Suresh Thummalapenta,Tao Xie

DOI: https://doi.org/10.1007/s10515-011-0086-z

IF: 1.677

2011-01-01

Automated Software Engineering

Abstract:To improve software quality, static or dynamic defect-detection tools accept programming rules as input and detect their violations in software as defects. As these programming rules are often not well documented in practice, previous work developed various approaches that mine programming rules as frequent patterns from program source code. Then these approaches use static or dynamic defect-detection techniques to detect pattern violations in source code under analysis. However, these existing approaches often produce many false positives due to various factors. To reduce false positives produced by these mining approaches, we develop a novel approach, called Alattin, that includes new mining algorithms and a technique for detecting neglected conditions based on our mining algorithm. Our new mining algorithms mine patterns in four pattern formats: conjunctive, disjunctive, exclusive-disjunctive, and combinations of these patterns. We show the benefits and limitations of these four pattern formats with respect to false positives and false negatives among detected violations by applying those patterns to the problem of detecting neglected conditions.

Tao Xie,Suresh Thummalapenta

2011-01-01

Abstract:The major goal of software development is to deliver high-quality software efficiently. To achieve this goal of delivering high-quality software efficiently, programmers often reuse existing frameworks or libraries, hereby referred to as libraries, instead of developing similar code artifacts from the scratch. However, programmers often face challenges in reusing existing libraries due to two major factors. First, many existing libraries are not well-documented. Even when such documentations exist, they are often outdated. Second, many existing libraries expose a large number of application programming interfaces (APIs), which represent interfaces through which libraries expose their functionalities. For example, the .NET base library provides nearly 10,000 API classes. Due to these two preceding factors, there exist three major problems that affect both software productivity and quality. First, programmers often spend more time in reusing existing libraries, thereby reducing software productivity. Second, programmers introduce defects while using APIs due to lack of proper knowledge on how to reuse those APIs. Third, existing white-box test generation techniques face challenges in effectively generating test inputs for the client code that reuses libraries. To address these three preceding issues, in this dissertation, we propose a general framework, called WebMiner, that uses existing open source code available on the web by leveraging a code search engine. In particular, WebMiner infers usage specifications for API methods under analysis by automatically collecting relevant code examples from the open source code available on the web. WebMiner next applies data mining techniques on those collected code examples to identify common patterns, which represent likely usage of APIs, referred to as API usage specifications. The primary reason for identifying common patterns is based on the observation that majority of the programmers correctly adhere to API usage specifications and those common patterns are likely to represent the correct usage of APIs. We further propose six approaches based on our general framework, where each approach focuses on a specific software engineering (SE) task such as detecting defects in an application under analysis. In particular, the first two approaches assist programmers in effectively reusing APIs provided by existing libraries. The next two approaches use mined API usage specifications as programming rules and detect defects in applications under analysis as deviations from the mined specifications. Finally, the last two approaches mine static and dynamic traces, respectively, for effectively generating test inputs that achieve high structural coverage of the code under test. We also propose another approach that addresses a major issue with mining-based approaches, which are not effective in scenarios where usage information is not available for the API methods under analysis or usage information is not sufficient to achieve the SE task under analysis. Our empirical results show that the approaches developed based on our WebMiner framework effectively address the respective SE tasks handled by those approaches. In particular, our empirical results demonstrate the effectiveness of expanding the data scope of mining-based approaches to large open source code available on the web. Our results also show that our approaches address queries posted in developer forums and detect new defects that are not detected by existing related approaches, thereby improving both software productivity and quality.

