SANER 2017
2017 IEEE 24th International Conference on Software Analysis, Evolution, and Reengineering (SANER)
Powered by
Conference Publishing Consulting

2017 IEEE 24th International Conference on Software Analysis, Evolution, and Reengineering (SANER), February 20-24, 2017, Klagenfurt, Austria

SANER 2017 – Proceedings

Contents - Abstracts - Authors

Frontmatter

Title Page


Message from the Chairs
Willkommen, welcome to SANER 2017, the 24th IEEE International Conference on Software Analysis, Evolution, and Reengineering in Klagenfurt, Carinthia, Austria. SANER is the premier conference on the theory & practice of recovering information from existing software systems. It features the newest advances to the state of the art in software analysis, evolution, and reengineering. It also explores innovative methods for extracting the many kinds of information of interest to software developers and it examines innovative ways of using this information in system renovation and program understanding. Since 2015, SANER combines the Working Conference on Reverse Engineering (WCRE) series, i.e., the premier conference series on the theory and practice of recovering information from existing software and systems, and the European Conference on Software Maintenance and Reengineering (CSMR) series, i.e., the premier European conference series on the theory and practice of maintenance, reengineering, and evolution of software systems.

Info
Committees
Committees

Sponsors and Supporters
Sponsors and Supporters


Keynote

UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware (Keynote)
Engin Kirda
(Northeastern University, USA)
Although the concept of ransomware is not new (i.e., such attacks date back at least as far as the 1980s), this type of malware has recently experienced a resurgence in popularity. In fact, in 2014 and 2015, a number of high-profile ransomware attacks were reported, such as the large-scale attack against Sony that prompted the company to delay the release of the film “The Interview”. Ransomware typically operates by locking the desktop of the victim to render the system inaccessible to the user, or by encrypting, overwriting, or deleting the user’s files. However, while many generic malware detection systems have been proposed, none of these systems have attempted to specifically address the ransomware detection problem. In this keynote, I talk about some of the trends we are seeing in ransomware. Then, I present a novel dynamic analysis system called UNVEIL that is specifically designed to detect ransomware. The key insight of the analysis is that in order to mount a successful attack, ransomware must tamper with a user’s files or desktop. UNVEIL automatically generates an artificial user environment, and detects when ransomware interacts with user data. In parallel, the approach tracks changes to the system’s desktop that indicate ransomware-like behavior. Our evaluation shows that UNVEIL significantly improves the state of the art, and is able to identify previously unknown evasive ransomware that was not detected by the anti-malware industry.


Main Research

MSR and Open Source
Wed, Feb 22, 11:00 - 12:30

An Empirical Comparison of Dependency Issues in OSS Packaging Ecosystems
Alexandre Decan, Tom Mens, and Maëlick Claes
(University of Mons, Belgium)
Nearly every popular programming language comes with one or more open source software packaging ecosystem(s), containing a large collection of interdependent software packages developed in that programming language. Such packaging ecosystems are extremely useful for their respective software development community. We present an empirical analysis of how the dependency graphs of three large packaging ecosystems (npm, CRAN and RubyGems) evolve over time. We study how the existing package dependencies impact the resilience of the three ecosystems over time and to which extent these ecosystems suffer from issues related to package dependency updates. We analyse specific solutions that each ecosystem has put into place and argue that none of these solutions is perfect, motivating the need for better tools to deal with package dependency update problems.

Detecting Similar Repositories on GitHub
Yun Zhang, David Lo, Pavneet Singh Kochhar, Xin Xia, Quanlai Li, and Jianling Sun
(Zhejiang University, China; Singapore Management University, Singapore; University of California at Berkeley, USA)
GitHub contains millions of repositories among which many are similar with one another (i.e., having similar source codes or implementing similar functionalities). Finding similar repositories on GitHub can be helpful for software engineers as it can help them reuse source code, build prototypes, identify alternative implementations, explore related projects, find projects to contribute to, and discover code theft and plagiarism. Previous studies have proposed techniques to detect similar applications by analyzing API usage patterns and software tags. However, these prior studies either only make use of a limited source of information or use information not available for projects on GitHub.
In this paper, we propose a novel approach that can effectively detect similar repositories on GitHub. Our approach is designed based on three heuristics leveraging two data sources (i.e., GitHub stars and readme files) which are not considered in previous works. The three heuristics are: repositories whose readme files contain similar contents are likely to be similar with one another, repositories starred by users of similar interests are likely to be similar, and repositories starred together within a short period of time by the same user are likely to be similar. Based on these three heuristics, we compute three relevance scores (i.e., readme-based relevance, stargazer-based relevance, and time-based relevance) to assess the similarity between two repositories. By integrating the three relevance scores, we build a recommendation system called RepoPal to detect similar repositories. We compare RepoPal to a prior state-of-the-art approach CLAN using one thousand Java repositories on GitHub. Our empirical evaluation demonstrates that RepoPal achieves a higher success rate, precision and confidence over CLAN.

Info
Code of Conduct in Open Source Projects
Parastou Tourani, Bram Adams, and Alexander Serebrenik
(Polytechnique Montréal, Canada; Eindhoven University of Technology, Netherlands)
Open source projects rely on collaboration of members from all around the world using web technologies like GitHub and Gerrit. This mixture of people with a wide range of backgrounds including minorities like women, ethnic minorities, and people with disabilities may increase the risk of offensive and destroying behaviours in the community, potentially leading affected project members to leave towards a more welcoming and friendly environment. To counter these effects, open source projects increasingly are turning to codes of conduct, in an attempt to promote their expectations and standards of ethical behaviour. In this first of its kind empirical study of codes of conduct in open source software projects, we investigated the role, scope and influence of codes of conduct through a mixture of quantitative and qualitative analysis, supported by interviews with practitioners. We found that the top codes of conduct are adopted by hundreds to thousands of projects, while all of them share 5 common dimensions.

