research-article

Open access

APIfix: output-oriented program synthesis for combating breaking changes in libraries

Authors:

Arjun Radhakrishna,

Gustavo Soares,

Ridwan Shariffdeen,

Abhik RoychoudhuryAuthors Info & Claims

Proceedings of the ACM on Programming Languages, Volume 5, Issue OOPSLA

Article No.: 161, Pages 1 - 27

https://doi.org/10.1145/3485538

Published: 15 October 2021 Publication History

Abstract

Use of third-party libraries is extremely common in application software. The libraries evolve to accommodate new features or mitigate security vulnerabilities, thereby breaking the Application Programming Interface(API) used by the software. Such breaking changes in the libraries may discourage client code from using the new library versions thereby keeping the application vulnerable and not up-to-date. We propose a novel output-oriented program synthesis algorithm to automate API usage adaptations via program transformation. Our aim is not only to rely on the few example human adaptations of the clients from the old library version to the new library version, since this can lead to over-fitting transformation rules. Instead, we also rely on example usages of the new updated library in clients, which provide valuable context for synthesizing and applying the transformation rules. Our tool APIFix provides an automated mechanism to transform application code using the old library versions to code using the new library versions - thereby achieving automated API usage adaptation to fix the effect of breaking changes. Our evaluation shows that the transformation rules inferred by APIFix achieve 98.7% precision and 91.5% recall. By comparing our approach to state-of-the-art program synthesis approaches, we show that our approach significantly reduces over-fitting while synthesizing transformation rules for API usage adaptations.

Supplementary Material

Auxiliary Presentation Video (oopsla21main-p448-p-video.mp4)

Presentation Video

Download
199.78 MB

References

[1]

2020. Refazer: Program Synthesis Tool. https://www.nuget.org/packages/Microsoft.ProgramSynthesis

[2]

2021. Github Dependency Graph. https://docs.github.com/en/code-security/supply-chain-security/about-the-dependency-graph

[3]

2021. Micrsoft MSBuild. https://docs.microsoft.com/en-us/visualstudio/msbuild/msbuild-api

[4]

2021. Roslyn Framework. https://docs.microsoft.com/en-us/visualstudio/code-quality/roslyn-analyzers-overview

[5]

Rajeev Alur, Rastislav Bodik, Garvit Juniwal, Milo MK Martin, Mukund Raghothaman, Sanjit A Seshia, Rishabh Singh, Armando Solar-Lezama, Emina Torlak, and Abhishek Udupa. 2013. Syntax-guided synthesis. IEEE.

[6]

Johannes Bader, Andrew Scott, Michael Pradel, and Satish Chandra. 2019. Getafix: Learning to fix bugs automatically. Proceedings of the ACM on Programming Languages, 3, OOPSLA (2019), 1–27.

Digital Library

[7]

Rohan Bavishi, Hiroaki Yoshida, and Mukul R Prasad. 2019. Phoenix: Automated data-driven synthesis of repairs for static analysis violations. In Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 613–624.

Digital Library

[8]

Pavol Černỳ, Krishnendu Chatterjee, Thomas A Henzinger, Arjun Radhakrishna, and Rohit Singh. 2011. Quantitative synthesis for concurrent programs. In International Conference on Computer Aided Verification. 243–259.

[9]

Barthelemy Dagenais and Martin P Robillard. 2009. SemDiff: Analysis and recommendation support for API evolution. In 2009 IEEE 31st International Conference on Software Engineering. 599–602.

Digital Library

[10]

Barthélémy Dagenais and Martin P Robillard. 2011. Recommending adaptive changes for framework evolution. ACM Transactions on Software Engineering and Methodology (TOSEM), 20, 4 (2011), 1–35.

Digital Library

[11]

Jean-Rémy Falleri, Floréal Morandat, Xavier Blanc, Matias Martinez, and Martin Monperrus. 2014. Fine-grained and accurate source code differencing. In Proceedings of the 29th ACM/IEEE International Conference on Automated software engineering. 313–324.

Digital Library

[12]

Mattia Fazzini, Qi Xin, and Alessandro Orso. 2019. Automated API-usage update for Android apps. In Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis. 204–215.

Digital Library

[13]

Yu Feng, Ruben Martins, Jacob Van Geffen, Isil Dillig, and Swarat Chaudhuri. 2017. Component-based synthesis of table consolidation and transformation tasks from examples. ACM SIGPLAN Notices, 52, 6 (2017), 422–436.

