research-article

Inferring project-specific bug patterns for detecting sibling bugs

Authors:

Guangtai Liang,

Qianxiang Wang,

Hong MeiAuthors Info & Claims

ESEC/FSE 2013: Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering

Pages 565 - 575

https://doi.org/10.1145/2491411.2491422

Published: 18 August 2013 Publication History

Abstract

Lightweight static bug-detection tools such as FindBugs, PMD, Jlint, and Lint4j detect bugs with the knowledge of generic bug patterns (e.g., objects of java.io.InputStream are not closed in time after used). Besides generic bug patterns, different projects under analysis may have some project-specific bug patterns. For example, in a revision of the Xerces project, the class field "fDTDHandler" is dereferenced without proper null-checks, while it could actually be null at runtime. We name such bug patterns directly related to objects instantiated in specific projects as Project-Specific Bug Patterns (PSBPs). Due to lack of such PSBP knowledge, existing tools usually fail in effectively detecting most of this kind of bugs. We name bugs belonging to the same project and sharing the same PSBP as sibling bugs. If some sibling bugs are fixed in a fix revision but some others remain, we treat such fix as an incomplete fix. To address such incomplete fixes, we propose a PSBP-based approach for detecting sibling bugs and implement a tool called Sibling-Bug Detector (SBD). Given a fix revision, SBD first infers the PSBPs implied by the fix revision. Then, based on the inferred PSBPs, SBD detects their related sibling bugs in the same project. To evaluate SBD, we apply it to seven popular open-source projects. Among the 108 warnings reported by SBD, 63 of them have been confirmed as real bugs by the project developers, while two existing popular static detectors (FindBugs and PMD) cannot report most of them.

References

[1]

S. Cherem and R. Rugina. Region analysis and transformation for Java programs. In Proc. of the 4th Int. Symposium on Memory Management, ISMM '04, pages 85- 96, New York, NY, USA, 2004. ACM.

Digital Library

[2]

I. Dillig, T. Dillig, E. Yahav, and S. Chandra. The CLOSER: automating resource management in Java. In Proc. of the 7th Int. Symposium on Memory Management, ISMM ’08, pages 1-10, New York, NY, USA, 2008. ACM.

Digital Library

[3]

ESC/Java. http://en.wikipedia.org/wiki/ESC/Java.

[4]

FindBugs. http://findbugs.sourceforge.net/.

[5]

Z. Gu, E. T. Barr, D. J. Hamilton, and Z. Su. Has the bug really been fixed? In Proc. of the 32nd ACM/IEEE Int. Conf. on Software Engineering - Volume 1, ICSE’10, pages 55-64, New York, NY, USA, 2010. ACM.

Digital Library

[6]

D. Hovemeyer, J. Spacco, and W. Pugh. Evaluating and tuning a static analysis to find null pointer bugs. In Proc. of the 6th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering, PASTE’05, pages 13-19, New York, NY, USA, 2005. ACM.

Digital Library

[7]

Jlint. http://jlint.sourceforge.net/.

[8]

S. Kim and M. D. Ernst. Which warnings should I fix first? In Proc. of the 6th joint meeting of the European Software Engineering Conf. and the ACM SIGSOFT Symposium on Foundations of Software Engineering, ESEC/FSE’07, pages 45-54, New York, NY, USA, 2007. ACM.

Digital Library

[9]

M. Kim, S. Sinha, C. Görg, H. Shah, M. J. Harrold, and M. G. Nanda. Automated bug neighborhood analysis for identifying incomplete bug fixes. In Proc. of the 3rd Int. Conf. on Software Testing, Verification and Validation, ICST ’10, pages 383-392, Washington, DC, USA, 2010. IEEE Computer Society.

Digital Library

[10]

G. Liang, L. Wu, Q. Wu, Q. Wang, T. Xie, and H. Mei. Automatic construction of an effective training set for prioritizing static analysis warnings. In Proc. of the 25th IEEE/ACM Int. Conf. on Automated Software Engineering, ASE’10, pages 93-102, New York, NY, USA, 2010. ACM.

Digital Library

[11]

G. Liang, Q. Wu, Q. Wang, and H. Mei. An effective defect detection and warning prioritization approach for resource leaks. In Proc. of the 36th Annual IEEE Computer Software and Applications Conference (COMPSAC 2012), pages 119- 128, Izmir, Turkey, July 16-20, 2012.

Digital Library

[12]

Lint4j. http://www.jutils.com/.

[13]

N. A. Naeem and O. Lhotak. Typestate-like analysis of multiple interacting objects. In Proc. of the 23rd ACM SIGPLAN Conf. on Object-Oriented Programming Systems Languages and Applications, OOPSLA’08, pages 347-366, New York, NY, USA, 2008.

Digital Library

[14]

F. Nielson, H. R. Nielson, and C. Hankin. Principles of Program Analysis. Springer Publishing Company, Incorporated, 2010.