Socio-Technical Evolution of the Ruby Ecosystem in GitHub
Eleni Constantinou and Tom Mens
(University of Mons, Belgium)
The evolution dynamics of a software ecosystem depend on the activity of the developer community contributing to projects within it. Both social and technical changes affect an ecosystem's evolution and the research community has been investigating the impact of these modifications over the last few years. Existing studies mainly focus on temporary modifications, often ignoring the effect of permanent changes on the software ecosystem. We present an empirical study of the magnitude and effect of permanent modifications in both the social and technical parts of a software ecosystem. More precisely, we measure permanent changes with regard to the ecosystem's projects, contributors and source code files and present our findings concerning the effect of these modifications. We study the Ruby ecosystem in GitHub over a nine-year period by carrying out a socio-technical analysis of the co-evolution of a large number of base projects and their forks. This analysis involves both the source code developed for these projects as well as the developers having contributed to them. We discuss our findings with respect to the ecosystem evolution according to three different viewpoints: (1) the base projects, (2) the forks and (3) the entire ecosystem containing both the base projects and forks. Our findings show an increased growth in both the technical and social aspects of the Ruby ecosystem until early 2014, followed by an increased contributor and project abandonment rate. We show the effect of permanent modifications in the ecosystem evolution and provide preliminary evidence of contributors migrating to other ecosystems when leaving the Ruby ecosystem.

Info

Features and Knowledge
Wed, Feb 22, 14:00 - 15:30

StiCProb: A Novel Feature Mining Approach using Conditional Probability
Yutian Tang and Hareton Leung
(Hong Kong Polytechnic University, China)
Software Product Line Engineering is a key approach to construct applications with systematical reuse of architecture, documents and other relevant components. To migrate legacy software into a product line system, it is essential to identify the code segments that should be constructed as features from the source base. However, this could be an error-prone and complicated task, as it involves exploring a complex structure and extracting the relations between different components within a system. And normally, representing structural information of a program in a mathematical way should be a promising direction to investigate. We improve this situation by proposing a probability-based approach named StiCProb to capture source code fragments for feature concerned, which inherently provides a conditional probability to describe the closeness between two programming elements. In the case study, we conduct feature mining on several legacy systems, to compare our approach with other related approaches. As demonstrated in our experiment, our approach could support developers to locate features within legacy successfully with a better performance of 83% for precision and 41% for recall.

Info
HDSKG: Harvesting Domain Specific Knowledge Graph from Content of Webpages
Xuejiao Zhao, Zhenchang Xing, Muhammad Ashad Kabir, Naoya Sawada, Jing Li, and Shang-Wei Lin
(Nanyang Technological University, Singapore; Australian National University, Australia; Charles Sturt University, Australia; NTT, Japan)
Knowledge graph is useful for many different domains like search result ranking, recommendation, exploratory search, etc. It integrates structural information of concepts across multiple information sources, and links these concepts together. The extraction of domain specific relation triples (subject, verb phrase, object) is one of the important techniques for domain specific knowledge graph construction. In this research, an automatic method named HDSKG is proposed to discover domain specific concepts and their relation triples from the content of webpages. We incorporate the dependency parser with rule-based method to chunk the relations triple candidates, then we extract advanced features of these candidate relation triples to estimate the domain relevance by a machine learning algorithm. For the evaluation of our method, we apply HDSKG to Stack Overflow (a Q&A website about computer programming). As a result, we construct a knowledge graph of software engineering domain with 35279 relation triples, 44800 concepts, and 9660 unique verb phrases. The experimental results show that both the precision and recall of HDSKG (0.78 and 0.7 respectively) is much higher than the openIE (0.11 and 0.6 respectively). The performance is particularly efficient in the case of complex sentences. Further more, with the self-training technique we used in the classifier, HDSKG can be applied to other domain easily with less training data.

Info
Analyzing Closeness of Code Dependencies for Improving IR-Based Traceability Recovery
Hongyu Kuang, Jia Nie, Hao Hu, Patrick Rempel, Jian Lü, Alexander Egyed, and Patrick Mäder
(Nanjing University, China; JKU Linz, Austria; TU Ilmenau, Germany)
Information Retrieval (IR) identifies trace links based on textual similarities among software artifacts. However, the vocabulary mismatch problem between different artifacts hinders the performance of IR-based approaches. A growing body of work addresses this issue by combining IR techniques with code dependency analysis such as method calls. However, so far the performance of combined approaches is highly dependent to the correctness of IR techniques and does not take full advantage of the code dependency analysis. In this paper, we combine IR techniques with closeness analysis to improve IR-based traceability recovery. Specifically, we quantify and utilize the “closeness” for each call and data dependency between two classes to improve rankings of traceability candidate lists. An empirical evaluation based on three real-world systems suggests that our approach outperforms three baseline approaches.

