Science of Computer Programming最新文献

{"title":"SBD: Securing safe rust automatically from unsafe rust","authors":"Shaowen Li,&nbsp;Hiroyuiki Sato","doi":"10.1016/j.scico.2025.103281","DOIUrl":"10.1016/j.scico.2025.103281","url":null,"abstract":"<div><div>System programming expects programmers to have fine control over available resources to ensure both the correctness and efficiency of the system. Programming languages designed for this type of task provide little abstraction of the underlying hardware. With greater power to interact directly with the machine comes greater responsibility for programmers to manage the hardware themselves to avoid any undefined behavior. C and C++ have been the long-standing de facto languages in this field as they offer both the programming experience of a modern language and the ability to manipulate low-level resources with the abstraction of pointers. However, this responsibility is demanding for programmers, leading to numerous bugs caused by improper resource management.</div><div>Rust is a rising system programming language aiming to combine both low-level resource manipulation and high-level resource management. The design philosophy of Rust is to make the compiler play a vital role in resource management. A set of static analysis unique to Rust are performed at compile time to ensure resources are handled correctly without runtime cost. Nevertheless, static analysis is inherently conservative and Rust addresses this by providing a feature called <em>unsafe Rust</em>, which is exempt from its strict static checks. Various unsafe operations, such as raw pointer dereferencing and foreign function calls, are only permitted within an unsafe code block. This is essential to make the language sufficiently expressive. Nonetheless, Rust's <em>unsafe block</em> only matters statically for type checking, without any runtime assurance. As a consequence, the effects of unsafe operations within an unsafe block can spread to the outside safe code and jeopardize its safety.</div><div>We present <em><u>S</u>afety <u>B</u>lock <u>D</u>ivision</em> (SBD), a completely automatic solution to isolate safe Rust from unsafe Rust. The fundamental design of SBD is its safety data-flow analysis performed on Rust intermediate representation (IR) to fully incorporate language features. This distinguishes SBD from previous works. Past designs primarily operate on LLVM IR and require manual efforts or external tools. SBD is entirely built into the Rust compiler, and thus no programmer involvement is required. We extensively evaluate SBD on popular Rust crates (libraries). Our experiments reveal that SBD incurs negligible binary size (0.31% increase on average) and runtime (a geometric mean of 7.52% increase across eight benchmarks) overhead. We also demonstrate that SBD is capable of protecting against real-world vulnerabilities.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103281"},"PeriodicalIF":1.5,"publicationDate":"2025-02-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143454135","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Extending the EB4EB framework with parameterised events","authors":"Peter Rivière,&nbsp;Neeraj Kumar Singh,&nbsp;Yamine Ait-Ameur,&nbsp;Guillaume Dupont","doi":"10.1016/j.scico.2025.103279","DOIUrl":"10.1016/j.scico.2025.103279","url":null,"abstract":"<div><div>EB4EB, standing for <em>Event-B for Event-B</em>, is a framework that supports the formalisation of Event-B models using first-order logic and set-theory, so that it becomes possible to manipulate them as first-class objects. This framework relies on an Event-B algebraic theory, which serves as a meta-theory formalising, explicitly, all of the features of an Event-B machine. States, events, invariants, variants, etc... are formalised through data-types and operators. When this meta-theory is instantiated, an Event-B model becomes a first-order logic and set-theoretic formula, described in an Event-B context.</div><div>Because it can handle machine elements as terms in formulas, the EB4EB framework enables the definition of new specific proof obligations and <em>analyses</em>. Such analyses may then be applied to any EB4EB machines in order to establish advanced properties, not natively present in the Event-B method, such as deadlock-freeness or liveness requirements. These analyses are <em>non-intrusive</em> since they do not require to alter the machine in order to be performed.</div><div>In the previous formalisation of the EB4EB framework only states and events were handled, limiting the expressive reasoning power of the framework. This paper presents an extension of the EB4EB framework to support parameterised events, an important feature of Event-B. This extension is not straightforward in EB4EB. Indeed, the typing system supported by Event-B theories is not rich enough to describe such extension in a constructive manner as for the other Event-B features formalised in EB4EB. The proposed solution, described in this paper, consists in defining an axiomatic formalisation of event parameters definitions. We also show that the proof obligations and model analyses we have defined scale to handle event parameters. The approach is illustrated on different case studies we have developed.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103279"},"PeriodicalIF":1.5,"publicationDate":"2025-02-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143480241","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Graph neural network-based long method and blob code smell detection","authors":"Minnan Zhang ,&nbsp;Jingdong Jia ,&nbsp;Luiz Fernando Capretz ,&nbsp;Xin Hou ,&nbsp;Huobin Tan","doi":"10.1016/j.scico.2025.103284","DOIUrl":"10.1016/j.scico.2025.103284","url":null,"abstract":"<div><div>The concept of code smell was first proposed in the late nineties, to refer to signals that code may need refactoring. While not necessarily affecting functionality, code smell can hinder understandability and future scalability of the program. As a result, the precise detection of code smell has become an important topic in coding research. However, current detection methods are limited by imbalanced and industrial-irrelevant datasets, a lack of sufficient structural and logical information on the code, and