Finding and preventing run-time error handling mistakes
OOPSLA '04 Proceedings of the 19th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Region analysis and transformation for Java programs
Proceedings of the 4th international symposium on Memory management
Scaling regression testing to large software systems
Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering
A Comparison of Bug Finding Tools for Java
ISSRE '04 Proceedings of the 15th International Symposium on Software Reliability Engineering
Toward Understanding the Rhetoric of Small Source Code Changes
IEEE Transactions on Software Engineering
HATARI: raising risk awareness
Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering
MSR '05 Proceedings of the 2005 international workshop on Mining software repositories
Evaluating and tuning a static analysis to find null pointer bugs
PASTE '05 Proceedings of the 6th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Which warnings should I fix first?
Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
/*icomment: bugs or bad comments?*/
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
The CLOSER: automating resource management in java
Proceedings of the 7th international symposium on Memory management
Typestate-like analysis of multiple interacting objects
Proceedings of the 23rd ACM SIGPLAN conference on Object-oriented programming systems languages and applications
Efficient online validation with delta execution
Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
Toward an understanding of bug fix patterns
Empirical Software Engineering
Inferring Resource Specifications from Natural Language API Documentation
ASE '09 Proceedings of the 2009 IEEE/ACM International Conference on Automated Software Engineering
SAS'03 Proceedings of the 10th international conference on Static analysis
Has the bug really been fixed?
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 1
Effective interprocedural resource leak detection
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 1
Automated Bug Neighborhood Analysis for Identifying Incomplete Bug Fixes
ICST '10 Proceedings of the 2010 Third International Conference on Software Testing, Verification and Validation
Automatic construction of an effective training set for prioritizing static analysis warnings
Proceedings of the IEEE/ACM international conference on Automated software engineering
Principles of Program Analysis
Principles of Program Analysis
Software and Systems Modeling (SoSyM)
Proceedings of the 19th ACM SIGSOFT symposium and the 13th European conference on Foundations of software engineering
Mining temporal specifications for error detection
TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Iterative mining of resource-releasing specifications
ASE '11 Proceedings of the 2011 26th IEEE/ACM International Conference on Automated Software Engineering
An Effective Defect Detection and Warning Prioritization Approach for Resource Leaks
COMPSAC '12 Proceedings of the 2012 IEEE 36th Annual Computer Software and Applications Conference
Hi-index | 0.00 |
Lightweight static bug-detection tools such as FindBugs, PMD, Jlint, and Lint4j detect bugs with the knowledge of generic bug patterns (e.g., objects of java.io.InputStream are not closed in time after used). Besides generic bug patterns, different projects under analysis may have some project-specific bug patterns. For example, in a revision of the Xerces project, the class field "fDTDHandler" is dereferenced without proper null-checks, while it could actually be null at runtime. We name such bug patterns directly related to objects instantiated in specific projects as Project-Specific Bug Patterns (PSBPs). Due to lack of such PSBP knowledge, existing tools usually fail in effectively detecting most of this kind of bugs. We name bugs belonging to the same project and sharing the same PSBP as sibling bugs. If some sibling bugs are fixed in a fix revision but some others remain, we treat such fix as an incomplete fix. To address such incomplete fixes, we propose a PSBP-based approach for detecting sibling bugs and implement a tool called Sibling-Bug Detector (SBD). Given a fix revision, SBD first infers the PSBPs implied by the fix revision. Then, based on the inferred PSBPs, SBD detects their related sibling bugs in the same project. To evaluate SBD, we apply it to seven popular open-source projects. Among the 108 warnings reported by SBD, 63 of them have been confirmed as real bugs by the project developers, while two existing popular static detectors (FindBugs and PMD) cannot report most of them.