FSE 2016 – Author Index |
Contents -
Abstracts -
Authors
|
Barik, Titus |
FSE '16-SRC: "How Should Static Analysis ..."
How Should Static Analysis Tools Explain Anomalies to Developers?
Titus Barik (North Carolina State University, USA) Despite the advanced static analysis tools available within modern integrated development environments (IDEs), the error messages these tools produce remain perplexing for developers to comprehend. This research postulates that tools can computationally expose their internal reasoning processes to generate assistive error explanations that more closely align with how developers explain errors to themselves. @InProceedings{FSE16p1118, author = {Titus Barik}, title = {How Should Static Analysis Tools Explain Anomalies to Developers?}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1118--1120}, doi = {}, year = {2016}, } |
|
Cheng, Xi |
FSE '16-SRC: "RABIEF: Range Analysis Based ..."
RABIEF: Range Analysis Based Integer Error Fixing
Xi Cheng (Tsinghua University, China) C language has complicated semantics for integers. Integer errors lead to serious software failures or exploitable vulnerabilities while they are harbored in various real-world programs. It is labor-intensive and error-prone to manually address integer errors. The usability of existing automated techniques is generally poor, as they heavily rely on external specifications or simply transform bugs into crash. We propose RABIEF, a novel and fully automatic approach to fix C integer errors based on range analysis. RABIEF is inspired by the following insights: (1) fixes for various integer errors have typical patterns including sanitization, explicit cast and declared type alteration; (2) range analysis provides sound basis for error detection and guides fix generation. We implemented RABIEF into a tool Argyi. Its effectiveness and efficiency have been substantiated by the facts that: (1) Argyi succeeds in fixing 93.9% of 5414 integer bugs from Juliet test suite, scaling to 600 KLOC within 5500 seconds; (2) Argyi is confirmed to correctly fix 20 errors from 4 real-world programs within only 240 seconds. @InProceedings{FSE16p1094, author = {Xi Cheng}, title = {RABIEF: Range Analysis Based Integer Error Fixing}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1094--1096}, doi = {}, year = {2016}, } |
|
Costa, Catarina |
FSE '16-SRC: "Identifying Participants for ..."
Identifying Participants for Collaborative Merge
Catarina Costa (Federal Fluminense University, Brazil) Software development is typically a collaborative activity. Development in large projects often involves branches, where changes are performed in parallel and merged periodically. While, there is no consensus on who should perform the merge, team members typically try to find someone with enough knowledge about the changes in the branches. This task can be difficult in cases where many different developers have made significant changes. My research proposes an approach, TIPMerge, to help select the most appropriate developers to participate in a collaborative merge session, such that we maximize the knowledge spread across changes. The goal of this research is to select a specified number of developers with the highest joint coverage. We use an optimization algorithm to find which developers form the best team together to deal with a specific merge case. We have implemented all the steps of our approach and evaluate parts of them. @InProceedings{FSE16p1100, author = {Catarina Costa}, title = {Identifying Participants for Collaborative Merge}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1100--1102}, doi = {}, year = {2016}, } |
|
Gullapalli, Sachith |
FSE '16-SRC: "Atlas: An Intelligent, Performant ..."
Atlas: An Intelligent, Performant Framework for Web-Based Grid Computing
Sachith Gullapalli (Yale University, USA) This paper presents Atlas, a distributed computing system that allows for collaboration over Internet browsers. It allows users to donate the wasted processing power from their Internet-connected machines to help researchers and companies compute difficult tasks. The platform aims at maintaining similar speeds to available cloud computing services while running these tasks, while doing so at a lower cost. In order to do so, Atlas minimizes the amount of time needed per computation and intelligently distributes jobs by utilizing user browsing patterns. Benchmarks demonstrate that Atlas may be a viable alternative to traditional parallel platforms. @InProceedings{FSE16p1154, author = {Sachith Gullapalli}, title = {Atlas: An Intelligent, Performant Framework for Web-Based Grid Computing}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1154--1156}, doi = {}, year = {2016}, } |
|
Guo, Xinrui |
FSE '16-SRC: "SmartDebug: An Interactive ..."