Suresh Thummalapenta,Tao Xie

DOI: https://doi.org/10.1109/icse.2009.5070548

2009-01-01

Abstract:Programming languages such as Java and C++ provide exception-handling constructs to handle exception conditions. Applications are expected to handle these exception conditions and take necessary recovery actions such as releasing opened database connections. However, exception-handling rules that describe these necessary recovery actions are often not available in practice. To address this issue, we develop a novel approach that mines exception-handling rules as sequence association rules of the form “(FC1c1…FCcn) ∧ FCa ⇒ (FCe1…FCem)”. This rule describes that function call FCa should be followed by a sequence of function calls (FCe1…FCem) when FCa is preceded by a sequence of function calls (FCe1…FCcn). Such form of rules is required to characterize common exception-handling rules. We show the usefulness of these mined rules by applying them on five real-world applications (including 285 KLOC) to detect violations in our evaluation. Our empirical results show that our approach mines 294 real exception-handling rules in these five applications and also detects 160 defects, where 87 defects are new defects that are not found by a previous related approach.

Pan Bian,Bin Liang,Yan Zhang,Chaoqun Yang,Wenchang Shi,Yan Cai

DOI: https://doi.org/10.1109/tse.2018.2816639

IF: 7.4

2019-01-01

IEEE Transactions on Software Engineering

Abstract:Code mining has been proven to be a promising approach to inferring implicit programming rules for finding software bugs. However, existing methods may report large numbers of false positives and false negatives. In this paper, we propose a novel approach called EAntMiner to improve the effectiveness of code mining. EAntMiner elaborately reduces noises from statements irrelevant to interesting rules and different implementation forms of the same logic. During preprocessing, we employ program slicing to decompose the original source repository into independent sub-repositories. In each sub-repository, statements irrelevant to critical operations (automatically extracted from source code) are excluded and various semantics-equivalent implementations are normalized into a canonical form as far as possible. Moreover, to tackle the challenge that some bugs are difficult to be detected by mining frequent patterns as rules, we further developed a kNN-based method to identify them. We have implemented EAntMiner and evaluated it on four large-scale C systems. EAntMiner successfully detected 105 previously unknown bugs that have been confirmed by corresponding development communities. A set of comparative evaluations also demonstrate that EAntMiner can effectively improve the precision of code mining.

Xiaoxue Ren,Xinyuan Ye,Zhenchang Xing,Xin Xia,Xiwei Xu,Liming Zhu,Jianling Sun

DOI: https://doi.org/10.1145/3324884.3416551

2020-01-01

Abstract:ABSTRACTAPI misuses cause significant problem in software development. Existing methods detect API misuses against frequent API usage patterns mined from codebase. They make a naive assumption that API usage that deviates from the most-frequent API usage is a misuse. However, there is a big knowledge gap between API usage patterns and API usage caveats in terms of comprehensiveness, explainability and best practices. In this work, we propose a novel approach that detects API misuses directly against the API caveat knowledge, rather than API usage patterns. We develop open information extraction methods to construct a novel API-constraint knowledge graph from API reference documentation. This knowledge graph explicitly models two types of API-constraint relations (call-order and condition-checking) and enriches return and throw relations with return conditions and exception triggers. It empowers the detection of three types of frequent API misuses - missing calls, missing condition checking and missing exception handling, while existing detectors mostly focus on only missing calls. As a proof-of-concept, we apply our approach to Java SDK API Specification. Our evaluation confirms the high accuracy of the extracted API-constraint relations. Our knowledge-driven API misuse detector achieves 0.60 (68/113) precision and 0.28 (68/239) recall for detecting Java API misuses in the API misuse benchmark MuBench. This performance is significantly higher than that of existing pattern-based API misused detectors. A pilot user study with 12 developers shows that our knowledge-driven API misuse detection is very promising in helping developers avoid API misuses and debug the bugs caused by API misuses.

YU Zhen,SU Xiao-hong,WANG Tian-tian,MA Pei-jun

DOI: https://doi.org/10.3969/j.issn.0372-2112.2013.02.007

2013-01-01

Abstract:A general and efficient method is proposed to automatically extract the rules and detect violations to the rules extracted.Closed frequent itemset mining is applied to mine programming patterns.Then these patterns are used to generate programming rules.The concept of Positive Order Rule is introduced to avoid generating redundant rules from the same programming pattern.Based on these efforts,we also propose an efficient violations detection algorithm to detect program segments that are not consistent with the extracted rules.The experiment results on large software source code indicate that this method can automatically extract lots of implicit programming rules and also can efficiently detect the code segments that violate the extracted rules.

