Predicting accurate and actionable static analysis warnings

Ruthruff, Joseph R.; Penix, John; Morgenthaler, J. David; Elbaum, Sebastian; Rothermel, Gregg

doi:10.1145/1368088.1368135

Cited by 99 publications

(101 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Future research could evaluate how our approaches can complement the work above. Ruthruff et al propose a filtering approach to detecting accurate and actionable SBF warnings [49]. They use priority of warnings, defined by the SBF , type of error detected, and features of the affected file (e.g., size and warning depth) to do the filtering.…”

Section: Related Workmentioning

confidence: 99%

On the "naturalness" of buggy code

Ray

Hellendoorn

Godhane

et al. 2016

Proceedings of the 38th International Conference on Software Engineering

192

141

View full text Add to dashboard Cite

Real software, the kind working programmers produce by the kLOC to solve real-world problems, tends to be "natural", like speech or natural language; it tends to be highly repetitive and predictable. Researchers have captured this naturalness of software through statistical models and used them to good effect in suggestion engines, porting tools, coding standards checkers, and idiom miners. This suggests that code that appears improbable, or surprising, to a good statistical language model is "unnatural" in some sense, and thus possibly suspicious. In this paper, we investigate this hypothesis. We consider a large corpus of bug fix commits (ca. 7,139), from 10 different Java projects, and focus on its language statistics, evaluating the naturalness of buggy code and the corresponding fixes. We find that code with bugs tends to be more entropic (i.e. unnatural), becoming less so as bugs are fixed. Ordering files for inspection by their average entropy yields cost-effectiveness scores comparable to popular defect prediction methods. At a finer granularity, focusing on highly entropic lines is similar in cost-effectiveness to some well-known static bug finders (PMD, FindBugs) and ordering warnings from these bug finders using an entropy measure improves the cost-effectiveness of inspecting code implicated in warnings. This suggests that entropy may be a valid, simple way to complement the effectiveness of PMD or FindBugs, and that search-based bug-fixing methods may benefit from using entropy both for fault-localization and searching for fixes.

show abstract

Section: Related Workmentioning

confidence: 99%

On the "naturalness" of buggy code

Ray

Hellendoorn

Godhane

et al. 2016

Proceedings of the 38th International Conference on Software Engineering

192

141

View full text Add to dashboard Cite

show abstract

“…Также стоит отметить работу Муске и др. [32], в которой авторы применяют логистическую регрессию для определения вероятности каждого предупреждения быть ложным или нет с точки зрения необходимости исправления ошибки в коде. Авторы выделили несколько групп факторов, влияющих на вероятность отнесения предупреждения к истинно-положительному или ложноположительному, а также на вероятность того, что обнаруженная ситуация в коде должна быть исправлена.…”

Section: отсечение или классификация предупрежденийunclassified

Survey on static program analysis results refinement approaches

Gerasimov¹

2017

Proceedings of the Institute for System Programming of the RAS

View full text Add to dashboard Cite

show abstract

“…In our study, code characteristics are chosen independent of specific hardware description languages, which is listed in Table I. 2) History Characteristics: History information, such as past changes, fixes, bugs, and so on, may also have significant impacts on bug occurrence. In the domain of software engineering, history information has already been demonstrated to be helpful in predicting software defects [20]- [22], [26], [31], [42]. Hence, the proposed pre-silicon bug forecast framework also utilizes history information.…”

Section: ) Code Characteristicsmentioning

confidence: 99%

“…In the field of software engineering, many studies have been dedicated to characterize the relationship between the software characteristics and fault-proneness to assess the design quality [5], [19]- [22], [26], [27], [30], [31], [42], which mainly focused on selecting characteristics that have most impacts on the fault-proneness of software.…”

Section: B Defect Prediction In Software Engineeringmentioning

confidence: 99%

Pre-Silicon Bug Forecast

Guo

Chen

Wang³

et al. 2014

IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst.

View full text Add to dashboard Cite

Abstract-The ever-intensifying time-to-market pressure imposes great challenges on the pre-silicon design phase of hardware. Before the tape-out, a pre-silicon design has to be thoroughly inspected by time-consuming functional verification and code review to exclude bugs. For functional verification and code review, a critical issue determining their efficiency is the allocation of resources (e.g., computational resources and manpower) to different modules of a design, which is conventionally guided by designers' experiences. Such practices, though simple and straightforward, may take high risks of wasting resources on bugfree modules or missing bugs in buggy modules, and thus could affect the success and timeline of the tape-out. In this paper, we propose a novel framework called pre-silicon bug forecast to predict the bug information of hardware designs. In this framework, bug models are built via machine learning techniques to characterize the relationship between design characteristics and the bug information, which can be leveraged to predict how bugs distribute in different modules of the current design. Such predicted bug information is adequate to regulate the resources among different modules to achieve efficient functional verification and code review. To evaluate the effectiveness of the proposed pre-silicon bug forecast framework, we conducted detailed experiments on several open-source hardware projects. Moreover, we also investigate the impacts of different learning techniques and different sets of characteristic on the performance of bug models. Experimental results show that with appropriate learning techniques and characteristics, about 90% modules could be correctly predicted as buggy or clean and the number of bugs of each module could also be accurately predicted.

show abstract

Predicting accurate and actionable static analysis warnings

Cited by 99 publications

References 21 publications

On the "naturalness" of buggy code

On the "naturalness" of buggy code

Survey on static program analysis results refinement approaches

Pre-Silicon Bug Forecast

Contact Info

Product

Resources

About