Digital Library

[14]

Xiang Gao, Shraddha Barke, Arjun Radhakrishna, Gustavo Soares, Sumit Gulwani, Alan Leung, Nachiappan Nagappan, and Ashish Tiwari. 2020. Feedback-driven semi-supervised synthesis of program transformations. Proceedings of the ACM on Programming Languages, 4, OOPSLA (2020), 1–30.

Digital Library

[15]

Sumit Gulwani. 2011. Automating string processing in spreadsheets using input-output examples. ACM Sigplan Notices, 46, 1 (2011), 317–330.

Digital Library

[16]

Stefanus A Haryono, Ferdian Thung, Hong Jin Kang, Lucas Serrano, Gilles Muller, Julia Lawall, David Lo, and Lingxiao Jiang. 2020. Automatic Android deprecated-API usage update by learning from single updated example. In Proceedings of the 28th International Conference on Program Comprehension. 401–405.

Digital Library

[17]

Johannes Henkel and Amer Diwan. 2005. CatchUp! Capturing and replaying refactorings to support API evolution. In Proceedings of the 27th International Conference on Software Engineering (ICSE). 274–283.

[18]

Raula Gaikovina Kula, Daniel M German, Ali Ouni, Takashi Ishio, and Katsuro Inoue. 2018. Do developers update their library dependencies? Empirical Software Engineering, 23, 1 (2018), 384–417.

Digital Library

[19]

Fan Long, Peter Amidon, and Martin Rinard. 2017. Automatic inference of code transforms for patch generation. In Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering. 727–739.

Digital Library

[20]

Na Meng, Miryung Kim, and Kathryn S. McKinley. 2011. Systematic Editing: Generating Program Transformations from an Example. In Proceedings of the 32Nd ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI). ACM, New York, NY, USA. 329–342. isbn:978-1-4503-0663-8

[21]

Na Meng, Miryung Kim, and Kathryn S. McKinley. 2013. LASE: Locating and Applying Systematic Edits by Learning from Examples. In Proceedings of the 2013 International Conference on Software Engineering. IEEE Press, 502–511.

[22]

Anders Miltner, Sumit Gulwani, Vu Le, Alan Leung, Arjun Radhakrishna, Gustavo Soares, Ashish Tiwari, and Abhishek Udupa. 2019. On the fly synthesis of edit suggestions. PACMPL, 3, OOPSLA (2019), 1–29.

[23]

Hoan Anh Nguyen, Tung Thanh Nguyen, Gary Wilson Jr, Anh Tuan Nguyen, Miryung Kim, and Tien N Nguyen. 2010. A graph-based approach to API usage adaptation. ACM Sigplan Notices, 45, 10 (2010), 302–321.

Digital Library

[24]

Gordon D Plotkin. 1970. A note on inductive generalization. Machine intelligence, 5, 1 (1970), 153–163.

[25]

Reudismam Rolim, Gustavo Soares, Loris D’Antoni, Oleksandr Polozov, Sumit Gulwani, Rohit Gheyi, Ryo Suzuki, and Björn Hartmann. 2017. Learning Syntactic Program Transformations from Examples. In Proceedings of the 39th International Conference on Software Engineering (ICSE). IEEE Press, 404–415.

Digital Library

[26]

Rishabh Singh. 2016. Blinkfill: Semi-supervised programming by example for syntactic string transformations. Proceedings of the VLDB Endowment, 9, 10 (2016), 816–827.

Digital Library

[27]

Rishabh Singh and Armando Solar-Lezama. 2011. Synthesizing data structure manipulations from storyboards. In Proceedings of the 19th ACM SIGSOFT symposium and the 13th European conference on Foundations of software engineering. 289–299.

Digital Library

[28]

Armando Solar-Lezama, Christopher Grant Jones, and Rastislav Bodik. 2008. Sketching concurrent data structures. In Proceedings of the 29th ACM SIGPLAN Conference on Programming Language Design and Implementation. 136–148.

Digital Library

[29]

Armando Solar-Lezama, Rodric Rabbah, Rastislav Bodík, and Kemal Ebcioğlu. 2005. Programming by sketching for bit-streaming programs. In ACM SIGPLAN conference on Programming language design and implementation. 281–294.

Digital Library

[30]

Laerte Xavier, Aline Brito, Andre Hora, and Marco Tulio Valente. 2017. Historical and impact analysis of API breaking changes: A large-scale study. In Intl. Conf. on Software Analysis, Evolution and Reengineering (SANER). 138–147.