Huxing Zhang,Gang Wu,Kingsum Chow,Zhidong Yu,XueZhi Xing

DOI: https://doi.org/10.1109/dsnw.2011.5958824

2011-01-01

Abstract:Resource management is crucial to software productions. Resources must be carefully acquired and released, or a resource leak might occur. For open source projects, resource leaks can be easily introduced during code check-in, and it is laborious to review, identify, report, and fix such leaks. Recently, there has been a growing interest in data mining API usage patterns to discover potential bugs such as resource leaks. However, the usage patterns mined are specific to a certain library, which cannot be applied to detect bugs in other libraries. In this paper, we present an idea called MODE, "Mine Once, Detect Everywhere", to address the universality of such patterns, and use them to detect potential resource leaks automatically before code check-in. We propose an efficient algorithm to record the most valuable API calls that are related to resource usage during program execution, and mine resource usage patterns from the traces with a sequence miner. To verify the effectiveness of the patterns, experiments are given to use them to detect real resource leaks in large open source projects.

Shibin Zhao,Junhu Zhu,Jianshan Peng

DOI: https://doi.org/10.32604/cmc.2024.041949

2024-01-01

Abstract:In recent years, the rapid development of computer software has led to numerous security problems, particularly software vulnerabilities. These flaws can cause significant harm to users' privacy and property. Current security defect detection technology relies on manual or professional reasoning, leading to missed detection and high false detection rates. Artificial intelligence technology has led to the development of neural network models based on machine learning or deep learning to intelligently mine holes, reducing missed alarms and false alarms. So, this XSS (Transform), and Structured Query Language (SQL) injection. Also, the project uses open-source Javalang to translate the Java source code, conducts a deep search on the AST to obtain the empty syntax feature library, and converts the Java source code into a dependency graph. The feature vector is then used as the learning target for the neural network. Four types of Convolutional Neural Networks (CNN), Long Short-Term Memory (LSTM), Bi-directional Long Short-Term Memory (BiLSTM), and Attention Mechanism + Bidirectional LSTM, are used to investigate various code defects, including blank pointer reference exception, XSS, and SQL injection defects. Experimental results show that the attention mechanism in two-dimensional BLSTM is the most effective for object recognition, verifying the correctness of the method.

Tao Xie,Mithun Acharya,Suresh Thummalapenta,Kunal Taneja

DOI: https://doi.org/10.1109/IPDPS.2008.4536384

2008-01-01

Abstract:A software system interacts with third-party libraries through various APIs. Insufficient documentation and constant refactorings of third-party libraries make API library reuse difficult and error prone. Using these library APIs often needs to follow certain usage patterns. These patterns aid developers in addressing commonly faced programming problems such as what checks should precede or follow API calls, how to use a given set of APIs for a given task, or what API method sequence should be used to obtain one object from another. Ordering rules (specifications) also exist between APIs, and these rules govern the secure and robust operation of the system using these APIs. These patterns and rules may not be well documented by the API developers. Furthermore, usage patterns and specifications might change with library refactorings, requiring changes in the software that reuse the library. To address these issues, we develop novel techniques (and their supporting tools) based on mining source code, assisting developers in productively reusing third party libraries to build reliable and secure software.

David Lo,Siau-Cheng Khoo,Chao Liu

DOI: https://doi.org/10.1002/smr.375

2008-01-01

Abstract:Software evolution incurs difficulties in program comprehensionand software verification, and hence it increases the cost ofsoftware maintenance. In this study, we propose a novel techniqueto mine from program execution traces a sound and complete set ofstatistically significant temporal rules of arbitrary lengths. Theextracted temporal rules reveal invariants that the programobserves, and will consequently guide developers to understand theprogram behaviors, and facilitate all downstream applications suchas verification and debugging. Different from previous studies thatwere restricted to mining two-event rules (e.g., (lock)→(unlock)), our algorithm discovers rules of arbitrarylengths. In order to facilitate downstream applications, werepresent the mined rules as temporal logic expressions, so thatexisting model checkers or other formal analysis toolkit canreadily consume our mining results. Performance studies onbenchmark data sets and a case study on an industrial system havebeen performed to show the scalability and utility of our approach.We performed case studies on JBoss application server and a buggyconcurrent versions system application, and the result clearlydemonstrates the usefulness of our technique in recoveringunderlying program designs and detecting bugs. Copyright ©2008 John Wiley & Sons, Ltd.This work was done while the author was with School ofComputing, National University of Singapore.