STRICT: Information Retrieval Based Search Term Identification for Concept Location
Mohammad Masudur Rahman and Chanchal K. Roy
(University of Saskatchewan, Canada)
During maintenance, software developers deal with numerous change requests that are written in an unstructured fashion using natural language. Such natural language texts illustrate the change requirement involving various domain related concepts. Software developers need to find appropriate search terms from those concepts so that they could locate the possible locations in the source code using a search technique. Once such locations are identified, they can implement the requested changes there. Studies suggest that developers often perform poorly in coming up with good search terms for a change task. In this paper, we propose a novel technique--STRICT--that automatically identifies suitable search terms for a software change task by analyzing its task description using two information retrieval (IR) techniques-- TextRank and POSRank. These IR techniques determine a term's importance based on not only its co-occurrences with other important terms but also its syntactic relationships with them. Experiments using 1,939 change requests from eight subject systems report that STRICT can identify better quality search terms than baseline terms from 52%--62% of the requests with 30%--57% Top-10 retrieval accuracy which are promising. Comparison with two state-of-the-art techniques not only validates our empirical findings and but also demonstrates the superiority of our technique.

Info

Apps and Energy
Wed, Feb 22, 16:00 - 17:10

Analyzing Reviews and Code of Mobile Apps for Better Release Planning
Adelina Ciurumelea, Andreas Schaufelbühl, Sebastiano Panichella, and Harald C. Gall
(University of Zurich, Switzerland)
The mobile applications industry experiences an unprecedented high growth, developers working in this context face a fierce competition in acquiring and retaining users. They have to quickly implement new features and fix bugs, or risks losing their users to the competition. To achieve this goal they must closely monitor and analyze the user feedback they receive in form of reviews. However, successful apps can receive up to several thousands of reviews per day, manually analysing each of them is a time consuming task. To help developers deal with the large amount of available data, we manually analyzed the text of 1566 user reviews and defined a high and low level taxonomy containing mobile specific categories (e.g. performance, resources, battery, memory, etc.) highly relevant for developers during the planning of maintenance and evolution activities. Then we built the User Request Referencer (URR) prototype, using Machine Learning and Information Retrieval techniques, to automatically classify reviews according to our taxonomy and recommend for a particular review what are the source code files that need to be modified to handle the issue described in the user review. We evaluated our approach through an empirical study involving the reviews and code of 39 mobile applications. Our results show a high precision and recall of URR in organising reviews according to the defined taxonomy.

Software-Based Energy Profiling of Android Apps: Simple, Efficient and Reliable?
Dario Di Nucci, Fabio Palomba, Antonio Prota, Annibale Panichella, Andy Zaidman, and Andrea De Lucia
(University of Salerno, Italy; Delft University of Technology, Netherlands; University of Luxembourg, Luxembourg)
Modeling the power profile of mobile applications is a crucial activity to identify the causes behind energy leaks. To this aim, researchers have proposed hardware-based tools as well as model-based and software-based techniques to approximate the actual energy profile. However, all these solutions present their own advantages and disadvantages. Hardware-based tools are highly precise, but at the same time their use is bound to the acquisition of costly hardware components. Model-based tools require the calibration of parameters needed to correctly create a model on a specific hardware device. Software-based approaches do not need any hardware components, but they rely on battery measurements and, thus, they are hardware-assisted. These tools are cheaper and easier to use than hardware-based tools, but they are believed to be less precise. In this paper, we take a deeper look at the pros and cons of software-based solutions investigating to what extent their measurements depart from hardware-based solutions. To this aim, we propose a software-based tool named PETrA that we compare with the hardware-based Monsoon toolkit on 54 Android apps. The results show that PETrA performs similarly to Monsoon despite not using any sophisticated hardware components. In fact, in all the apps the mean relative error with respect to Monsoon is lower than 0.05. Moreover, for 95% of the analyzed methods the estimation error is within 5% of the actual values measured using the hardware-based toolkit.

Video Info
Investigating the Energy Impact of Android Smells
Antonin Carette, Mehdi Adel Ait Younes, Geoffrey Hecht, Naouel Moha, and Romain Rouvoy
(Université du Québec à Montréal, Canada; Inria, France; University of Lille, France; IUF, France)
Android code smells are bad implementation practices within Android applications (or apps) that may lead to poor software quality. These code smells are known to degrade the performance of apps and to have an impact on energy consumption. However, few studies have assessed the positive impact on energy consumption when correcting code smells. In this paper, we therefore propose a tooled and reproducible approach, called Hot-Pepper, to automatically correct code smells and evaluate their impact on energy consumption. Currently, Hot-Pepper is able to automatically correct three types of Android-specific code smells: Internal Getter/Setter, Member Ignoring Method, and HashMap Usage. Hot-Pepper derives four versions of the apps by correcting each detected smell independently, and all of them at once. Hot-Pepper is able to report on the energy consumption of each app version with a single user scenario test. Our empirical study on five open-source Android apps shows that correcting the three aforementioned Android code smells effectively and significantly reduces the energy consumption of apps. In particular, we observed a global reduction in energy consumption by 4,83% in one app when the three code smells are corrected. We also take advantage of the flexibility of Hot-Pepper to investigate the impact of three picture smells (bad picture format, compression, and bitmap format) in sample apps. We observed that the usage of optimised JPG pictures with the Android default bitmap format is the most energy efficient combination in Android apps. We believe that developers can benefit from our approach and results to guide their refactoring, and thus improve the energy consumption of their mobile apps.