[31]

Shengzhe Xu, Ziqi Dong, and Na Meng. 2019. Meditor: inference and application of API migration edits. In 2019 IEEE/ACM 27th International Conference on Program Comprehension (ICPC). 335–346.

Digital Library

Cited By

Wang RLu MYu CLai YZhang TChristakis MPradel M(2024)Automated Deep Learning Optimization via DSL-Based Source Code TransformationProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3652143(479-490)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3652143
Ma YTian WGao XSun HLi LChristakis MPradel M(2024)API Misuse Detection via Probabilistic Graphical ModelProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3652112(88-99)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3652112
Dilhara MBellur ABryksin TDig D(2024)Unprecedented Code Change Automation: The Fusion of LLMs and Transformation by ExampleProceedings of the ACM on Software Engineering10.1145/36437551:FSE(631-653)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3643755
Show More Cited By

Index Terms

APIfix: output-oriented program synthesis for combating breaking changes in libraries
1. Computing methodologies
  1. Artificial intelligence
2. Software and its engineering
  1. Software creation and management
    1. Software development techniques
      1. Automatic programming
  2. Software notations and tools
    1. Software maintenance tools

Recommendations

A graph-based approach to API usage adaptation
OOPSLA '10: Proceedings of the ACM international conference on Object oriented programming systems languages and applications

Reusing existing library components is essential for reducing the cost of software development and maintenance. When library components evolve to accommodate new feature requests, to fix bugs, or to meet new standards, the clients of software libraries ...
A graph-based approach to API usage adaptation
OOPSLA '10

Reusing existing library components is essential for reducing the cost of software development and maintenance. When library components evolve to accommodate new feature requests, to fix bugs, or to meet new standards, the clients of software libraries ...
Algorithmic program synthesis: introduction

Program synthesis is a process of producing an executable program from a specification. Algorithmic synthesis produces the program automatically, without an intervention from an expert. While classical compilation falls under the definition of ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Proceedings of the ACM on Programming Languages

Proceedings of the ACM on Programming Languages Volume 5, Issue OOPSLA

October 2021

2001 pages

EISSN:2475-1421

DOI:10.1145/3492349

Issue’s Table of Contents

Copyright © 2021 Owner/Author.

This work is licensed under a Creative Commons Attribution International 4.0 License.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 October 2021

Published in PACMPL Volume 5, Issue OOPSLA

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
615
Total Downloads

Downloads (Last 12 months)206
Downloads (Last 6 weeks)42

Reflects downloads up to 03 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Wang RLu MYu CLai YZhang TChristakis MPradel M(2024)Automated Deep Learning Optimization via DSL-Based Source Code TransformationProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3652143(479-490)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3652143
Ma YTian WGao XSun HLi LChristakis MPradel M(2024)API Misuse Detection via Probabilistic Graphical ModelProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3652112(88-99)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3652112
Dilhara MBellur ABryksin TDig D(2024)Unprecedented Code Change Automation: The Fusion of LLMs and Transformation by ExampleProceedings of the ACM on Software Engineering10.1145/36437551:FSE(631-653)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3643755
Singh VKar PSohini ARangaiah MChakraborty SMaity M(2023)WiFiTuned: Monitoring Engagement in Online Participation by Harmonizing WiFi and AudioProceedings of the 25th International Conference on Multimodal Interaction10.1145/3577190.3614108(670-678)Online publication date: 9-Oct-2023
https://dl.acm.org/doi/10.1145/3577190.3614108
Ramos DMitchell HLynce IManquinho VMartins RGoues C(2023)MELT: Mining Effective Lightweight Transformations from Pull Requests2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE)10.1109/ASE56229.2023.00117(1516-1528)Online publication date: 11-Sep-2023
https://doi.org/10.1109/ASE56229.2023.00117
Garg PSengamedu S(2022)Synthesizing code quality rules from examplesProceedings of the ACM on Programming Languages10.1145/35633506:OOPSLA2(1757-1787)Online publication date: 31-Oct-2022
https://dl.acm.org/doi/10.1145/3563350
Bavishi RJoshi HCambronero JFariha AGulwani SLe VRadiček ITiwari A(2022)Neurosymbolic repair for low-code formula languagesProceedings of the ACM on Programming Languages10.1145/35633276:OOPSLA2(1093-1122)Online publication date: 31-Oct-2022
https://dl.acm.org/doi/10.1145/3563327

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Figures

Tables

Media

View Issue’s Table of Contents