artur Andrzejak, 1 Janos Seboek, 2 David Lo Empirical Study of Usage and Performance of Java Collections Diego Costa, Artur Andrzejak, Janos Seboek, 2 David Lo Heidelberg University, 2 Singapore Management University PVS Empirical Study of Usage

More information

Searching and Sorting

Searching and Sorting CS 211 SEARCH & SORT SEARCHING & SORTING Searching and Sorting Searching means that we have some collection of data, and we seek a particular value that might be contained within our collection. We provide

More information

1.00 Introduction to Computers and Engineering Problem Solving. Quiz 1 March 7, 2003

1.00 Introduction to Computers and Engineering Problem Solving. Quiz 1 March 7, 2003 1.00 Introduction to Computers and Engineering Problem Solving Quiz 1 March 7, 2003 Name: Email Address: TA: Section: You have 90 minutes to complete this exam. For coding questions, you do not need to

More information

Understanding the Characteristics of Android Wear OS. Renju Liu and Felix Xiaozhu Lin Purdue ECE

Understanding the Characteristics of Android Wear OS. Renju Liu and Felix Xiaozhu Lin Purdue ECE Understanding the Characteristics of Android Wear OS Renju Liu and Felix Xiaozhu Lin Purdue ECE The Wearable stack 5 Top questions Wearables should enjoy Baremetal performance Baremetal efficiency In this

More information

ALEMBIC: AUTOMATED MODEL INFERENCE FOR STATEFUL NETWORK FUNCTIONS

ALEMBIC: AUTOMATED MODEL INFERENCE FOR STATEFUL NETWORK FUNCTIONS ALEMBIC: AUTOMATED MODEL INFERENCE FOR STATEFUL NETWORK FUNCTIONS Soo-Jin Moon Jeffrey Helt, Yifei Yuan, Yves Bieri, Sujata Banerjee, Vyas Sekar, Wenfei Wu, Mihalis Yannakakis, Ying Zhang Carnegie Mellon

More information

CS558 Programming Languages

CS558 Programming Languages CS558 Programming Languages Winter 2018 Lecture 7b Andrew Tolmach Portland State University 1994-2018 Dynamic Type Checking Static type checking offers the great advantage of catching errors early And

More information

Differential program verification

Differential program verification Differential program verification Shuvendu K. Lahiri Research in Software Engineering (RiSE), Microsoft Research Redmond, WA Involved in building static assertion checkers HAVOC [POPL 06, 08, 09, CAV 09,

More information

Semantic Atomicity for Multithreaded Programs!

Semantic Atomicity for Multithreaded Programs! P A R A L L E L C O M P U T I N G L A B O R A T O R Y Semantic Atomicity for Multithreaded Programs! Jacob Burnim, George Necula, Koushik Sen! Parallel Computing Laboratory! University of California, Berkeley!

More information

Because you can t fix what you don t know is broken

Because you can t fix what you don t know is broken Because you can t fix what you don t know is broken About me Initiator of the Automated Error Reporting Initiative Project Lead of Eclipse Code Recommenders Eclipse Committer since 2010 Plug-in Developer

More information

Automatic Repair of Real Bugs in Java: A Large-Scale Experiment on the Defects4J Dataset

Automatic Repair of Real Bugs in Java: A Large-Scale Experiment on the Defects4J Dataset Automatic Repair of Real Bugs in Java: A Large-Scale Experiment on the Defects4J Dataset Matias Martinez, Thomas Durieux, Romain Sommerard, Jifeng Xuan, Martin Monperrus 1 Automatic Software Repair Automatic

More information

Dynamic Inference of Abstract Types

Dynamic Inference of Abstract Types Dynamic Inference of Abstract Types Philip J. Guo, Jeff H. Perkins, Stephen McCamant, Michael D. Ernst Computer Science and A.I. Lab Massachusetts Institute of Technology Declared types // Order cost =

More information

כללי Extreme Programming

כללי Extreme Programming פיתוח מער כות תוכנה מבוססות Java כללי Extreme Programming אוהד ברזילי ohadbr@tau.ac.il Based on: K. Beck: Extreme Programming Explained. E. M. Burke and B.M. Coyner: Java Extreme Programming Cookbook.