Software and Model Analysis
Wed, Feb 22, 16:00 - 17:10

Automated Generation of Consistency-Achieving Model Editors
Patrick Neubauer, Robert Bill, Tanja Mayerhofer, and Manuel Wimmer
(Vienna University of Technology, Austria)
The advances of domain-specific modeling languages (DSMLs) and their editors created with modern language workbenches, have convinced domain experts of applying them as important and powerful means in their daily endeavors. Despite the fact that such editors are proficient in retaining syntactical model correctness, they present major shortages in mastering the preservation of consistency in models with elaborated language-specific constraints which require language engineers to manually implement sophisticated editing capabilities. Consequently, there is a demand for automating procedures to support editor users in both comprehending as well as resolving consistency violations. In this paper, we present an approach to automate the generation of advanced editing support for DSMLs offering automated validation, content-assist, and quick fix capabilities beyond those created by state-of-the-art language workbenches that help domain experts in retaining and achieving the consistency of models. For validation, we show potential error causes for violated constraints, instead of only the context in which constraints are violated. The state-space explosion problem is mitigated by our approach resolving constraint violations by increasing the neighborhood scope in a three-stage process, seeking constraint repair solutions presented as quick fixes to the editor user. We illustrate and provide an initial evaluation of our approach based on an Xtext-based DSML for modeling service clusters.

Info
Historical and Impact Analysis of API Breaking Changes: A Large-Scale Study
Laerte Xavier, Aline Brito, Andre Hora, and Marco Tulio Valente
(Federal University of Minas Gerais, Brazil)
Change is a routine in software development. Like any system, libraries also evolve over time. As a consequence, clients are compelled to update and, thus, benefit from the available API improvements. However, some of these API changes may break contracts previously established, resulting in compilation errors and behavioral changes. In this paper, we study a set of questions regarding API breaking changes. Our goal is to measure the amount of breaking changes on real-world libraries and its impact on clients at a large-scale level. We assess (i) the frequency of breaking changes, (ii) the behavior of these changes over time, (iii) the impact on clients, and (iv) the characteristics of libraries with high frequency of breaking changes. Our large-scale analysis on 317 real-world Java libraries, 9K releases, and 260K client applications shows that (i) 14.78% of the API changes break compatibility with previous versions, (ii) the frequency of breaking changes increases over time, (iii) 2.54% of their clients are impacted, and (iv) systems with higher frequency of breaking changes are larger, more popular, and more active. Based on these results, we provide a set of lessons to better support library and client developers in their maintenance tasks.

Reducing Redundancies in Multi-revision Code Analysis
Carol V. Alexandru, Sebastiano Panichella, and Harald C. Gall
(University of Zurich, Switzerland)
Software engineering research often requires analyzing multiple revisions of several software projects, be it to make and test predictions or to observe and identify patterns in how software evolves. However, code analysis tools are almost exclusively designed for the analysis of one specific version of the code, and the time and resources requirements grow linearly with each additional revision to be analyzed. Thus, code studies often observe a relatively small number of revisions and projects. Furthermore, each programming ecosystem provides dedicated tools, hence researchers typically only analyze code of one language, even when researching topics that should generalize to other ecosystems. To alleviate these issues, frameworks and models have been developed to combine analysis tools or automate the analysis of multiple revisions, but little research has gone into actually removing redundancies in multi-revision, multi-language code analysis. We present a novel end-to-end approach that systematically avoids redundancies every step of the way: when reading sources from version control, during parsing, in the internal code representation, and during the actual analysis. We evaluate our open-source implementation, LISA, on the full history of 300 projects, written in 3 different programming languages, computing basic code metrics for over 1.1 million program revisions. When analyzing many revisions, LISA requires less than a second on average to compute basic code metrics for all files in a single revision, even for projects consisting of millions of lines of code.

Code and Data Transformations
Thu, Feb 23, 11:00 - 12:30

Recommending Source Code Locations for System Specific Transformations
Gustavo Santos, Klérisson V. R. Paixão, Nicolas Anquetil, Anne Etien, Marcelo de Almeida Maia, and Stéphane Ducasse
(University of Lille, France; CNRS, France; Inria, France; Federal University of Uberlândia, Brazil)
From time to time, developers perform sequences of code transformations in a systematic and repetitive way. This may happen, for example, when introducing a design pattern in a legacy system: similar classes have to be introduced, containing similar methods that are called in a similar way. Automation of these sequences of transformations has been proposed in the literature to avoid errors due to their repetitive nature. However, developers still need support to identify all the relevant code locations that are candidate for transformation. Past research showed that these kinds of transformation can lag for years with forgotten instances popping out from time to time as other evolutions bring them into light. In this paper, we evaluate three distinct code search approaches (“structural”, based on Information Retrieval, and AST based algorithm) to find code locations that would require similar transformations. We validate the resulting candidate locations from these approaches on real cases identified previously in literature. The results show that looking for code with similar roles, e.g., classes in the same hierarchy, provides interesting results with an average recall of 87% and in some cases the precision up to 70%.

Extracting Executable Transformations from Distilled Code Changes
Reinout Stevens and Coen De Roover
(Vrije Universiteit Brussel, Belgium)
Change distilling algorithms compute a sequence of fine-grained changes that, when executed in order, transform a given source AST into a given target AST. The resulting change sequences are used in the field of mining software repositories to study source code evolution. Unfortunately, detecting and specifying source code evolutions in such a change sequence is cumbersome. We therefore introduce a tool-supported approach that identifies minimal executable subsequences in a sequence of distilled changes that implement a particular evolution pattern, specified in terms of intermediate states of the AST that undergoes each change. This enables users to describe the effect of multiple changes, irrespective of their execution order, while ensuring that different change sequences that implement the same code evolution are recalled. Correspondingly, our evaluation is two-fold. Using examples, we demonstrate the expressiveness of specifying source code evolutions through intermediate ASTs. We also show that our approach is able to recall different implementation variants of the same source code evolution in open-source histories.