Xiaoxue Ren,Xinyuan Ye,Zhenchang Xing,Xin Xia,Xiwei Xu,Liming Zhu,Jianling Sun

DOI: https://doi.org/10.1145/3468264.3473112

2021-01-01

Abstract:Application Programming Interfaces (APIs) typically come with usage constraints. The violations of these constraints (i.e. API misuses) can cause significant problems in software development. Existing methods mine frequent API usage patterns from codebase to detect API misuses. They make a naive assumption that API usage that deviates from the most-frequent API usage is a misuse. However, there is a big knowledge gap between API usage patterns and API usage constraints in terms of comprehensiveness, explainability and best practices. Inspired by this, we propose a novel approach named KGAMD (API-Misuse Detector Driven by Fine-Grained API-Constraint Knowledge Graph) that detects API misuses directly against the API constraint knowledge, rather than API usage patterns. We first construct a novel API-constraint knowledge graph from API reference documentation with open information extraction methods. This knowledge graph explicitly models two types of API-constraint relations (call-order and condition-checking) and enriches return and throw relations with return conditions and exception triggers. Then, we develop the KGAMD tool that utilizes the knowledge graph to detect API misuses. There are three types of frequent API misuses we can detect - missing calls, missing condition checking and missing exception handling, while existing detectors mostly focus on only missing calls. Our quantitative evaluation and user study demonstrate that our KGAMD is promising in helping developers avoid and debug API misuses.

Hushuang Zcng,Jingxin Chen,Bcijun Shen,Hao Zhong

DOI: https://doi.org/10.1109/apsec53868.2021.00024

2021-01-01

Abstract:Calling Application Programming Interfaces (APIs) shall follow various constraints (e.g., call orders). If these con-straints are violated, API misuses are introduced to code, and such misuses can cause severe bugs. To effectively detect API misuses, most prior approaches mine constraints from client code, and assume that the violations of constraints are potential misuses. However, as client code only illustrates a small portion of API usages, constraints mined from client code are typically incomplete. As a result, when mined constraints are used to detect bugs, many violations of constraints turn out to be false positives. In this paper, our research purpose is to find more misuses and to reduce false positives. As library code contains many details on APIs, we propose an approach that mines API constraints from both client and library code. From client code, our approach builds API usage graphs and uses a frequent subgraph mining algorithm to mine frequent usage patterns as API constraints. From library code, our approach derives various types of constraints with our predefined strategies. With constraints from both sources, our graph matching algorithm can detect API misuses. As a result, our approach takes advantage from both the comprehensiveness and informativeness of library-based constraints and the accuracy of client-based patterns. We compared our approach with MuDetect on the MuBench dataset. Our results show that it significantly improves the detection effectiveness of MuBench from 39.5% to 50.2% of the recall, and from 30.6% to 41.7% of the precision.

Suresh Thummalapenta,Tao Xie

DOI: https://doi.org/10.1109/ase.2008.43

2008-09-01

Abstract:Software developers often face challenges in reusing open source frameworks due to several factors such as the framework complexity and lack of proper documentation. In this paper, we propose a code-search-engine-based approach that detects hotspots in a given framework by mining code examples gathered from open source repositories available on the web; these hotspots are API classes and methods that are frequently reused. Hotspots can serve as starting points for developers in understanding and reusing the given framework. Our approach also detects coldspots, which are API classes and methods that are rarely used. Coldspots serve as caveats for developers as there can be difficulties in finding relevant code examples and are generally less exercised compared to hotspots. We developed a tool, called SpotWeb, for frameworks or libraries written in Java and used our tool to detect hotspots and coldspots of eight widely used open source frameworks. We show the utility of our detected hotspots by comparing these hotspots with the API classes reused by a real application and compare our results with the results of a previous related approach.