SmartDebug: An Interactive Debug Assistant for Java
Xinrui Guo (Tsinghua University, China) Debugging has long been recognized as one of the most labour- and time- consuming activities in software development. Recent research on automated debugging tries to facilitate this process by automatically generating patches for buggy programs so that they pass a predefined test suite. Despite the promising experimental results, several major obstacles emerge when we apply these techniques in active coding process. Inadequate test cases, multiple errors in one program and possible bug categories overlooked by existing fix generation search spaces impede these techniques to perform at their best. To overcome these obstacles, we designed an interactive usage paradigm that allows a developer to characterize his or her judgments of program running state and utilize such information to guide the fix generation process. We implemented a prototype of this design, an Eclipse plugin called SmartDebug as a debug assistant for Java programs. Experiment results show that SmartDebug helped to debug 15 out of 25 buggy programs successfully. All programs contain less than 3 test cases. In 14 programs it accelerated the debugging process compared to pure human debugging, while one of which contains 2 buggy statements. This indicates that the proposed usage paradigm is capable of facilitating the debugging process in active coding process. @InProceedings{FSE16p1127, author = {Xinrui Guo}, title = {SmartDebug: An Interactive Debug Assistant for Java}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1127--1129}, doi = {}, year = {2016}, } |
|
Head, Andrew |
FSE '16-SRC: "Social Health Cues Developers ..."
Social Health Cues Developers Use when Choosing Open Source Packages
Andrew Head (University of California at Berkeley, USA) Developers choose open source packages from many alternatives. One increasingly important factor when choosing a package is its "social health", or a developer’s ability to get help on communication channels. We conduct a study to understand how developers learn about the social health of open source packages before using them. We offer preliminary results of the cues developers find. @InProceedings{FSE16p1133, author = {Andrew Head}, title = {Social Health Cues Developers Use when Choosing Open Source Packages}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1133--1135}, doi = {}, year = {2016}, } |
|
Huang, Waylon |
FSE '16-SRC: "Discovering Additional Violations ..."
Discovering Additional Violations of Java API Invariants
Waylon Huang (University of Washington, USA) In the absence of formal specifications or test oracles, automating testing is made possible by the fact that a program must satisfy certain requirements set down by the programming language. This work describes Randoop, an automatic unit test generator which checks for invariants specified by the Java API. Randoop is able to detect violations to invariants as specified by the Java API and create error tests that reveal related bugs. Randoop is also able to produce regression tests, meant to be added to regression test suites, that capture expected behavior. We discuss additional extensions that we have made to Randoop which expands its capability for the detection of violation of specified invariants. We also examine an optimization and a heuristic for making the invariant checking process more efficient. @InProceedings{FSE16p1145, author = {Waylon Huang}, title = {Discovering Additional Violations of Java API Invariants}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1145--1147}, doi = {}, year = {2016}, } |
|
Kappler, Sebastian |
FSE '16-SRC: "Finding and Breaking Test ..."
Finding and Breaking Test Dependencies to Speed Up Test Execution
Sebastian Kappler (Saarland University, Germany) Software testing takes up the major part of the build time, which hinders developers' ability to promptly identify and fix problems. Test parallelization is an effective means to speed up test executions, hence improving software development. Effective and sound test parallelization requires that tests are independent or that test dependencies are known in advance. However, current techniques to detect test dependencies are either precise but slow, or fast but inaccurate. Further, available algorithms for test parallelization either over-constraint test executions, which reduces their level of parallelism, or re-execute the same tests multiple times, which increases the execution effort. This research addresses both sides of the problem of speeding up test execution: it aims to devise a practical test detection technique that can suitably balance efficiency and accuracy, and develop a novel technique to break test dependencies which allows both sound and efficient test executions. @InProceedings{FSE16p1136, author = {Sebastian Kappler}, title = {Finding and Breaking Test Dependencies to Speed Up Test Execution}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1136--1138}, doi = {}, year = {2016}, } |
|
Kellogg, Martin |
FSE '16-SRC: "Combining Bug Detection and ..."