simple model architecture. Given these limitations, this paper utilized an industry-relevant and sufficient dataset and then developed a graph neural network to better detect code smell. First, we identified Long Method and Blob as our research subjects due to their frequent occurrence and impacts on the maintainability of software. We then designed modified fuzzy sampling with focalloss to address the issue of data imbalance. Second, to deal with the large volume of data, we proposed a global and local attention scoring mechanism to extract the key information from the code. Third, in order to design a graph neural network specifically for the abstract syntax tree of code, we combined Euclidean space and non-Euclidean space. Finally, we compared our method with other machine learning methods and deep learning methods. The results demonstrate that our method outperforms the other methods on Long Method and Blob, which indicates the effectiveness of our proposed method.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103284"},"PeriodicalIF":1.5,"publicationDate":"2025-02-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143488855","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Building augmented reality games with argDSL","authors":"Rubén Campos-López,&nbsp;Esther Guerra,&nbsp;Juan de Lara","doi":"10.1016/j.scico.2025.103271","DOIUrl":"10.1016/j.scico.2025.103271","url":null,"abstract":"<div><div>Augmented Reality (AR) has become popular. It does not require advanced technology, but only a mobile device with a camera to interact with virtual objects. However, developing AR applications – especially games – is time-consuming and requires in-depth knowledge of highly specialised technologies, and mathematical concepts related to the graphics and physics of the virtual objects.</div><div>To address this problem, we propose the domain-specific language <figure><img></figure>for creating AR games. It allows customising the game logic, and the virtual objects' domain, physics and representation. We provide an Eclipse editor to define AR games using the language, and an iOS client to run the games. Our experiments show the versatility of our proposal and the usability of the games.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103271"},"PeriodicalIF":1.5,"publicationDate":"2025-02-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143562614","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Modular unification of unilingual pointer analyses to multilingual FFI-based programs","authors":"Jyoti Prakash ,&nbsp;Abhishek Tiwari ,&nbsp;Christian Hammer","doi":"10.1016/j.scico.2025.103278","DOIUrl":"10.1016/j.scico.2025.103278","url":null,"abstract":"<div><div>Modular analysis of polyglot applications is challenging because flows of heap objects must be resolved across language boundaries. The state-of-the-art analyses for polyglot applications have two fundamental limitations. First, they assume explicit boundaries between the guest and the host language to determine inter-language dataflows. Second, they rely on specific analyses of the host and guest languages. The former assumption is impractical concerning recent advancements in polyglot programming techniques, while the latter disregards advances in pointer analysis of the underlying languages. In this work, we propose to extend existing pointer analyses with a novel summary specialization technique that unifies points-to sets across language boundaries. Our novel technique leverages combinations of host and guest analyses with minor modifications. We demonstrate the efficacy and generalizability of our approach by evaluating it with two polyglot language models: Java-C communication via Android's NDK and Java-Python communication in GraalVM.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103278"},"PeriodicalIF":1.5,"publicationDate":"2025-02-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143394518","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Does the compiler or interpreter version influence the energy consumption of programming languages?","authors":"Elisa Jiménez,&nbsp;Alberto Gordillo,&nbsp;Coral Calero,&nbsp;Ma Ángeles Moraga,&nbsp;Félix García","doi":"10.1016/j.scico.2025.103270","DOIUrl":"10.1016/j.scico.2025.103270","url":null,"abstract":"<div><div>Software plays a crucial role in our daily activities. Virtually all the technology we use contains software components written in a particular programming language. In this context, compilers and interpreters play an important role, as they are needed to convert the software source code into a format that can be executed by a machine. The significant influence of the programming language on the energy consumption of the resulting programs has been highlighted in some research. However, there is almost no research on the impact of the programming language compiler/interpreter version of the programming language on the energy consumption. This paper aims to fill this gap by investigating the impact of the compiler/interpreter version on the energy consumption of programs written in C, Java and Python. To do that we have performed a study that uses a hardware-based energy measurement approach to obtain the energy consumed by eight algorithms written in the three languages and run with different compiler/interpreter versions. The results do not show a trend of improvement between versions within each language, especially in terms of energy consumption. These results suggest that energy efficiency does not seem to be a major factor when developing compilers/interpreters and should therefore be prioritized.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103270"},"PeriodicalIF":1.5,"publicationDate":"2025-02-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143317549","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Generalizing neural network verification to the family of piece-wise linear activation functions","authors":"László Antal,&nbsp;Erika Ábrahám,&nbsp;Hana Masara","doi":"10.1016/j.scico.2025.103269","DOIUrl":"10.1016/j.scico.2025.103269","url":null,"abstract":"<div><div>In this paper, we extend an available neural network verification technique to support the full class of <em>piece-wise linear</em> activation functions. Furthermore, we extend the algorithms, which provide in their original form exact, respectively, over-approximative results for bounded input sets represented as star sets, to allow also <em>unbounded</em> input sets. We implemented our algorithms and demonstrate their effectiveness on some case studies.