Automatic Generation of Opaque Constants Based on the K-Clique Problem for Resilient Data Obfuscation
Roberto Tiella and Mariano Ceccato
(Fondazione Bruno Kessler, Italy)
Data obfuscations are program transformations used to complicate program understanding and conceal actual values of program variables. The possibility to hide constant values is a basic building block of several obfuscation techniques. For example, in XOR Masking a constant mask is used to encode data, but this mask must be hidden too, in order to keep the obfuscation resilient to attacks. In this paper, we present a novel technique based on the k-clique problem, which is known to be NP-complete, to generate opaque constants, i.e. values that are difficult to guess by static analysis. In our experimental assessment we show that our opaque constants are computationally cheap to generate, both at obfuscation time and at runtime. Moreover, due to the NP-completeness of the k-clique problem, our opaque constants can be proven to be hard to attack with state-of-the-art static analysis tools.

The Dark Side of Event Sourcing: Managing Data Conversion
Michiel Overeem, Marten Spoor, and Slinger Jansen
(AFAS Software, Netherlands; Utrecht University, Netherlands)
Evolving software systems includes data schema changes, and because of those schema changes data has to be converted. Converting data between two different schemas while continuing the operation of the system is a challenge when that system is expected to be available always. Data conversion in event sourced systems introduces new challenges, because of the relative novelty of the event sourcing architectural pattern, because of the lack of standardized tools for data conversion, and because of the large amount of data that is stored in typical event stores. This paper addresses the challenge of schema evolution and the resulting data conversion for event sourced systems. First of all a set of event store upgrade operations is proposed that can be used to convert data between two versions of a data schema. Second, a set of techniques and strategies that execute the data conversion while continuing the operation of the system is discussed. The final contribution is an event store upgrade framework that identifies which techniques and strategies can be combined to execute the event store upgrade operations while continuing operation of the system. Two utilizations of the framework are given, the first being as decision support in upfront design of an upgrade system for event sourced systems. The framework can also be utilized as the description of an automated upgrade system that can be used for continuous deployment. The event store upgrade framework is evaluated in interviews with three renowned experts in the domain and has been found to be a comprehensive overview that can be utilized in the design and implementation of an upgrade system. The automated upgrade system has been implemented partially and applied in experiments.

Program Comprehension
Thu, Feb 23, 16:00 - 17:30

Automatically Generating Natural Language Descriptions for Object-Related Statement Sequences
Xiaoran Wang, Lori Pollock, and K. Vijay-Shanker
(University of Delaware, USA)
Current source code analyses driving software maintenance tools treat methods as either a single unit or a set of individual statements or words. They often leverage method names and any existing internal comments. However, internal comments are rare, and method names do not typically capture the method’s multiple high-level algorithmic steps that are too small to be a single method, but require more than one statement to implement. Previous work demonstrated feasibility of identifying high level actions automatically for loops; however, many high level actions remain unaddressed and undocumented, particularly sequences of consecutive statements that are associated with each other primarily by object references. We call these object-related action units.
In this paper, we present an approach to automatically generate natural language descriptions of object-related action units within methods. We leverage the available, large source of high-quality open source projects to learn the templates of object-related actions, identify the statement that can represent the main action, and generate natural language descriptions for these actions. Our evaluation study of a set of 100 object-related statement sequences showed promise of our approach to automatically identify the action and arguments and generate natural language descriptions.

Shorter Identifier Names Take Longer to Comprehend
Johannes Hofmeister, Janet Siegmund, and Daniel V. Holt
(University of Passau, Germany; University of Heidelberg, Germany)
Developers spend the majority of their time comprehending code, a process in which identifier names play a key role. Although many identifier naming styles exist, they often lack an empirical basis and it is not quite clear whether short or long identifier names facilitate comprehension. In this paper, we investigate the effect of different identifier naming styles (letters, abbreviations, words) on program comprehension, and whether these effects arise because of their length or their semantics. We conducted an experimental study with 72 professional C# developers, who looked for defects in source-code snippets. We used a within-subjects design, such that each developer saw all three versions of identifier naming styles and we measured the time it took them to find a defect. We found that words lead to, on average, 19% faster comprehension speed compared to letters and abbreviations, but we did not find a significant difference in speed between letters and abbreviations. The results of our study suggest that defects in code are more difficult to detect when code contains only letters and abbreviations. Words as identifier names facilitate program comprehension and can help to save costs and improve software quality.

Info
Lexical Categories for Source Code Identifiers
Christian D. Newman, Reem S. AlSuhaibani, Michael L. Collard, and Jonathan I. Maletic
(Kent State University, USA; University of Akron, USA)
A set of lexical categories, analogous to part-of-speech categories for English prose, is defined for source-code identifiers. The lexical category for an identifier is determined from its declaration in the source code, syntactic meaning in the programming language, and static program analysis. Current techniques for assigning lexical categories to identifiers use natural-language part-of-speech taggers. However, these NLP approaches assign lexical tags based on how terms are used in English prose. The approach taken here differs in that it uses only source code to determine the lexical category. The approach assigns a lexical category to each identifier and stores this information along with each declaration. srcML is used as the infrastructure to implement the approach and so the lexical information is stored directly in the srcML markup as an additional XML element for each identifier. These lexical-category annotations can then be later used by tools that automatically generate such things as code summarization or documentation. The approach is applied to 50 open source projects and the soundness of the defined lexical categories evaluated. The evaluation shows that at every level of minimum support tested, categorization is consistent at least 79% of the time with an overall consistency (across all supports) of at least 88%. The categories reveal a correlation between how an identifier is named and how it is declared. This provides a syntax-oriented view (as opposed to English part-of-speech view) of developer intent of identifiers.