Combining Bug Detection and Test Case Generation
Martin Kellogg (University of Washington, USA) Detecting bugs in software is an important software engineering activity. Static bug finding tools can assist in detecting bugs automatically, but they suffer from high false positive rates. Automatic test generation tools can generate test cases which can find bugs, but they suffer from an oracle problem. We present N-Prog, a hybrid of the two approaches. N-Prog iteratively presents the developer an interesting, real input/output pair. The developer either classifies it as a bug (when the output is incorrect) or adds it to the regression test suite (when the output is correct). N-Prog selects input/output pairs whose input produces different output on a mutated version of the program which passes the test suite of the original. In initial experiments, N-Prog detected bugs and rediscovered test cases that had been removed from a test suite. @InProceedings{FSE16p1124, author = {Martin Kellogg}, title = {Combining Bug Detection and Test Case Generation}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1124--1126}, doi = {}, year = {2016}, } |
|
Lam, Wing |
FSE '16-SRC: "Repairing Test Dependence ..."
Repairing Test Dependence
Wing Lam (University of Illinois at Urbana-Champaign, USA) In a test suite, all the tests should be independent: no test should affect another test’s result, and running the tests in any order should yield the same test results. The assumption of such test independence is important so that tests behave consistently as designed. However, this critical assumption often does not hold in practice due to test dependence. Test dependence causes two serious problems: a dependent test may spuriously fail even when the software is correct (a false positive alarm), or it may spuriously pass even when a bug exists in the software (a false negative). Existing approaches to cope with test dependence require tests to be executed in a given order or for each test to be executed in a separate virtual machine. This paper presents an approach that can automatically repair test dependence so that each test in a suite yields the same result regardless of their execution order. At compile time, the approach refactors code under test and test code to eliminate test dependence and prevent spurious test successes or failures. We develop a prototype of our approach to handle one of the most common causes of test dependence and evaluate the prototype on five subject programs. In our experimental evaluation, our prototype is capable of eliminating up to 12.5% of the test dependence in the subject programs. @InProceedings{FSE16p1121, author = {Wing Lam}, title = {Repairing Test Dependence}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1121--1123}, doi = {}, year = {2016}, } |
|
Loncaric, Calvin |
FSE '16-SRC: "Cozy: Synthesizing Collection ..."
Cozy: Synthesizing Collection Data Structures
Calvin Loncaric (University of Washington, USA) Many applications require specialized data structures not found in standard libraries. Implementing new data structures by hand is tedious and error-prone. To alleviate this difficulty, we built a tool called Cozy that synthesizes data structures using counter-example guided inductive synthesis. We evaluate Cozy by showing how its synthesized implementations compare to handwritten implementations in terms of correctness and performance across four real-world programs. Cozy's data structures match the performance of the handwritten implementations while avoiding human error. @InProceedings{FSE16p1103, author = {Calvin Loncaric}, title = {Cozy: Synthesizing Collection Data Structures}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1103--1105}, doi = {}, year = {2016}, } |
|
Luo, Qi |
FSE '16-SRC: "Automatic Performance Testing ..."
