Extending static analysis by mining project-specific rules

Sun, Dong; Shu,; Podgurski,; Robinson, Stewart

doi:10.1109/icse.2012.6227114

Cited by 11 publications

(16 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Some work avoid such issue by only mining changes related to bug-fixes [12], [16], [13], [17], [18]. This is done by mining commit messages in the system history to find bug-fix changes.…”

Section: Mining Changes From Historymentioning

confidence: 99%

“…While they use predicates to infer logic rules, we also adopt predicates to support the definition of change patterns. Sun et al [17] propose to extend static analysis by discovering specific rules. They focus on mining a graph, with data or control dependences, to discover specific bugs.…”

Section: B Concrete Casesmentioning

confidence: 99%

“…For example, one can keep track of syntactical changes (e.g., when adding or removing conditional statements, modifying expressions), or structural changes (e.g., when adding or removing classes, methods, method invocations). While syntactical changes play important role in approaches in the context of bug discovering [13], [12], [17], [18], they have relatively small role in discovering systematic changes, for which structural changes are better suited since it does not take into account low level modifications [11], [16].…”

Section: Mining Changes From Historymentioning

confidence: 99%

“…To counter the fact that generic rules, in general, do not prevent introduction of bugs in software [8], [3], [9], [14], [10], [5], [15], some work is dedicated to mine rules from source code history by learning from bug-fixes [12], [16], [13], [17], [18]. Focusing on bug-fixes allows to reduce the search space to extract rules.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Mining system specific rules from change patterns

Hora

Anquetil

Ducasse

et al. 2013

2013 20th Working Conference on Reverse Engineering (WCRE)

View full text Add to dashboard Cite

Abstract-A significant percentage of warnings reported by tools to detect coding standard violations are false positives. Thus, there are some works dedicated to provide better rules by mining them from source code history, analyzing bug-fixes or changes between system releases. However, software evolves over time, and during development not only bugs are fixed, but also features are added, and code is refactored. In such cases, changes must be consistently applied in source code to avoid maintenance problems. In this paper, we propose to extract system specific rules by mining systematic changes over source code history, i.e., not just from bug-fixes or system releases, to ensure that changes are consistently applied over source code. We focus on structural changes done to support API modification or evolution with the goal of providing better rules to developers. Also, rules are mined from predefined rule patterns that ensure their quality. In order to assess the precision of such specific rules to detect real violations, we compare them with generic rules provided by tools to detect coding standard violations on four real world systems covering two programming languages. The results show that specific rules are more precise in identifying real violations in source code than generic ones, and thus can complement them.

show abstract

“…Some work avoid such issue by only mining changes related to bug-fixes [12], [16], [13], [17], [18]. This is done by mining commit messages in the system history to find bug-fix changes.…”

Section: Mining Changes From Historymentioning

confidence: 99%

Section: B Concrete Casesmentioning

confidence: 99%

Section: Mining Changes From Historymentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Mining system specific rules from change patterns

Hora

Anquetil

Ducasse

et al. 2013

2013 20th Working Conference on Reverse Engineering (WCRE)

View full text Add to dashboard Cite

show abstract

“…As a result, some faults might be missed. SCAT also fall short to detect the violation of application-specific rules [3]. For example, it might be necessary to check some of the arguments and/or return values before/after certain method calls.…”

Section: Introductionmentioning

confidence: 99%

Extending Static Code Analysis with Application-Specific Rules by Analyzing Runtime Execution Traces

Ersoy

Sözer

2016

Communications in Computer and Information Science

View full text Add to dashboard Cite

Abstract. Static analysis tools cannot detect violations of applicationspecific rules. They can be extended with specialized checkers that implement the verification of these rules. However, such rules are usually not documented explicitly. Moreover, the implementation of specialized checkers is a manual process that requires expertise. In this work, application-specific programming rules are automatically extracted from execution traces collected at runtime. These traces are analyzed offline to identify programming rules. Then, specialized checkers for these rules are introduced as extensions to a static analysis tool so that their violations can be checked throughout the source code. We implemented our approach for Java programs, considering 3 types of faults. We performed an evaluation with an industrial case study from the telecommunications domain. We were able to detect real faults with checkers that were generated based on the analysis of execution logs.

show abstract

Automatic detection of system-specific conventions unknown to developers

Hora

Anquetil

Etien

et al. 2015

Journal of Systems and Software

View full text Add to dashboard Cite

In Apache Ant, a convention to improve maintenance was introduced in 2004 stating a new way to close files instead of the Java generic InputStream.close(). Yet, six years after its introduction, this convention was still not generally known to the developers. Two existing solutions could help in these cases. First, one can deprecate entities, but, in our example, one can hardly deprecate Java's method. Second, one can create a system-specific rule to be automatically enforced. In a preceding publication, we showed that system-specific rules are more likely to be noticed by developers than generic ones. However, in practice, developers rarely create specific rules. We therefore propose to free the developers from the need to create rules by automatically detecting such conventions from source code repositories. This is done by mining the change history of the system to discover similar changes being applied over several revisions. The proposed approach is applied to real-world systems, and the extracted rules are validated with the help of experts. The results show that many rules are in fact relevant for the experts.

show abstract

Extending static analysis by mining project-specific rules

Cited by 11 publications

References 16 publications

Mining system specific rules from change patterns

Mining system specific rules from change patterns

Extending Static Code Analysis with Application-Specific Rules by Analyzing Runtime Execution Traces

Automatic detection of system-specific conventions unknown to developers

Contact Info

Product

Resources

About