More information

Safety Checks and Semantic Understanding via Program Analysis Techniques

Safety Checks and Semantic Understanding via Program Analysis Techniques Safety Checks and Semantic Understanding via Program Analysis Techniques Nurit Dor Joint Work: EranYahav, Inbal Ronen, Sara Porat Goal Find properties of a program Anti-patterns that indicate potential

More information

Jeff King, Jennifer Stoll, Michael T. Hunter, Mustaque Ahamad. Georgia Tech Information Security Center (GTISC) WICOW '08

Jeff King, Jennifer Stoll, Michael T. Hunter, Mustaque Ahamad. Georgia Tech Information Security Center (GTISC) WICOW '08 ALPACA: A Lightweight Platform for Analyzing Claim Acceptability Jeff King, Jennifer Stoll, Michael T. Hunter, Mustaque Ahamad Georgia Tech Information Security Center (GTISC) WICOW '08 Motivation There

More information

Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments

Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments Yifei Zhang, Tian Tan, Yue Li and Jingling Xue Programming Languages and Compilers Group University of New South Wales

More information

Laboratory 1: Eclipse and Karel the Robot

Laboratory 1: Eclipse and Karel the Robot Math 121: Introduction to Computing Handout #2 Laboratory 1: Eclipse and Karel the Robot Your first laboratory task is to use the Eclipse IDE framework ( integrated development environment, and the d also

More information

LINEAR INSERTION SORT

LINEAR INSERTION SORT LINEAR INSERTION SORT Textbook (pages 95 03) The term insertion sort refers to an entire category of sorting algorithms which work by successively taking each item in the array and finding its proper position.

More information

VRP in LLVM. The PredicateSimplifier pass. by Nick Lewycky

VRP in LLVM. The PredicateSimplifier pass. by Nick Lewycky VRP in LLVM The PredicateSimplifier pass by Nick Lewycky Motivation void process(int *p, int *q) { if (p!= q) return; if (*p!= *q) f(); // not eliminated by LLVM } Demotivation LLVM already optimizes some

More information

Leveraging Test Generation and Specification Mining for Automated Bug Detection without False Positives

Leveraging Test Generation and Specification Mining for Automated Bug Detection without False Positives Leveraging Test Generation and Specification Mining for Automated Bug Detection without False Positives Michael Pradel and Thomas R. Gross Department of Computer Science ETH Zurich 1 Motivation API usage

More information

cis20.1 design and implementation of software applications I fall 2007 lecture # I.2 topics: introduction to java, part 1

cis20.1 design and implementation of software applications I fall 2007 lecture # I.2 topics: introduction to java, part 1 topics: introduction to java, part 1 cis20.1 design and implementation of software applications I fall 2007 lecture # I.2 cis20.1-fall2007-sklar-leci.2 1 Java. Java is an object-oriented language: it is

More information

EE368 Project: Visual Code Marker Detection

EE368 Project: Visual Code Marker Detection EE368 Project: Visual Code Marker Detection Kahye Song Group Number: 42 Email: kahye@stanford.edu Abstract A visual marker detection algorithm has been implemented and tested with twelve training images.

More information

Towards Incremental Grounding in Tuffy

Towards Incremental Grounding in Tuffy Towards Incremental Grounding in Tuffy Wentao Wu, Junming Sui, Ye Liu University of Wisconsin-Madison ABSTRACT Markov Logic Networks (MLN) have become a powerful framework in logical and statistical modeling.

More information

Javarifier: inference of reference immutability

Javarifier: inference of reference immutability print(object x) { print(@readonly Object x) { Javarifier: inference of reference immutability Jaime Quinonez Matthew S. Tschantz Michael D. Ernst MIT Security code in JDK 1.1 class Class { private Object[]

More information

Managing Complexity. Programming is more than just syntax. 23-Nov-15

Managing Complexity. Programming is more than just syntax. 23-Nov-15 Managing Complexity Programming is more than just syntax 23-Nov-15 Learning things that matter Things change rapidly in computer science Languages go in and out of popularity, operating systems change,

More information

age = 23 age = age + 1 data types Integers Floating-point numbers Strings Booleans loosely typed age = In my 20s

age = 23 age = age + 1 data types Integers Floating-point numbers Strings Booleans loosely typed age = In my 20s Intro to Python Python Getting increasingly more common Designed to have intuitive and lightweight syntax In this class, we will be using Python 3.x Python 2.x is still very popular, and the differences