Automatic Performance Testing using Input-Sensitive Profiling
Qi Luo (College of William and Mary, USA) During performance testing, software engineers commonly perform application profiling to analyze an application's execution traces with different inputs to understand the performance behaviors, such as the time and space consumption. However, a non-trivial application commonly has a large number of input data, and it is mostly manual to identify the specific inputs leading to performance bottlenecks. Thus, it is challenge is to automate application profiling and find these specific inputs. To solve these problems, we propose novel approaches, namely FOREPOST, GA-Prof and PerfImpact, which automatically profile applications for finding the specific combinations of inputs triggering performance bottlenecks, and further analyze the corresponding execution traces to identify problematic methods. Specially, our approaches work in two different types of real-world scenarios of performance testing: i) a single-version scenario, in which performance bottlenecks are detected in a single software release, and ii) a two-version scenario, in which code changes responsible for performance regressions are detected by considering two consecutive software releases. @InProceedings{FSE16p1139, author = {Qi Luo}, title = {Automatic Performance Testing using Input-Sensitive Profiling}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1139--1141}, doi = {}, year = {2016}, } |
|
Mackie, Christopher A. |
FSE '16-SRC: "Preventing Signedness Errors ..."
Preventing Signedness Errors in Numerical Computations in Java
Christopher A. Mackie (University of Washington, USA) We have developed and implemented a type system, the Signedness Type System, that captures usage of signed and unsigned integers in Java programs. This type system enables developers to detect errors regarding unsigned integers at compile time, and guarantees that such errors cannot occur at run time. In a case study. our type system proved easy to use and detected a previously unknown bug. Our type system is implemented as the Signedness Checker and will be available with the Checker Framework (http://CheckerFramework.org/). @InProceedings{FSE16p1148, author = {Christopher A. Mackie}, title = {Preventing Signedness Errors in Numerical Computations in Java}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1148--1150}, doi = {}, year = {2016}, } |
|
Meng, Xiaozhu |
FSE '16-SRC: "Fine-Grained Binary Code Authorship ..."
Fine-Grained Binary Code Authorship Identification
Xiaozhu Meng (University of Wisconsin-Madison, USA) Binary code authorship identification is the task of determining the authors of a piece of binary code from a set of known authors. Modern software often contains code from multiple authors. However, existing techniques assume that each program binary is written by a single author. We present a new finer-grained technique to the tougher problem of determining the author of each basic block. Our evaluation shows that our new technique can discriminate the author of a basic block with 52% accuracy among 282 authors, as opposed to 0.4% accuracy by random guess, and it provides a practical solution for identifying multiple authors in software. @InProceedings{FSE16p1097, author = {Xiaozhu Meng}, title = {Fine-Grained Binary Code Authorship Identification}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1097--1099}, doi = {}, year = {2016}, } |
|
Monteiro, Felipe R. |
FSE '16-SRC: "Bounded Model Checking of ..."
Bounded Model Checking of State-Space Digital Systems: The Impact of Finite Word-Length Effects on the Implementation of Fixed-Point Digital Controllers Based on State-Space Modeling
Felipe R. Monteiro (Federal University of Amazonas, Brazil) The extensive use of digital controllers demands a growing effort to prevent design errors that appear due to finite-word length (FWL) effects. However, there is still a gap, regarding verification tools and methodologies to check implementation aspects of control systems. Thus, the present paper describes an approach, which employs bounded model checking (BMC) techniques, to verify fixed-point digital controllers represented by state-space equations. The experimental results demonstrate the sensitivity of such systems to FWL effects and the effectiveness of the proposed approach to detect them. To the best of my knowledge, this is the first contribution tackling formal verification through BMC of fixed-point state-space digital controllers. @InProceedings{FSE16p1151, author = {Felipe R. Monteiro}, title = {Bounded Model Checking of State-Space Digital Systems: The Impact of Finite Word-Length Effects on the Implementation of Fixed-Point Digital Controllers Based on State-Space Modeling}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1151--1153}, doi = {}, year = {2016}, } Info |
|
Nandi, Chandrakana |
FSE '16-SRC: "Automatic Trigger Generation ..."