Sebastian R. Lamelas Marcote,J. Xuan,Matias Martinez,Daniel Le Berre,Maxime Clement,Monperrus Martin,F. Demarco,Thomas Durieux

DOI: https://doi.org/10.1109/TSE.2016.2560811

IF: 7.4

2018-11-10

IEEE Transactions on Software Engineering

Abstract:We propose Nopol, an approach to automatic repair of buggy conditional statements (i.e., if-then-else statements). This approach takes a buggy program as well as a test suite as input and generates a patch with a conditional expression as output. The test suite is required to contain passing test cases to model the expected behavior of the program and at least one failing test case that reveals the bug to be repaired. The process of Nopol consists of three major phases. First, Nopol employs angelic fix localization to identify expected values of a condition during the test execution. Second, runtime trace collection is used to collect variables and their actual values, including primitive data types and objected-oriented features (e.g., nullness checks), to serve as building blocks for patch generation. Third, Nopol encodes these collected data into an instance of a Satisfiability Modulo Theory (SMT) problem; then a feasible solution to the SMT instance is translated back into a code patch. We evaluate Nopol on 22 real-world bugs (16 bugs with buggy if conditions and six bugs with missing preconditions) on two large open-source projects, namely Apache Commons Math and Apache Commons Lang. Empirical analysis on these bugs shows that our approach can effectively fix bugs with buggy if conditions and missing preconditions. We illustrate the capabilities and limitations of Nopol using case studies of real bug fixes.

Computer Science

Khouloud Oueslati,Gabriel Laberge,Maxime Lamothe,Foutse Khomh

2024-05-22

Abstract:Defect reduction planning plays a vital role in enhancing software quality and minimizing software maintenance costs. By training a black box machine learning model and "explaining" its predictions, explainable AI for software engineering aims to identify the code characteristics that impact maintenance risks. However, post-hoc explanations do not always faithfully reflect what the original model computes. In this paper, we introduce CounterACT, a Counterfactual ACTion rule mining approach that can generate defect reduction plans without black-box models. By leveraging action rules, CounterACT provides a course of action that can be considered as a counterfactual explanation for the class (e.g., buggy or not buggy) assigned to a piece of code. We compare the effectiveness of CounterACT with the original action rule mining algorithm and six established defect reduction approaches on 9 software projects. Our evaluation is based on (a) overlap scores between proposed code changes and actual developer modifications; (b) improvement scores in future releases; and (c) the precision, recall, and F1-score of the plans. Our results show that, compared to competing approaches, CounterACT's explainable plans achieve higher overlap scores at the release level (median 95%) and commit level (median 85.97%), and they offer better trade-off between precision and recall (median F1-score 88.12%). Finally, we venture beyond planning and explore leveraging Large Language models (LLM) for generating code edits from our generated plans. Our results show that suggested LLM code edits supported by our plans are actionable and are more likely to pass relevant test cases than vanilla LLM code recommendations.

Software Engineering,Machine Learning

Jiaxi Xu,Fei Wang,Jun Ai

DOI: https://doi.org/10.1109/tr.2020.3040191

IF: 5.883

2021-06-01

IEEE Transactions on Reliability

Abstract:To optimize the process of software testing and to improve software quality and reliability, many attempts have been made to develop more effective methods for predicting software defects. Previous work on defect prediction has used machine learning and artificial software metrics. Unfortunately, artificial metrics are unable to represent the features of syntactic, semantic, and context information of defective modules. In this article, therefore, we propose a practical approach for identifying software defect patterns via the combination of semantics and context information using abstract syntax tree representation learning. Graph neural networks are also leveraged to capture the latent defect information of defective subtrees, which are pruned based on a fix-inducing change. To validate the proposed approach for predicting defects, we define mining rules based on the GitHub workflow and collect 6052 defects from 307 projects. The experiments indicate that the proposed approach performs better than the state-of-the-art approach and five traditional machine learning baselines. An ablation study shows that the information about code concepts leads to a significant increase in accuracy.