Computing Counter-Examples for Privilege Protection Losses using Security Models
Marc-André Laverdière and Ettore Merlo
(Tata Consultancy Services, Canada; Polytechnique Montréal, Canada)
Role-Based Access Control (RBAC) is commonly used in web applications to protect information and restrict operations. Code changes may affect the security of the application and need to be validated, in order to avoid security vulnerabilities, which is a major undertaking. A statement suffers from privilege protection loss in a release pair when it was definitely protected on all execution paths in the previous release and is now reachable by some execution paths with an inferior privilege protection. Because the code change and the resulting privilege protection loss may be distant (e.g. in different functions or files), developers may find it difficult to diagnose and correct the issue. We use Pattern Traversal Flow Analysis (PTFA) to statically analyze code-derived formal models. Our analysis automatically computes counter-examples of definite protection properties and privilege protection losses. We computed privilege protections and their changes for 147 release pairs of WordPress. We computed counter-examples for a total of 14,116 privilege protection losses we found spread in 31 release pairs. We present the distribution of counter-examples’ lengths, as well as their spread across function and file boundaries. Our results show that counter-examples are typically short and localized. The median example spans 88 statements, crosses a single function boundary, and is contained in the same file. The 90 th centile example measures 174 statements and spans 3 function boundaries over 3 files. We believe that the privilege protection counter-examples’ characteristics would be helpful to focus developers’ attention for security reviews. These counter-examples are also a first step toward explanations.

Software Development Support
Fri, Feb 24, 09:00 - 10:30

Enriching In-IDE Process Information with Fine-Grained Source Code History
Sebastian Proksch, Sarah Nadi, Sven Amann, and Mira Mezini
(TU Darmstadt, Germany; University of Alberta, Canada)
Current studies on software development either focus on the change history of source code from version-control systems or on an analysis of simplistic in-IDE events without context information. Each of these approaches contains valuable information that is unavailable in the other case. Our work proposes enriched event streams, a solution that combines the best of both worlds and provides a holistic view on the software development process. Enriched event streams not only capture developer activities in the IDE, but also specialized context information, such as source-code snapshots for change events. To enable the storage of such code snapshots in an analyzable format, we introduce a new intermediate representation called Simplified Syntax Trees (SSTs) and build CARET, a platform that offers reusable components to conveniently work with enriched event streams. We implement FeedBaG++, an instrumentation for Visual Studio that collects enriched event streams with code snapshots in the form of SSTs. We share a dataset of enriched event streams captured from 58 users and representing 915 days of work. Additionally, to demonstrate usefulness, we present three research applications that have already made use of CARET and FeedBaG++.

Info
How to Gamify Software Engineering
Tommaso Dal Sasso, Andrea Mocci, Michele Lanza, and Ebrisa Mastrodicasa
(University of Lugano, Switzerland)
Software development, like any prolonged and intellectually demanding activity, can negatively affect the motivation of developers. This is especially true in specific areas of software engineering, such as requirements engineering, test-driven development, bug reporting and fixing, where the creative aspects of programming fall short. The developers’ engagement might progressively degrade, potentially impacting their work’s quality. Gamification, the use of game elements and game design techniques in non-game contexts, is hailed as a means to boost the motivation of people for a wide range of rote activities. Indeed, well-designed games deeply involve gamers in a positive loop of production, feedback, and reward, eliciting desirable feelings like happiness and collaboration. The question we investigate is how the seemingly frivolous context of games and gamification can be ported to the technically challenging and sober domain of software engineering. Our investigation starts with a review of the state of the art of gamification, supported by a motivating scenario to expose how gamification elements can be integrated in software engineering. We provide a set of basic building blocks to apply gamification techniques, present a conceptual framework to do so, illustrated in two usage contexts, and critically discuss our findings.

Scalable Tag Recommendation for Software Information Sites
Pingyi Zhou, Jin Liu, Zijiang Yang, and Guangyou Zhou
(Wuhan University, China; Western Michigan University, USA; Central China Normal University, China)
Software developers can search, share and learn development experience, solutions, bug fixes and open source projects in software information sites such as StackOverflow and Freecode. Many software information sites rely on tags to classify their contents, i.e. software objects, in order to improve the performance and accuracy of various operations on the sites. The quality of tags thus has a significant impact on the usefulness of these sites. High quality tags are expected to be concise and can describe the most important features of the software objects. Unfortunately tagging is inherently an uncoordinated process. The choice of tags made by individual software developers is dependent not only on a developer's understanding of the software object but also on the developer's English skills and preferences. As a result, the number of different tags grows rapidly along with continuous addition of software objects. With thousands of different tags, many of which introduce noise, software objects become poorly classified. Such phenomenon affects negatively the speed and accuracy of developers' queries. In this paper, we propose a tool called TagMulRec to automatically recommend tags and classify software objects in evolving large-scale software information sites. Given a new software object, TagMulRec locates the software objects that are semantically similar to the new one and exploit their tags. We have evaluated TagMulRec on four software information sites, StackOverflow, AskUbuntu, AskDifferent and Freecode. According to our empirical study, TagMulRec is not only accurate but also scalable that can handle a large-scale software information site with millions of software objects and thousands of tags.