Automatic Trigger Generation for End User Written Rules for Home Automation
Chandrakana Nandi (University of Washington, USA) To customize the behavior of a smart home, an end user writes rules. When an external event satisfies a rule's trigger, the rule's action executes; for example, when the temperature is above a certain threshold, then window awnings might be extended. End users often write incorrect rules. This paper's technique prevents a certain category of errors in the rules: errors due to too few triggers. It statically analyzes a rule's actions to automatically determine a set of necessary and sufficient triggers. We implemented the technique in a tool called TrigGen and tested it on 96 end-user written rules for openHAB, an open-source home automation platform. It identified that 80% of the rules had fewer triggers than required for correct behavior. The missing triggers could lead to unexpected behavior and security vulnerabilities in a smart home. @InProceedings{FSE16p1109, author = {Chandrakana Nandi}, title = {Automatic Trigger Generation for End User Written Rules for Home Automation}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1109--1111}, doi = {}, year = {2016}, } |
|
Pearson, Spencer |
FSE '16-SRC: "Evaluation of Fault Localization ..."
Evaluation of Fault Localization Techniques
Spencer Pearson (University of Washington, USA) Fault localization (FL) takes as input a faulty program and produces as output a list of code locations ranked by probability of being defective. A programmer doing debugging, or a program repair tool, could save time by focusing on the most suspicious locations. Researchers evaluate new FL techniques on programs with known faults, and score a technique based on where in its list the actual defect appears. This enables comparison of multiple FL techniques to determine which one is best. Previous research has primarily evaluated FL techniques using artificial faults, generated either by hand or automatically. Other prior work has shown that artificial faults have both similarities to and differences from real faults; given this, it is not obvious that the techniques that perform best on artificial faults will also perform best on real faults. This work compares 7 previously-studied FL techniques, both on artificial faults (as a replication study) and on real faults (to validate the assumption that artificial faults are useful proxies for real faults for comparisons of FL techniques). Our replication largely agreed with prior work, but artificial faults were not useful for predicting which FL techniques perform best on real faults. We also studied which characteristics make FL techniques perform well on real faults. We identified a design space that includes those 7 previously-studied FL techniques as well as 149 new ones, and determined which decisions were most important in designing a new technique. @InProceedings{FSE16p1115, author = {Spencer Pearson}, title = {Evaluation of Fault Localization Techniques}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1115--1117}, doi = {}, year = {2016}, } |
|
Quan, Minghui |
FSE '16-SRC: "Hotspot Symbolic Execution ..."
Hotspot Symbolic Execution of Floating-Point Programs
Minghui Quan (National University of Defense Technology, China) This paper presents hotspot symbolic execution (HSE) to scale the symbolic execution of floating-point programs. The essential idea of HSE is to (1) explore the paths of some functions (called hotspot functions) in priority, and (2) divide the paths of a hotspot function into different equivalence classes, and explore as fewer path as possible inside the function while ensuring the coverage of all the classes. We have implemented HSE on KLEE and carried out extensive experiments on all 5528 functions in GNU Scientific Library (GSL). The experimental results demonstrate the effectiveness and efficiency of HSE. Compared with the baseline, HSE detects >12 times of exceptions in 30 minutes. @InProceedings{FSE16p1112, author = {Minghui Quan}, title = {Hotspot Symbolic Execution of Floating-Point Programs}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1112--1114}, doi = {}, year = {2016}, } |
|
Santino, Joseph |
FSE '16-SRC: "Enforcing Correct Array Indexes ..."
Enforcing Correct Array Indexes with a Type System
Joseph Santino (University of Washington, USA) We have built the Index Checker, a type checker that issues warnings about array, list, and string accesses that are potentially unsafe. An example is shown in Figure 1. As with any sound tool, some of its warnings may be false positives. If the Index Checker issues no warning, then the programmer is guaranteed that no array access will cause an IndexOutOfBoundsException at run time (modulo suppressed warnings and unchecked code). The Index Checker ships with knowledge of Java APIs. The developer can optionally write a few type annotations in the program to make the Index Checker more precise. Our system includes five new type qualifiers, defined in Figure 2, that can be applied to integral types such as Java int. These are dependent types that indicate the relationship between the int and given arrays. Figures 3 and 4 show the relationship among these type qualifiers. The type system also contains a type qualifier for arrays, @MinLen, which is a lower bound on its length and permits use of literal integers to access the array or to construct a new array. The Index Checker is built upon the Checker Framework (http://CheckerFramework.org/). @InProceedings{FSE16p1142, author = {Joseph Santino}, title = {Enforcing Correct Array Indexes with a Type System}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1142--1144}, doi = {}, year = {2016}, } |
|
Wang, Jie |
FSE '16-SRC: "Constraint-Based Event Trace ..."