More information

Subclass Gist Example: Chess Super Keyword Shadowing Overriding Why? L10 - Polymorphism and Abstract Classes The Four Principles of Object Oriented

Subclass Gist Example: Chess Super Keyword Shadowing Overriding Why? L10 - Polymorphism and Abstract Classes The Four Principles of Object Oriented Table of Contents L01 - Introduction L02 - Strings Some Examples Reserved Characters Operations Immutability Equality Wrappers and Primitives Boxing/Unboxing Boxing Unboxing Formatting L03 - Input and

More information

Testing. CMSC 433 Programming Language Technologies and Paradigms Spring A Real Testing Example. Example (Black Box)?

Testing. CMSC 433 Programming Language Technologies and Paradigms Spring A Real Testing Example. Example (Black Box)? Testing CMSC 433 Programming Language Technologies and Paradigms Spring 2007 Testing Feb. 15, 2007 Some slides adapted from FSE 98 Tutorial by Michal Young and Mauro Pezze Execute program on sample input

More information

Towards a Survival Analysis of Database Framework Usage in Java Projects

Towards a Survival Analysis of Database Framework Usage in Java Projects Towards a Survival Analysis of Database Framework Usage in Java Projects Mathieu Goeminne and Tom Mens Software Engineering Lab, University of Mons, Belgium Email: { first. last } @ umons.ac.be Abstract

More information

Using Network Traffic to Remotely Identify the Type of Applications Executing on Mobile Devices. Lanier Watkins, PhD

Using Network Traffic to Remotely Identify the Type of Applications Executing on Mobile Devices. Lanier Watkins, PhD Using Network Traffic to Remotely Identify the Type of Applications Executing on Mobile Devices Lanier Watkins, PhD LanierWatkins@gmail.com Outline Introduction Contributions and Assumptions Related Work

More information

C30b: Inner Class, Anonymous Class, and Lambda Expression

C30b: Inner Class, Anonymous Class, and Lambda Expression CISC 3115 TY3 C30b: Inner Class, Anonymous Class, and Lambda Expression Hui Chen Department of Computer & Information Science CUNY Brooklyn College 12/6/2018 CUNY Brooklyn College 1 Outline Discussed Concept

More information

Improving Origin Analysis with Weighting Functions

Improving Origin Analysis with Weighting Functions Improving Origin Analysis with Weighting Functions Lin Yang, Anwar Haque and Xin Zhan Supervisor: Michael Godfrey University of Waterloo Introduction Software systems must undergo modifications to improve

More information

Advanced Topics in Java and on Security in Systems Effective Generics. Eirik Eltvik 26 th of February 2007

Advanced Topics in Java and on Security in Systems Effective Generics. Eirik Eltvik 26 th of February 2007 Advanced Topics in Java and on Security in Systems Effective Generics Eirik Eltvik 26 th of February 2007 Taking care when calling Legacy code Checks at compile-time is not always appropriate When? Legacy

More information

A Paradigm (para-dime) is a framework containing the basic assumptions, ways of thinking, and methodology that are commonly accepted by members of a

A Paradigm (para-dime) is a framework containing the basic assumptions, ways of thinking, and methodology that are commonly accepted by members of a A Paradigm (para-dime) is a framework containing the basic assumptions, ways of thinking, and methodology that are commonly accepted by members of a scientific community. So far this semester, we've been

More information

Lesson 26: ArrayList (W08D1)

Lesson 26: ArrayList (W08D1) Lesson 26: ArrayList (W08D1) Balboa High School Michael Ferraro October 5, 2015 1 / 25 Do Now Prepare PS #4a (paper form) for pick-up! Consider the code below for powiter(), an iterative algorithm that

More information

RANDOM NUMBER GAME PROJECT

RANDOM NUMBER GAME PROJECT Random Number Game RANDOM NUMBER GAME - Now it is time to put all your new knowledge to the test. You are going to build a random number game. - The game needs to generate a random number between 1 and