Stack Overflow: A Code Laundering Platform?
Le An, Ons Mlouki, Foutse Khomh, and Giuliano Antoniol
(Polytechnique Montréal, Canada)
Developers use Question and Answer (Q&A) websites to exchange knowledge and expertise. Stack Overflow is a popular Q&A website where developers discuss coding problems and share code examples. Although all Stack Overflow posts are free to access, code examples on Stack Overflow are governed by the Creative Commons Attribute-ShareAlike 3.0 Unported license that developers should obey when reusing code from Stack Overflow or posting code to Stack Overflow. In this paper, we conduct a case study with 399 Android apps, to investigate whether developers respect license terms when reusing code from Stack Overflow posts (and the other way around). We found 232 code snippets in 62 Android apps from our dataset that were potentially reused from Stack Overflow, and 1,226 Stack Overflow posts containing code examples that are clones of code released in 68 Android apps, suggesting that developers may have copied the code of these apps to answer Stack Overflow questions. We investigated the licenses of these pieces of code and observed 1,279 cases of potential license violations (related to code posting to Stack overflow or code reuse from Stack overflow). This paper aims to raise the awareness of the software engineering community about potential unethical code reuse activities taking place on Q&A websites like Stack Overflow.

Code Smells and Refactoring
Fri, Feb 24, 11:00 - 12:30

An Empirical Study of Code Smells in JavaScript Projects
Amir Saboury, Pooya Musavi, Foutse Khomh, and Giuliano Antoniol
(Polytechnique Montréal, Canada)
JavaScript is a powerful scripting programming language that has gained a lot of attention this past decade. Initially used exclusively for client-side web development, it has evolved to become one of the most popular programming languages, with developers now using it for both client-side and server-side application development. Similar to applications written in other programming languages, JavaScript applications contain code smells, which are poor design choices that can negatively impact the quality of an application.
In this paper, we investigate code smells in JavaScript server-side applications with the aim to understand how they impact the fault-proneness of applications.
We detect 12 types of code smells in 537 releases of five popular JavaScript applications (i.e., express, grunt, bower, less.js, and request) and perform survival analysis, comparing the time until a fault occurrence, in files containing code smells and files without code smells. Results show that (1) on average, files without code smells have hazard rates 65% lower than files with code smells. (2) Among the studied smells, “Variable Re-assign” and “Assignment In Conditional statements” code smells have the highest hazard rates. Additionally, we conduct a survey with 1,484 JavaScript developers, to understand the perception of developers towards our studied code smells. We found that developers consider “Nested Callbacks”, “Variable Re-assign” and “Long Parameter List” code smells to be serious design problems that hinder the maintainability and reliability of applications. This assessment is in line with the findings of our quantitative analysis.
Overall, code smells affect negatively the quality of JavaScript applications and developers should consider tracking and removing them early on before the release of applications to the public.

Antipatterns Causing Memory Bloat: A Case Study
Kamil Jezek and Richard Lipka
(University of West Bohemia, Czech Republic)
Java is one of the languages that are popular for high abstraction and automatic memory management. As in other object-oriented languages, Java’s objects can easily represent a domain model of an application. While it has a positive impact on the design, implementation and maintenance of applications, there are drawbacks as well. One of them is a relatively high memory overhead to manage objects. In this work, we show our experience with searching for this problem in an application that we refactored to use less memory. Although the application was relatively well designed with no memory leaks, it required such a big amount of memory that for large data the application was not usable in reality. We did three relatively simple improvements: we reduced the usage of Java Collections, removed unnecessary object instances, and simplified the domain model, which reduced memory needs up to 88% and made the application better usable and even faster. This work is a case-study reporting results. Moreover, the employed ideas are formulated as a set of antipatterns, which may be used for other applications.

Variant-Preserving Refactorings for Migrating Cloned Products to a Product Line
Wolfram Fenske, Jens Meinicke, Sandro Schulze, Steffen Schulze, and Gunter Saake
(University of Magdeburg, Germany; Carnegie Mellon University, USA)
A common and simple way to create custom product variants is to copy and adapt existing software (a.k.a. the clone-and-own approach). Clone-and-own promises low initial costs for creating a new variant as existing code is easily reused. However, clone-and-own also comes with major drawbacks for maintenance and evolution since changes, such as bug fixes, need to be synchronized among several product variants. Software product lines (SPLs) provide solutions to these problems because commonalities are implemented only once. Thus, in an SPL, changes also need to be applied only once. Therefore, the migration of cloned product variants to an SPL would be beneficial. The main tasks of migration are the identification and extraction of commonalities from existing products. However, these tasks are challenging and currently not well-supported. In this paper, we propose a step-wise and semi-automated process to migrate cloned product variants to a feature-oriented SPL. Our process relies on clone detection to identify code that is common to multiple variants and novel, variant-preserving refactorings to extract such common code. We evaluated our approach on five cloned product variants, reducing code clones by 25%. Moreover, we provide qualitative insights into possible limitations and potentials for removing even more redundant code. We argue that our approach can effectively decrease synchronization effort compared to clone-and-own development and thus reduce the long-term costs for maintenance and evolution.

Efficient Method Extraction for Automatic Elimination of Type-3 Clones
Ran Ettinger, Shmuel Tyszberowicz, and Shay Menaia
(Ben-Gurion University of the Negev, Israel; Academic College of Tel Aviv-Yaffo, Israel)
A semantics-preserving transformation by Komondoor and Horwitz has been shown to be most effective in the elimination of type-3 clones. The two original algorithms for realizing this transformation, however, are not as efficient as the related (slice-based) transformations. We present an asymptotically-faster algorithm that implements the same transformation via bidirectional reachability on a program dependence graph, and we prove its equivalence to the original formulation.