engineering, electrical & electronic,computer science, software engineering, hardware & architecture

Xiang Li,Jinfu Chen,Zhechao Lin,Lin Zhang,Zibin Wang,Minmin Zhou,Wanggen Xie

DOI: https://doi.org/10.1109/cbd.2017.58

2017-08-01

Abstract:Software vulnerability remains a serious challenge to the software engineering domain over the past decade as a result of the recent technological advancement in information systems. The rapid development in software applications and failure on the part of system developers to properly analyze program codes before been released to the market increases the chance for data breaches. It is a known fact that most system failures are as a result of bugs and errors detected in software applications. Although code errors significantly affect software quality, there is no effective method that can be used in eliminating software errors to improve its reliability. Data Mining and its related algorithms are an active area which can successfully be applied in analyzing software vulnerability. However the concept of applying data mining techniques has not been empirically proven as an effective method for obtaining the essential characteristics of software vulnerability. To investigate this effect, we propose a vulnerability mining algorithm to analyze and obtain the essential characteristics of Software vulnerability based data mining techniques. We first extracted and preprocessed the software vulnerabilities using data mining techniques and common vulnerability database. We evaluate the proposed technique using the Common Vulnerability and Exposure (CVE) Database, Common Weakness Enumeration (CWE) Database, National Vulnerability Database (NVD) datasets. Empirical results show that the proposed vulnerability mining algorithm has a remarkable improvement in the vulnerability mining process. The most interesting finding is that, we observed that across all the three projects, recall was around 70% and precision was approximately 60%.

Heng-Yi Li,Ming Li,Zhi-Hua Zhou

DOI: https://doi.org/10.1007/978-3-030-16142-2_17

2019-01-01

Abstract:Software defect mining is playing an important role in software quality assurance. Many deep neural network based models have been proposed for software defect mining tasks, and have pushed forward the state-of-the-art mining performance. These deep models usually require a huge amount of task-specific source code for training to capture the code functionality to mine the defects. But such requirement is often hard to be satisfied in practice. On the other hand, lots of free source code and corresponding textual explanations are publicly available in the open source software repositories, which is potentially useful in modeling code functionality. However, no previous studies ever leverage these resources to help defect mining tasks. In this paper, we propose a novel framework to learn one reusable deep model for code functional representation using the huge amount of publicly available task-free source code as well as their textual explanations. And then reuse it for various software defect mining tasks. Experimental results on three major defect mining tasks with real world datasets indicate that by reusing this model in specific tasks, the mining performance outperforms its counterpart that learns deep models from scratch, especially when the training data is insufficient.

Bin Liang,Pan Bian,Yan Zhang,Wenchang Shi,Wei You,Yan Cai

DOI: https://doi.org/10.1145/2884781.2884870

2016-01-01

Abstract:Detecting bugs with code mining has proven to be an effective approach. However, the existing methods suffer from reporting serious false positives and false negatives. In this paper, we developed an approach called AntMiner to improve the precision of code mining by carefully preprocessing the source code. Specifically, we employ the program slicing technique to decompose the original source repository into independent sub-repositories, taking critical operations (automatically extracted from source code) as slicing criteria. In this way, the statements irrelevant to a critical operation are excluded from the corresponding sub-repository. Besides, various semantics-equivalent representations are normalized into a canonical form. Eventually, the mining process can be performed on a refined code database, and false positives and false negatives can be significantly pruned. We have implemented AntMiner and applied it to detect bugs in the Linux kernel. It reported 52 violations that have been either confirmed as real bugs by the kernel development community or fixed in new kernel versions. Among them, 41 cannot be detected by a widely used representative analysis tool Coverity . Besides, the result of a comparative analysis shows that our approach can effectively improve the precision of code mining and detect subtle bugs that have previously been missed.