Constraint-Based Event Trace Reduction
Jie Wang (University of Chinese Academy of Sciences, China) Various record-replay techniques are developed to facilitate web application debugging. However, it is time-consuming to inspect all recorded events that reveal a failure. To reduce the cost of debugging, delta-debugging and program slicing are used to remove failure-irrelevant events. However, delta-debugging does not scale well for long traces, and program slicing fails to remove irrelevant events that the failure has program dependence on. In this paper, we propose an effective and efficient approach to remove failure-irrelevant events from the event trace. Our approach builds constraints among events and the failure (e.g., a variable can read any of its earlier type-compatible values), to search for a minimal event trace that satisfies these constraints. Our evaluation on 10 real-world web applications shows that our approach can further remove 70% of events in the reduced trace of dynamic slicing, and needs 80% less iterations and 86% less time than delta-debugging. @InProceedings{FSE16p1106, author = {Jie Wang}, title = {Constraint-Based Event Trace Reduction}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1106--1108}, doi = {}, year = {2016}, } |
|
Xiaofei, Xie |
FSE '16-SRC: "Static Loop Analysis and Its ..."
Static Loop Analysis and Its Applications
Xie Xiaofei (Tianjin University, China) Loops are challenging structures in program analysis, and an effective loop analysis is crucial in the applications, such as symbolic execution and program verification. In the research, we will first perform a deep analysis and propose a classification according to the complexity of the loops. Then try to propose techniques for analyzing and summarizing different loops. At last, we apply the techniques in multiple applications. @InProceedings{FSE16p1130, author = {Xie Xiaofei}, title = {Static Loop Analysis and Its Applications}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1130--1132}, doi = {}, year = {2016}, } |
|
Zanjani, Motahareh Bahrami |
FSE '16-SRC: "Effective Assignment and Assistance ..."
Effective Assignment and Assistance to Software Developers and Reviewers
Motahareh Bahrami Zanjani (Wichita State University, USA) Human reliance and dominance are ubiquitous in sustaining a high-quality large software system. Automatically assigning the right solution providers to the maintenance task at hand is arguably as important as providing the right tool support for it, especially in the far too commonly found state of inadequate or obsolete documentation of large-scale software systems. Two maintenance tasks related to assignment and assistance to software developers and reviewers are addressed, and solutions are proposed. The key insight behind these proposed solutions is the analysis and use of micro-levels of human-to-code and human-to-human interactions (eg., code review). We analyzed code reviews that are managed by Gerrit and found different markers of developer expertise associated with the source code changes and their acceptance, time line, and human roles and feedback involved in the reviews. We formed a developer-expertise model from these markers and showed its application in bug triaging. Specifically, we derived a developer recommendation approach for an incoming change request, named rDevX , from this expertise model. Additionally, we present an approach, namely cHRev, to automatically recommend reviewers who are best suited to participate in a given review, based on their historical contributions as demonstrated in their prior reviews. Furthermore, a comparative study on other previous approaches for developer recommendation and reviewer recommendation was performed. The metrics recall and MRR were used to measure their quantitative effectiveness. Results show that the proposed approaches outperform the subjected competitors with statistical significance. @InProceedings{FSE16p1091, author = {Motahareh Bahrami Zanjani}, title = {Effective Assignment and Assistance to Software Developers and Reviewers}, booktitle = {Proc.\ FSE}, publisher = {ACM}, pages = {1091--1093}, doi = {}, year = {2016}, } |
22 authors
proc time: 1.25