Digital Library

[15]

A. Orso, N. Shi, and M. J. Harrold. Scaling regression testing to large software systems. SIGSOFT Software Eng. Notes, 29(6), pages 241-251, Oct. 2004.

Digital Library

[16]

K. Pan, S. Kim, and E. J. Whitehead, Jr. Toward an understanding of bug fix patterns. Empirical Software Engineering. 14(3), pages 286-315, June 2009.

Digital Library

[17]

PMD. http://pmd.sourceforge.net/.

[18]

R. Purushothaman and D. E. Perry. Toward understanding the rhetoric of small source code changes. IEEE Trans. Softw. Eng., 31(6):511-526, June 2005.

Digital Library

[19]

N. Rutar, C. B. Almazan, and J. S. Foster. A comparison of bug finding tools for Java. In Proc. of the 15th Int. Symposium on Software Reliability Engineering, ISSRE’04, pages 245-256, Washington, DC, USA, 2004. IEEE Computer Society.

Digital Library

[20]

R. Shaham, E. Yahav, E. K. Kolodner, and M. Sagiv. Establishing local temporal heap safety properties with applications to compile-time memory management. In Proc. of the 10th Int. Conf. on Static Analysis, SAS’03, pages 483- 503, Berlin, Heidelberg, 2003. Springer-Verlag.

Digital Library

[21]

J. Sliwerski, T. Zimmermann, and A. Zeller. HATARI: raising risk awareness. SIGSOFT Softw. Eng. Notes, 30(5):107-110, Sept. 2005.

Digital Library

[22]

J. Sliwerski, T. Zimmermann, and A. Zeller. When do changes induce fixes? SIGSOFT Softw. Eng. Notes, 30(4):1- 5, May 2005.

Digital Library

[23]

F. Spoto. Precise null-pointer analysis. Softw. Syst. Model., 10(2):219-252, May 2011.

Digital Library

[24]

L. Tan, D. Yuan, G. Krishna, Y. Zhou. /*iComment: Bugs or bad comments?*/. In Proc. of the 21st Symposium on Operating Systems Principles, pp.145-158, Stevenson, USA, Oct. 14-17, 2007.

Digital Library

[25]

E. Torlak and S. Chandra. Effective interprocedural resource leak detection. In Proc. of the 32nd ACM/IEEE Int. Conf. on Software Engineering - Volume 1, ICSE’10, pages 535-544, New York, NY, USA, 2010. ACM.

Digital Library

[26]

J. Tucek, W. Xiong, and Y. Zhou. Efficient online validation with delta execution. SIGPLAN Not., 44(3):193-204, Mar. 2009.

Digital Library

[27]

W. Weimer and G. C. Necula. Mining temporal specifications for error detection. In Proc. of the 11th Int. Conf. on Tools and Algorithms for the Construction and Analysis of Systems, pp.461-476, Edinburgh, UK, Apr. 4-8, 2005.

Digital Library

[28]

W. Weimer and G. C. Necula. Finding and preventing runtime error handling mistakes. In Proc. of the 19th Annual ACM SIGPLAN Conf. on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA’04, pages 419-431, New York, NY, USA, 2004. ACM.

Digital Library

[29]

Q. Wu, G. Liang, Q. Wang, T. Xie, and H. Mei. Iterative mining of resource-releasing specifications. In Proc. of the 26th IEEE/ACM Int. Conf. on Automated Software Engineering, ASE’2011, pages 233-242, 2011.

Digital Library

[30]

Z. Yin, D. Yuan, Y. Zhou, S. Pasupathy, and L. Bairavasundaram. How do fixes become bugs? In Proc. of the 19th ACM SIGSOFT Symposium and the 13th European Conf. on Foundations of Software Engineering, ESEC/FSE’11, pages 26-36, New York, NY, USA, 2011.

Digital Library

[31]

H. Zhong, L. Zhang, T. Xie, and H. Mei. Inferring resource specifications from natural language API documentation. In Proc. of the 24th Int. Conf. on Automated Software Engineering, pp.307-318, Auckland, New Zealand, Nov. 16- 20, 2009.

Digital Library

Cited By

Li XJiang JBenton SXiong YZhang L(2021)A Large-scale Study on API Misuses in the Wild2021 14th IEEE Conference on Software Testing, Verification and Validation (ICST)10.1109/ICST49551.2021.00034(241-252)Online publication date: Apr-2021
https://doi.org/10.1109/ICST49551.2021.00034
Noda KYokoyama HKikuchi S(2021)Sirius: Static Program Repair with Dependence Graph-Based Systematic Edit Patterns2021 IEEE International Conference on Software Maintenance and Evolution (ICSME)10.1109/ICSME52107.2021.00045(437-447)Online publication date: Sep-2021
https://doi.org/10.1109/ICSME52107.2021.00045
Higo YMatsumoto JKusumoto S(2021)Tree-based Mining of Fine-grained Code Changes to Detect Unknown Change Patterns2021 28th Asia-Pacific Software Engineering Conference (APSEC)10.1109/APSEC53868.2021.00014(61-71)Online publication date: Dec-2021
https://doi.org/10.1109/APSEC53868.2021.00014
Show More Cited By

