Inferring project-specific bug patterns for detecting sibling bugs

Guangtai Liang, Qianxiang Wang, Tao Xie, Hong Mei

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Lightweight static bug-detection tools such as FindBugs, PMD, Jlint, and Lint4j detect bugs with the knowledge of generic bug patterns (e.g., objects of java.io. InputStream are not closed in time after used). Besides generic bug patterns, different projects under analysis may have some project-specific bug patterns. For example, in a revision of the Xerces project, the class field "fDTDHandler" is dereferenced without proper null-checks, while it could actually be null at runtime. We name such bug patterns directly related to objects instantiated in specific projects as Project-Specific Bug Patterns (PSBPs). Due to lack of such PSBP knowledge, existing tools usually fail in effectively detecting most of this kind of bugs. We name bugs belonging to the same project and sharing the same PSBP as sibling bugs. If some sibling bugs are fixed in a fix revision but some others remain, we treat such fix as an incomplete fix. To address such incomplete fixes, we propose a PSBP-based approach for detecting sibling bugs and implement a tool called Sibling-Bug Detector (SBD). Given a fix revision, SBD first infers the PSBPs implied by the fix revision. Then, based on the inferred PSBPs, SBD detects their related sibling bugs in the same project. To evaluate SBD, we apply it to seven popular open-source projects. Among the 108 warnings reported by SBD, 63 of them have been confirmed as real bugs by the project developers, while two existing popular static detectors (FindBugs and PMD) cannot report most of them.

Original languageEnglish (US)
Title of host publication2013 9th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, ESEC/FSE 2013 - Proceedings
Pages565-575
Number of pages11
DOIs
StatePublished - 2013
Externally publishedYes
Event2013 9th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, ESEC/FSE 2013 - Saint Petersburg, Russian Federation
Duration: Aug 18 2013Aug 26 2013

Publication series

Name2013 9th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, ESEC/FSE 2013 - Proceedings

Other

Other2013 9th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, ESEC/FSE 2013
Country/TerritoryRussian Federation
CitySaint Petersburg
Period8/18/138/26/13

Keywords

  • Incomplete fixes
  • Project-specific bug patterns
  • Sibling-bug detection

ASJC Scopus subject areas

  • Software

Fingerprint

Dive into the research topics of 'Inferring project-specific bug patterns for detecting sibling bugs'. Together they form a unique fingerprint.

Cite this