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103269"},"PeriodicalIF":1.5,"publicationDate":"2025-02-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143379316","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Deductive verification of solidity smart contracts with SSCalc","authors":"Diego Marmsoler,&nbsp;Billy Thornton","doi":"10.1016/j.scico.2025.103267","DOIUrl":"10.1016/j.scico.2025.103267","url":null,"abstract":"<div><div>Smart contracts are programs stored on the blockchain, often developed in a high-level programming language, the most popular of which is Solidity. Smart contracts are used to automate financial transactions and thus bugs can lead to large financial losses. With this paper, we address this problem by describing a verification environment for Solidity in Isabelle/HOL. To this end, we first describe a calculus to reason about Solidity smart contracts. The calculus is formalized in Isabelle/HOL and its soundness is mechanically verified. Then, we verify a theorem which guarantees that all instances of an arbitrary contract type satisfy a corresponding invariant. The theorem can be used to verify invariants for Solidity smart contracts. This is demonstrated by a case study in which we use our approach to verify a simple token implemented in Solidity. Our results show that the framework has the potential to significantly reduce the verification effort compared to verifying directly from the semantics.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103267"},"PeriodicalIF":1.5,"publicationDate":"2025-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143176861","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Filling query-type text inputs for Android applications via inner-app mining and GPT recommendation","authors":"Heji Huang,&nbsp;Ju Qian,&nbsp;Deping Zhang","doi":"10.1016/j.scico.2025.103266","DOIUrl":"10.1016/j.scico.2025.103266","url":null,"abstract":"<div><div>GUI testing often requires filling reasonable text inputs to activate specific GUI behaviors, which is particularly challenging for query-type inputs used to search contents. Existing techniques may generate input data inconsistent with the query semantic or semantically consistent but not aligned with the current query domain. These data often result in trivial empty searches and are hard to test the internal matching conditions in the query. No search results also affect the further exploration of GUI pages depending on the query. This paper presents MATI (<u>M</u>ining <u>A</u>pp to generate <u>T</u>ext <u>I</u>nput), a new test generation method designed to fill query-type input items in Android applications with an intent to activate non-empty query searches. The method is built on a novel idea that the data suitable to input to a query often already occur on the GUI. Instead of creating new data by algorithms or retrieving data from external sources like the existing methods, MATI does inner-app mining to obtain proper candidate data for query inputs in an app. It then recommends the candidate data best fitting a specific query in both the query semantic and domain for test inputting via a GPT model. In experiments on 25 applications, MATI achieved a 94.6% GUI passing rate for query-type inputs–32.4% higher than the leading baseline, QTypist, thanks to its more generated non-empty searches. Its higher passing rates also led to 9.7% increments in the Android Activity coverage achieved during testing when integrating these methods into an automated GUI testing process. Such results suggest that MATI might benefit the practical testing of Android applications.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"242 ","pages":"Article 103266"},"PeriodicalIF":1.5,"publicationDate":"2025-01-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143167314","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Model-based testing of asynchronously communicating distributed controllers using validated mappings to formal representations","authors":"Bence Graics,&nbsp;Milán Mondok,&nbsp;Vince Molnár,&nbsp;István Majzik","doi":"10.1016/j.scico.2025.103265","DOIUrl":"10.1016/j.scico.2025.103265","url":null,"abstract":"<div><div>Programmable controllers are gaining prevalence even in distributed safety-critical applications, e.g., in the railway and aerospace industries. In general, such systems are integrated using various loosely-coupled reactive components and must satisfy critical requirements. Thus, the verification of the design models and systematic testing of the implementation are essential tasks, which can be encumbered by the systems' distributed characteristics. In addition, the correctness of these verification methods is also vital. This paper, on the one hand, presents a model-based integration test generation (MBT) approach leveraging hidden formal methods based on the collaborating statechart models of the components. Statecharts can be integrated using various composition modes (e.g., synchronous and asynchronous) and then automatically mapped (via a symbolic transition systems formalism – XSTS) into the input formalisms of model checker back-ends, namely UPPAAL, Theta, Spin and nuXmv. The model checkers are utilized to generate tests based on formalized properties adhering to multiple coverage criteria. Furthermore, the paper presents a complementing validation approach for the proposed MBT approach based on demonstrating the semantic equivalence of high-level design models and the derived formal models used by the integrated model checkers for verification and test generation. The approaches are implemented in our open source Gamma Statechart Composition Framework and evaluated on industrial-scale distributed controller subsystems from the railway industry.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"242 ","pages":"Article 103265"},"PeriodicalIF":1.5,"publicationDate":"2025-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143167309","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}