More information

Exam 1. CSC 121 Spring Lecturer: Howard Rosenthal. March 1, 2017

Exam 1. CSC 121 Spring Lecturer: Howard Rosenthal. March 1, 2017 Exam 1. CSC 121 Spring 2017 Lecturer: Howard Rosenthal March 1, 2017 Your Name: Key 1. Fill in the following table for the 8 primitive data types. Spell the types exactly correctly. (16 points total) Data

More information

Bouncer: Securing Software by Blocking Bad Input

Bouncer: Securing Software by Blocking Bad Input Bouncer: Securing Software by Blocking Bad Input Sathish Kuppuswamy & Yufei Fu Department of computer Science University of Texas at Dallas March 21 st, 2012 Outline Bouncer Existing Techniques Bouncer

More information

FORM 2 (Please put your name and form # on the scantron!!!!)

FORM 2 (Please put your name and form # on the scantron!!!!) CS 161 Exam 2: FORM 2 (Please put your name and form # on the scantron!!!!) True (A)/False(B) (2 pts each): 1. Recursive algorithms tend to be less efficient than iterative algorithms. 2. A recursive function

More information

JFlow: Practical Mostly-Static Information Flow Control

JFlow: Practical Mostly-Static Information Flow Control JFlow: Practical Mostly-Static Information Flow Control A.Myers and B.Liskov. A Decentralized Model for Information Flow Control (SOSP 1997). Andrew C. Myers and Barbara Liskov. Protecting privacy using

More information

Software Bug Detection Using the N-gram Language Model

Software Bug Detection Using the N-gram Language Model Software Bug Detection Using the N-gram Language Model by Devin Chollak A thesis presented to the University of Waterloo in fulfillment of the thesis requirement for the degree of Master of Mathematics

More information

that focuses on building models of

that focuses on building models of A software design paradigm ("para-dime") that focuses on building models of to solve a programming problem (instead of focusing on ) A framework containing the basic assumptions, ways of thinking, and

More information

Predicate Abstraction of Java Programs with Collections. Pavel Parízek, Ondřej Lhoták

Predicate Abstraction of Java Programs with Collections. Pavel Parízek, Ondřej Lhoták Predicate Abstraction of Java Programs with Collections Pavel Parízek, Ondřej Lhoták Predicate abstraction void main() { int i = 0; int x = 1; while (i < 1) { x += i; i++; assert(x > 0); Predicates P_xle0:

More information

CSC324 Principles of Programming Languages

CSC324 Principles of Programming Languages CSC324 Principles of Programming Languages http://mcs.utm.utoronto.ca/~324 November 21, 2018 Last Class Types terminology Haskell s type system Currying Defining types Value constructors Algebraic data

More information

! Two questions when we design an OO system : ! Our Initial goal: learn to design and implement simple objects.

! Two questions when we design an OO system : ! Our Initial goal: learn to design and implement simple objects. Designing Interactive Classes CS234 Chapter 3 Designing with objects! Two questions when we design an OO system :! what are the objects?! what features should these objects have?! Our Initial goal: learn

More information

ADVANCED SOFTWARE ENGINEERING CS561 Danny Dig

ADVANCED SOFTWARE ENGINEERING CS561 Danny Dig ADVANCED SOFTWARE ENGINEERING CS561 TUE/THU @4PM, Danny Dig QUIZ #1 - Write down your name - Grad Program (e.g., EECS PhD, EECS MS) and year of study - What are your expectations from the class? 2 Software

More information

Integrated Impact Analysis for Managing Software Changes. Malcom Gethers, Bogdan Dit, Huzefa Kagdi, Denys Poshyvanyk

Integrated Impact Analysis for Managing Software Changes. Malcom Gethers, Bogdan Dit, Huzefa Kagdi, Denys Poshyvanyk Integrated Impact Analysis for Managing Software Changes Malcom Gethers, Bogdan Dit, Huzefa Kagdi, Denys Poshyvanyk Change Impact Analysis Software change impact analysis aims at estimating the potentially

More information

Exam Part 3. Q.1) What is the output of the following code?

Exam Part 3. Q.1) What is the output of the following code? Q.1) What is the output of the following code? Exam Part 3 import java.util.*; // line 1 class EJavaGuruArrayList { // line 2 // line 3 ArrayList ejg = new ArrayList(); // line 4 ejg.add("one");

More information