Index Terms

Inferring project-specific bug patterns for detecting sibling bugs
1. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Software defect analysis
        Software testing and debugging
2. Theory of computation
  1. Logic
  2. Semantics and reasoning
    1. Program reasoning

Recommendations

Ammonia: an approach for deriving project-specific bug patterns
Abstract
Finding and fixing buggy code is an important and cost-intensive maintenance task, and static analysis (SA) is one of the methods developers use to perform it. SA tools warn developers about potential bugs by scanning their source code for ...
Using evolution patterns to find duplicated bugs
Detect Related Bugs from Source Code Using Bug Information
COMPSAC '10: Proceedings of the 2010 IEEE 34th Annual Computer Software and Applications Conference

Open source projects often maintain open bug repositories during development and maintenance, and the reporters often point out straightly or implicitly the reasons why bugs occur when they submit them. The comments about a bug are very valuable for ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ESEC/FSE 2013: Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering

August 2013

738 pages

ISBN:9781450322379

DOI:10.1145/2491411

General Chair:
Bertrand Meyer
ETH Zurich, Switzerland
,
Program Chairs:
Luciano Baresi
Politecnico di Milano, Italy
,
Mira Mezini
TU Darmstadt, Germany

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSOFT: ACM Special Interest Group on Software Engineering

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 August 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ESEC/FSE'13

Sponsor:

SIGSOFT

ESEC/FSE'13: Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering

August 18 - 26, 2013

Saint Petersburg, Russia

Acceptance Rates

Overall Acceptance Rate 112 of 543 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

11
Total Citations
View Citations
451
Total Downloads

Downloads (Last 12 months)8
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Li XJiang JBenton SXiong YZhang L(2021)A Large-scale Study on API Misuses in the Wild2021 14th IEEE Conference on Software Testing, Verification and Validation (ICST)10.1109/ICST49551.2021.00034(241-252)Online publication date: Apr-2021
https://doi.org/10.1109/ICST49551.2021.00034
Noda KYokoyama HKikuchi S(2021)Sirius: Static Program Repair with Dependence Graph-Based Systematic Edit Patterns2021 IEEE International Conference on Software Maintenance and Evolution (ICSME)10.1109/ICSME52107.2021.00045(437-447)Online publication date: Sep-2021
https://doi.org/10.1109/ICSME52107.2021.00045
Higo YMatsumoto JKusumoto S(2021)Tree-based Mining of Fine-grained Code Changes to Detect Unknown Change Patterns2021 28th Asia-Pacific Software Engineering Conference (APSEC)10.1109/APSEC53868.2021.00014(61-71)Online publication date: Dec-2021
https://doi.org/10.1109/APSEC53868.2021.00014
Higo YHayashi SHata HNagappan M(2020)Ammonia: an approach for deriving project-specific bug patternsEmpirical Software Engineering10.1007/s10664-020-09807-wOnline publication date: 7-Mar-2020
https://doi.org/10.1007/s10664-020-09807-w
Tasnim ARahman M(2018)Inferring Bug Patterns for Detecting Bugs in JavaScript By Analyzing Abstract Syntax Tree2018 Joint 7th International Conference on Informatics, Electronics & Vision (ICIEV) and 2018 2nd International Conference on Imaging, Vision & Pattern Recognition (icIVPR)10.1109/ICIEV.2018.8640995(503-507)Online publication date: Jun-2018
https://doi.org/10.1109/ICIEV.2018.8640995
Zhong HMeng N(2017)Towards reusing hints from past fixesEmpirical Software Engineering10.1007/s10664-017-9584-323:5(2521-2549)Online publication date: 23-Dec-2017
https://doi.org/10.1007/s10664-017-9584-3
Zhong HSu ZBertolino ACanfora GElbaum S(2015)An empirical study on real bug fixesProceedings of the 37th International Conference on Software Engineering - Volume 110.5555/2818754.2818864(913-923)Online publication date: 16-May-2015
https://dl.acm.org/doi/10.5555/2818754.2818864
Chen FKim SDi Nitto EHarman MHeymans P(2015)Crowd debuggingProceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering10.1145/2786805.2786819(320-332)Online publication date: 30-Aug-2015
https://dl.acm.org/doi/10.1145/2786805.2786819
Zhong HSu Z(2015)An Empirical Study on Real Bug Fixes2015 IEEE/ACM 37th IEEE International Conference on Software Engineering10.1109/ICSE.2015.101(913-923)Online publication date: May-2015
https://doi.org/10.1109/ICSE.2015.101
Wang QLi XMei HLv JZhou MZhang C(2014)Bug localization via searching crowd-contributed codeProceedings of the 6th Asia-Pacific Symposium on Internetware10.1145/2677832.2677833(1-10)Online publication date: 17-Nov-2014
https://dl.acm.org/doi/10.1145/2677832.2677833
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents