Abstract
Static checker frameworks support software developers by automatically discovering bugs that fit general-purpose bug patterns. These frameworks ship with hundreds of detectors for such patterns and allow developers to add custom detectors for their own projects. However, existing frameworks generally encode detectors in imperative specifications, with extensive details of not only what to detect but also how. These details complicate detector maintenance and evolution, and also interfere with the framework’s ability to change how detection is done, for instance, to make the detectors incremental.
In this paper, we present JavaDL, a Datalog-based declarative specification language for bug pattern detection in Java code. JavaDL seamlessly supports both exhaustive and incremental evaluation from the same detector specification. This specification allows developers to describe local detector components via syntactic pattern matching, and nonlocal (e.g., interprocedural) reasoning via Datalog-style logical rules.
We compare our approach against the well-established SpotBugs and Error Prone tools by re-implementing several of their detectors in JavaDL. We find that our implementations are substantially smaller and similarly effective at detecting bugs on the Defects4J benchmark suite, and run with competitive runtime performance. In our experiments, neither incremental nor exhaustive analysis can consistently outperform the other, which highlights the value of our ability to transparently switch execution modes. We argue that our approach showcases the potential of clear-box static checker frameworks that constrain the bug detector specification language to enable the framework to adapt and enhance the detectors.
Supplemental Material
- Edward Aftandilian, Raluca Sauciuc, Siddharth Priya, and Sundaresan Krishnan. 2012. Building Useful Program Analysis Tools Using an Extensible Java Compiler. In 2012 IEEE 12th International Working Conference on Source Code Analysis and Manipulation. 14–23. https://doi.org/10.1109/SCAM.2012.28 Google Scholar
Digital Library
- Steven Arzt and Eric Bodden. 2014. Reviser: Efficiently Updating IDE-/IFDS-Based Data-Flow Analyses in Response to Incremental Program Changes. In Proceedings of the 36th International Conference on Software Engineering (ICSE 2014). Association for Computing Machinery, New York, NY, USA. 288–298. isbn:9781450327565 https://doi.org/10.1145/2568225.2568243 Google Scholar
Digital Library
- Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. 2014. Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. Acm Sigplan Notices, 49, 6 (2014), 259–269. https://doi.org/10.1145/2666356.2594299 Google Scholar
Digital Library
- Nathaniel Ayewah, William Pugh, David Hovemeyer, J. David Morgenthaler, and Johan Penix. 2008. Using Static Analysis to Find Bugs. IEEE Software, 25, 5 (2008), 22–29. https://doi.org/10.1109/MS.2008.130 Google Scholar
Digital Library
- George Balatsouras and Yannis Smaragdakis. 2016. Structure-sensitive points-to analysis for C and C++. In International Static Analysis Symposium. 84–104. https://doi.org/10.1007/978-3-662-53413-7_5 Google Scholar
- Francois Bancilhon, David Maier, Yehoshua Sagiv, and Jeffrey D Ullman. 1985. Magic sets and other strange ways to implement logic programs. In Proceedings of the fifth ACM SIGACT-SIGMOD symposium on Principles of database systems. 1–15.Google Scholar
Digital Library
- Bas Basten and Paul Klint. 2008. DeFacto: Language-Parametric Fact Extraction from Source Code. In Revised Selected Papers of the First International Conference on Software Language Engineering, Dragan Gašević, Ralf Lämmel, and Eric Van Wyk (Eds.) (Lecture Notes in Computer Science, Vol. 5452). Springer International Publishing, 265–284. isbn:978-3-642-00433-9 https://doi.org/10.1007/978-3-642-00434-6_17 Google Scholar
Digital Library
- Eric Bodden, Andreas Sewe, Jan Sinschek, Hela Oueslati, and Mira Mezini. 2011. Taming reflection: Aiding static analysis in the presence of reflection and custom class loaders. In 2011 33rd International Conference on Software Engineering (ICSE). 241–250. https://doi.org/10.1145/1985793.1985827 Google Scholar
Digital Library
- Simon Brandhof, Julien Lancelot, Stas Vilchik, Fabrice Bellingard, David Gageot, Jean-Baptiste Vilain, Eric Hartmann, and Freddy Mallet. 2014. SonarQube. https://github.com/SonarSource/sonarqubeGoogle Scholar
- Martin Bravenboer and Yannis Smaragdakis. 2009. Strictly declarative specification of sophisticated points-to analyses. In Proceedings of OOPSLA ’09. ACM, New York, NY, USA. 243–262. isbn:978-1-60558-766-0 https://doi.org/10.1145/1640089.1640108 Google Scholar
Digital Library
- Oliver Burn, Roman Ivanov, Richard Veach, Pavel Bludov, Andrei Paikin, Ilja Dubinin, Andrei Selkin, Vladislav Lisetskii, Michał Kordas, Ruslan Diachenko, Baratali Izmailov, Daniil Yaroslavtsev, Ivan Sopov, Lars Kühne, Rick Giles, Oleg Sukhodolsky, Michael Studman, and Travis Schneeberger. 2021. Checkstyle 9.0. https://checkstyle.sourceforge.io/Google Scholar
- Cristiano Calcagno, Dino Distefano, Jérémy Dubreil, Dominik Gabi, Pieter Hooimeijer, Martino Luca, Peter O’Hearn, Irene Papakonstantinou, Jim Purbrick, and Dulma Rodriguez. 2015. Moving fast with software verification. In NASA Formal Methods Symposium. 3–11. https://doi.org/10.1007/978-3-319-17524-9_1 Google Scholar
Cross Ref
- Stefano Ceri, Georg Gottlob, and Letizia Tanca. 1989. What you always wanted to know about Datalog (and never dared to ask). IEEE transactions on knowledge and data engineering, 1, 1 (1989), 146–166.Google Scholar
Digital Library
- Tal Cohen, Joseph Gil, and Itay Maman. 2006. JTL: the Java tools language. ACM SIGPLAN Notices, 41, 10 (2006), 89–108.Google Scholar
Digital Library
- Tom Copeland. 2005. PMD applied. 10, Centennial Books Arexandria, Va, USA.Google Scholar
- Oege De Moor, Damien Sereni, Mathieu Verbaere, Elnar Hajiyev, Pavel Avgustinov, Torbjörn Ekman, Neil Ongkingco, and Julian Tibble. 2007. .QL: Object-oriented queries made easy. In International Summer School on Generative and Transformational Techniques in Software Engineering. 78–133. https://doi.org/10.1007/978-3-540-88643-3_3 Google Scholar
Digital Library
- Coen De Roover. 2009. A Logic Meta Programming Foundation for Example-Driven Pattern Detection in Object-Oriented Programs. Ph.D. Dissertation. Vrije Universiteit Brussel. isbn:978 90 5487 621 2Google Scholar
- Coen De Roover, Theo D’Hondt, Johan Brichau, Carlos Noguera, and Laurence Duchien. 2007. Behavioral similarity matching using concrete source code templates in logic queries. In Proceedings of the 2007 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation. 92–101. https://doi.org/10.1145/1244381.1244398 Google Scholar
Digital Library
- Coen De Roover, Carlos Noguera, Andy Kellens, and Vivane Jonckers. 2011. The SOUL Tool Suite for Querying Programs in Symbiosis with Eclipse. In Proceedings of the 9th International Conference on Principles and Practice of Programming in Java (PPPJ ’11). Association for Computing Machinery, New York, NY, USA. 71–80. isbn:9781450309356 https://doi.org/10.1145/2093157.2093168 Google Scholar
Digital Library
- Lisa Nguyen Quang Do, Karim Ali, Benjamin Livshits, Eric Bodden, Justin Smith, and Emerson Murphy-Hill. 2017. Just-in-Time Static Analysis. In Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2017). Association for Computing Machinery, New York, NY, USA. 307–317. isbn:9781450350761 https://doi.org/10.1145/3092703.3092705 Google Scholar
Digital Library
- Alexandru Dura, Hampus Balldin, and Christoph Reichenbach. 2019. MetaDL: Analysing Datalog in Datalog. In Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis. 38–43. https://doi.org/10.1145/3315568.3329970 Google Scholar
Digital Library
- Alexandru Dura, Christoph Reichenbach, and Emma Söderberg. 2021. JavaDL: Automatically Incrementalizing Java Bug Pattern Detection. https://doi.org/10.5281/zenodo.5090141 (artifact, OOPSLA 2021 AEC evaluated). Google Scholar
Digital Library
- Alexandru Dura, Christoph Reichenbach, and Emma Söderberg. 2021. JavaDL: Automatically Incrementalizing Java Bug Pattern Detection. Sep, https://doi.org/10.5281/zenodo.5090140 (artifact, updated after OOPSLA AEC evaluation). Google Scholar
Cross Ref
- Michael Eichberg, Matthias Kahl, Diptikalyan Saha, Mira Mezini, and Klaus Ostermann. 2007. Automatic incrementalization of prolog based static analyses. In International Symposium on Practical Aspects of Declarative Languages. 109–123. https://doi.org/10.1007/978-3-540-69611-7_7 Google Scholar
Digital Library
- Torbjörn Ekman and Görel Hedin. 2007. The JastAdd Extensible Java Compiler. SIGPLAN Not., 42, 10 (2007), Oct., 1–18. issn:0362-1340 https://doi.org/10.1145/1297105.1297029 Google Scholar
Digital Library
- Henry Falconer, Paul H. J. Kelly, David M. Ingram, Michael R. Mellor, Tony Field, and Olav Beckmann. 2007. A Declarative Framework for Analysis and Optimization. In Compiler Construction, Shriram Krishnamurthi and Martin Odersky (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 218–232. isbn:978-3-540-71229-9 https://doi.org/10.1007/978-3-540-71229-9_15 Google Scholar
Cross Ref
- Stephen Fink and Julian Dolby. 2012. WALA–The TJ Watson Libraries for Analysis.Google Scholar
- Bernd Fischer and Eelco Visser. 2004. Retrofitting the AutoBayes Program Synthesis System with Concrete Syntax. Springer Berlin Heidelberg, Berlin, Heidelberg. 239–253. isbn:978-3-540-25935-0 https://doi.org/10.1007/978-3-540-25935-0_14 Google Scholar
Cross Ref
- Radu Grigore. 2017. Java Generics are Turing Complete. ACM SIGPLAN Notices, 52, 1 (2017), 73–85. https://doi.org/10.1145/3093333.3009871 Google Scholar
Digital Library
- Ashish Gupta, Inderpal Singh Mumick, and Venkatramanan Siva Subrahmanian. 1993. Maintaining views incrementally. ACM SIGMOD Record, 22, 2 (1993), 157–166.Google Scholar
Digital Library
- Andrew Habib and Michael Pradel. 2018. How Many of All Bugs Do We Find? A Study of Static Bug Detectors. In Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering. 317–328. https://doi.org/10.1145/3238147.3238213 Google Scholar
Digital Library
- Görel Hedin and Eva Magnusson. 2003. JastAdd: An Aspect-oriented Compiler Construction System. Sci. Comput. Program., 47, 1 (2003), April, 37–58. issn:0167-6423 https://doi.org/10.1016/S0167-6423(02)00109-0 Google Scholar
Digital Library
- Dominik Helm, Florian Kübler, Michael Reif, Michael Eichberg, and Mira Mezini. 2020. Modular Collaborative Program Analysis in OPAL. In Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2020). Association for Computing Machinery, New York, NY, USA. 184–196. isbn:9781450370431 https://doi.org/10.1145/3368089.3409765 Google Scholar
Digital Library
- Kihong Heo, Mukund Raghothaman, Xujie Si, and Mayur Naik. 2019. Continuously reasoning about programs using differential Bayesian inference. In Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2019, Phoenix, AZ, USA, June 22-26, 2019, Kathryn S. McKinley and Kathleen Fisher (Eds.). ACM, 561–575. https://doi.org/10.1145/3314221.3314616 Google Scholar
Digital Library
- Shan Shan Huang, David Zook, and Yannis Smaragdakis. 2008. Domain-Specific Languages and Program Generation with Meta-AspectJ. ACM Trans. Softw. Eng. Methodol., 18, 2 (2008), Article 6, Nov., 32 pages. issn:1049-331X https://doi.org/10.1145/1416563.1416566 Google Scholar
Digital Library
- N. Immerman. 1999. Descriptive Complexity. Springer New York. isbn:9780387986005 lccn:lc98033563 http://books.google.de/books?id=kWSZ0OWnupkCGoogle Scholar
- Doug Janzen and Kris De Volder. 2003. Navigating and querying code without getting lost. In Proceedings of the 2nd international conference on Aspect-oriented software development. 178–187.Google Scholar
Digital Library
- René Just, Darioush Jalali, and Michael D Ernst. 2014. Defects4J: A database of existing faults to enable controlled testing studies for Java programs. In Proceedings of the 2014 International Symposium on Software Testing and Analysis. 437–440. https://doi.org/10.1145/2610384.2628055 Google Scholar
Digital Library
- Ted Kaminski, Lucas Kramer, Travis Carlson, and Eric Van Wyk. 2017. Reliable and automatic composition of language extensions to C: the ableC extensible language framework. Proceedings of the ACM on Programming Languages, 1, OOPSLA (2017), 1–29. https://doi.org/10.1145/3138224 Google Scholar
Digital Library
- Lennart C.L. Kats, Martin Bravenboer, and Eelco Visser. 2008. Mixing Source and Bytecode: A Case for Compilation by Normalization. SIGPLAN Not., 43, 10 (2008), Oct., 91–108. issn:0362-1340 https://doi.org/10.1145/1449955.1449772 Google Scholar
Digital Library
- Lennart C. L. Kats, Karl T. Kalleberg, and Eelco Visser. 2011. Interactive Disambiguation of Meta Programs with Concrete Object Syntax. In Software Language Engineering, Brian Malloy, Steffen Staab, and Mark van den Brand (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 327–336. isbn:978-3-642-19440-5 https://doi.org/10.1007/978-3-642-19440-5_22 Google Scholar
Cross Ref
- Donald E. Knuth. 1968. Semantics of context-free languages. Theory of Computing Systems, 2, 2 (1968), 1 June, 127–145. https://doi.org/10.1007/BF01692511 Google Scholar
Cross Ref
- Ondřej Lhoták and Laurie Hendren. 2004. Jedd: a BDD-based relational extension of Java. ACM SIGPLAN Notices, 39, 6 (2004), 158–169. https://doi.org/10.1145/996893.996861 Google Scholar
Digital Library
- Yue Li, Tian Tan, and Jingling Xue. 2019. Understanding and Analyzing Java Reflection. ACM Trans. Softw. Eng. Methodol., 28, 2 (2019), Article 7, Feb., 50 pages. issn:1049-331X https://doi.org/10.1145/3295739 Google Scholar
Digital Library
- Magnus Madsen, Ming-Ho Yee, and Ondřej Lhoták. 2016. From Datalog to Flix: a Declarative Language for Fixed Points on Lattices. ACM SIGPLAN Notices, 51, 6 (2016), 194–208. https://doi.org/10.1145/2980983.2908096 Google Scholar
Digital Library
- Michael Martin, Benjamin Livshits, and Monica S. Lam. 2005. Finding Application Errors and Security Flaws Using PQL: A Program Query Language. In Proceedings of the 20th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA ’05). Association for Computing Machinery, New York, NY, USA. 365–383. isbn:1595930310 https://doi.org/10.1145/1094811.1094840 Google Scholar
Digital Library
- Johannes Mey, René Schöne, Görel Hedin, Emma Söderberg, Thomas Kühn, Niklas Fors, Jesper Öqvist, and Uwe Aß mann. 2018. Continuous model validation using reference attribute grammars. In Proceedings of the 11th ACM SIGPLAN International Conference on Software Language Engineering. 70–82. https://doi.org/10.1145/3276604.3276616 Google Scholar
Digital Library
- Krishna Narasimhan, Christoph Reichenbach, and Julia Lawall. 2018. Cleaning up copy–paste clones with interactive merging. Automated Software Engineering, 25, 3 (2018), 01 Sep, 627–673. issn:1573-7535 https://doi.org/10.1007/s10515-018-0238-5 Google Scholar
Digital Library
- Peter O’Hearn. 2019. Separation logic. Commun. ACM, 62, 2 (2019), 86–95.Google Scholar
Digital Library
- Jesper Öqvist and Görel Hedin. 2013. Extending the JastAdd extensible Java compiler to Java 7. In Proceedings of the 2013 International Conference on Principles and Practices of Programming on the Java Platform: Virtual Machines, Languages, and Tools. 147–152. https://doi.org/10.1145/2500828.2500843 Google Scholar
Digital Library
- Jesper Öqvist and Görel Hedin. 2017. Concurrent circular reference attribute grammars. In Proceedings of the 10th ACM SIGPLAN International Conference on Software Language Engineering. 151–162. https://doi.org/10.1145/3136014.3136032 Google Scholar
Digital Library
- Renaud Pawlak, Martin Monperrus, Nicolas Petitprez, Carlos Noguera, and Lionel Seinturier. 2016. Spoon: A library for implementing analyses and transformations of java source code. Software: Practice and Experience, 46, 9 (2016), 1155–1179. https://doi.org/10.1002/spe.2346 Google Scholar
Digital Library
- Mukund Raghothaman, Sulekha Kulkarni, Kihong Heo, and Mayur Naik. 2018. User-guided program reasoning using Bayesian inference. In Proceedings of the 39th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2018, Philadelphia, PA, USA, June 18-22, 2018, Jeffrey S. Foster and Dan Grossman (Eds.). ACM, 722–735. https://doi.org/10.1145/3192366.3192417 Google Scholar
Digital Library
- Christoph Reichenbach. 2021. Software Ticks Need No Specifications. In Proceedings of the 43rd International Conference on Software Engineering: New Ideas and Emerging Results Track. IEEE - Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICSE-NIER52604.2021.00021 43rd International Conference on Software Engineering: Software Engineering in Practice, ICSE 2021 ; Conference date: 23-05-2021 Through 29-05-2021. Google Scholar
Digital Library
- Thomas Reps, Susan Horwitz, and Mooly Sagiv. 1995. Precise interprocedural dataflow analysis via graph reachability. In Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages. 49–61. https://doi.org/10.1145/199448.199462 Google Scholar
Digital Library
- Thomas W Reps. 1995. Demand interprocedural program analysis using logic databases. In Applications of Logic Databases. Springer, 163–196. https://doi.org/10.1007/978-1-4615-2207-2_8 Google Scholar
Cross Ref
- J.C. Reynolds. 2002. Separation logic: a logic for shared mutable data structures. In Proceedings 17th Annual IEEE Symposium on Logic in Computer Science. 55–74. https://doi.org/10.1109/LICS.2002.1029817 Google Scholar
Cross Ref
- Idriss Riouak, Christoph Reichenbach, Görel Hedin, and Niklas Fors. 2021. A Precise Framework for Source-Level Control-Flow Analysis. In 21st IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2021. IEEE Computer Society.Google Scholar
Cross Ref
- Caitlin Sadowski, Jeffrey van Gogh, Ciera Jaspan, Emma Söderberg, and Collin Winter. 2015. Tricorder: Building a Program Analysis Ecosystem. In International Conference on Software Engineering (ICSE). https://doi.org/10.1109/ICSE.2015.76 Google Scholar
Cross Ref
- Bernhard Scholz, Herbert Jordan, Pavle Subotić, and Till Westmann. 2016. On Fast Large-scale Program Analysis in Datalog. In Proceedings of the 25th Int. Conf. on Compiler Construction (CC 2016). ACM, New York, NY, USA. 196–206. isbn:978-1-4503-4241-4 https://doi.org/10.1145/2892208.2892226 Google Scholar
Digital Library
- Elizabeth Scott. 2008. SPPF-style parsing from Earley recognisers. Electronic Notes in Theoretical Computer Science, 203, 2 (2008), 53–67. https://doi.org/10.1016/j.entcs.2008.03.044 Google Scholar
Digital Library
- Emma Söderberg, Torbjörn Ekman, Görel Hedin, and Eva Magnusson. 2013. Extensible intraprocedural flow analysis at the abstract syntax tree level. Science of Computer Programming, 78, 10 (2013), 1809 – 1827. issn:0167-6423 https://doi.org/10.1016/j.scico.2012.02.002 Google Scholar
Digital Library
- Emma Söderberg and Görel Hedin. 2011. Automated Selective Caching for Reference Attribute Grammars. In Software Language Engineering, Brian Malloy, Steffen Staab, and Mark van den Brand (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 2–21. isbn:978-3-642-19440-5 https://doi.org/10.1007/978-3-642-19440-5_2 Google Scholar
Cross Ref
- Emma Söderberg and Görel Hedin. 2012. Incremental Evaluation of Reference Attribute Grammars using Dynamic Dependency Tracking. Lund University. LU-CS-TR:2012-249, ISSN 1404-1200.Google Scholar
- 2021. SpotBugs 4.4.1 Bug Descriptions. https://spotbugs.readthedocs.io/en/stable/bugDescriptions.htmlGoogle Scholar
- Tamás Szabó, Gábor Bergmann, Sebastian Erdweg, and Markus Voelter. 2018. Incrementalizing Lattice-Based Program Analyses in Datalog. Proc. ACM Program. Lang., 2, OOPSLA (2018), Article 139, Oct., 29 pages. https://doi.org/10.1145/3276509 Google Scholar
Digital Library
- J. D. Ullman. 1989. Bottom-up Beats Top-down for Datalog. In Proceedings of the Eighth ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems (PODS ’89). Association for Computing Machinery, New York, NY, USA. 140–149. isbn:0897913086Google Scholar
Digital Library
- Raja Vallée-Rai, Phong Co, Etienne Gagnon, Laurie Hendren, Patrick Lam, and Vijay Sundaresan. 2010. Soot: A Java Bytecode Optimization Framework. In CASCON First Decade High Impact Papers (CASCON ’10). IBM Corp., Riverton, NJ, USA. 214–224. https://doi.org/10.1145/1925805.1925818 Google Scholar
Digital Library
- Eric Van Wyk, Derek Bodin, Jimin Gao, and Lijesh Krishnan. 2010. Silver: an Extensible Attribute Grammar System. Science of Computer Programming, 75, 1–2 (2010), January, 39–54. https://doi.org/10.1016/j.scico.2009.07.004 Google Scholar
Digital Library
- Carmine Vassallo, Sebastiano Panichella, Fabio Palomba, Sebastian Proksch, Harald C. Gall, and Andy Zaidman. 2020. How developers engage with static analysis tools in different contexts. Empirical Software Engineering, 25 (2020), 1419–1457. https://doi.org/10.1007/s10664-019-09750-5 Google Scholar
- Eelco Visser. 2002. Meta-Programming with Concrete Object Syntax. In Proceedings of the 1st ACM SIGPLAN/SIGSOFT Conference on Generative Programming and Component Engineering (GPCE ’02). Springer-Verlag, Berlin, Heidelberg. 299–315. isbn:3540442847 https://doi.org/10.1007/3-540-45821-2_19 Google Scholar
Cross Ref
- Harald Vogt, S. Doaitse Swierstra, and Matthijs F. Kuiper. 1989. Higher-Order Attribute Grammars. In Proceedings of the ACM SIGPLAN’89 Conference on Programming Language Design and Implementation (PLDI). 131–145. https://doi.org/10.1145/73141.74830 Google Scholar
Digital Library
- David Zhao, Pavle Subotić, and Bernhard Scholz. 2020. Debugging Large-scale Datalog: A Scalable Provenance Evaluation Strategy. ACM Transactions on Programming Languages and Systems (TOPLAS), 42, 2 (2020), 1–35. https://doi.org/10.1145/3379446 Google Scholar
Digital Library
Index Terms
JavaDL: automatically incrementalizing Java bug pattern detection
Recommendations
Toward an understanding of bug fix patterns
Twenty-seven automatically extractable bug fix patterns are defined using the syntax components and context of the source code involved in bug fix changes. Bug fix patterns are extracted from the configuration management repositories of seven open ...
Context-sensitive detection of information exposure bugs with symbolic execution
InnoSWDev 2014: Proceedings of the International Workshop on Innovative Software Development Methodologies and PracticesStatic analysis tools used for detecting information exposure bugs can help software engineers detecting bugs without introducing run-time overhead. Such tools can make the detection of information-flow bugs faster and cheaper without having to provide ...
Analytical Study on Bug Triaging Practices
Software bugs are inevitable and fixing these bugs is a difficult and time consuming task. Bug report assignment is the activity of designating a developer who makes source code changes in order to fix the bug. Many bug assignment techniques have been ...






Comments