Testing and Fault Localization
Fri, Feb 24, 14:00 - 15:30

Spreadsheet Testing in Practice
Sohon Roy, Felienne Hermans, and Arie van Deursen
(Delft University of Technology, Netherlands)
Despite being popular end-user tools, spreadsheets suffer from the vulnerability of error-proneness. In software engineering, testing has been proposed as a way to address errors. It is important therefore to know whether spreadsheet users also test, or how do they test and to what extent, especially since most spreadsheet users do not have the training, or experience, of software engineering principles. Towards this end, we conduct a two-phase mixed methods study. First, a qualitative phase, in which we interview 12 spreadsheet users, and second, a quantitative phase, in which we conduct an online survey completed by 72 users. The outcome of the interviews, organized into four different categories, consists of an overview of test practices, perceptions of spreadsheet users about testing, a set of preventive measures for avoiding errors, and an overview of maintenance practices for ensuring correctness of spreadsheets over time. The survey adds to the findings by providing quantitative estimates indicating that ensuring correctness is an important concern, and a major fraction of users do test their spreadsheets. However, their techniques are largely manual and lack formalism. Tools and automated supports are rarely used.

Dynamic Patch Generation for Null Pointer Exceptions using Metaprogramming
Thomas Durieux, Benoit Cornu, Lionel Seinturier, and Martin Monperrus
(University of Lille, France; Inria, France)
Null pointer exceptions (NPE) are the number one cause of uncaught crashing exceptions in production. In this paper, we aim at exploring the search space of possible patches for null pointer exceptions with metaprogramming. Our idea is to transform the program under repair with automated code transformation, so as to obtain a metaprogram. This metaprogram contains automatically injected hooks, that can be activated to emulate a null pointer exception patch. This enables us to perform a fine-grain analysis of the runtime context of null pointer exceptions. We set up an experiment with 16 real null pointer exceptions that have happened in the field. We compare the effectiveness of our metaprogramming approach against simple templates for repairing null pointer exceptions.

Improving Fault Localization for Simulink Models using Search-Based Testing and Prediction Models
Bing Liu, Lucia, Shiva Nejati, and Lionel C. Briand
(University of Luxembourg, Luxembourg)
One promising way to improve the accuracy of fault localization based on statistical debugging is to increase diversity among test cases in the underlying test suite. In many practical situations, adding test cases is not a cost-free option because test oracles are developed manually or running test cases is expensive. Hence, we require to have test suites that are both diverse and small to improve debugging. In this paper, we focus on improving fault localization of Simulink models by generating test cases. We identify three test objectives that aim to increase test suite diversity. We use these objectives in a search-based algorithm to generate diversified but small test suites. To further minimize test suite sizes, we develop a prediction model to stop test generation when adding test cases is unlikely to improve fault localization. We evaluate our approach using three industrial subjects. Our results show (1) the three selected test objectives are able to significantly improve the accuracy of fault localization for small test suite sizes, and (2) our prediction model is able to maintain almost the same fault localization accuracy while reducing the average number of newly generated test cases by more than half.

An Empirical Investigation into the Cost-Effectiveness of Test Effort Allocation Strategies for Finding Faults
Yiyang Feng, Wanwangying Ma, Yibiao Yang, Hongmin Lu, Yuming Zhou, and Baowen Xu
(Nanjing University, China)
In recent years, it has been shown that fault prediction models could effectively guide test effort allocation in finding faults if they have a high enough fault prediction accuracy (Norm(Popt) > 0.78). However, it is often difficult to achieve such a high fault prediction accuracy in practice. As a result, fault-prediction-model-guided allocation (FPA) methods may be not applicable in real development environments. To attack this problem, in this paper, we propose a new type of test effort allocation strategy: reliability-growth-model-guided allocation (RGA) method. For a given project release V, RGA attempts to predict the optimal test effort allocation for V by learning the fault distribution information from the previous releases. Based on three open-source projects, we empirically investigate the cost-effectiveness of three test effort allocation strategies for finding faults: RGA, FPA, and structural-complexity-guided allocation (SCA) method. The experimental results show that RGA shows a promising performance in finding faults when compared with SCA and FPA.


Early Research Achievements

Learning from and Providing Help to Developers
Wed, Feb 22, 11:00 - 12:30

What Information about Code Snippets Is Available in Different Software-Related Documents? An Exploratory Study
Preetha Chatterjee, Manziba Akanda Nishi, Kostadin Damevski, Vinay Augustine, Lori Pollock, and Nicholas A. Kraft
(University of Delaware, USA; Virginia Commonwealth University, USA; ABB Corporate Research, USA)
A large corpora of softwarerelated documents is available on the Web, and these documents offer the unique opportunity to learn from what developers are saying or asking about the code snippets that they are discussing. For example, the natural language in a bug report provides information about what is not functioning properly in a particular code snippet. Previous research has mined information about code snippets from bug reports, emails, and Q&A forums. This paper describes an exploratory study into the kinds of information that is embedded in different softwarerelated documents. The goal of the study is to gain insight into the potential value and difficulty of mining the natural language text associated with the code snippets found in a variety of softwarerelated documents, including blog posts, API documentation, code reviews, and public chats.

Harnessing Twitter to Support Serendipitous Learning of Developers
Abhishek Sharma, Yuan Tian, Agus Sulistya, David Lo, and Aiko Fallas Yamashita
(Singapore Management University, Singapore; Oslo and Akershus University College of Applied Sciences, Norway)
Developers often rely on various online resources, such as blogs, to keep themselves up-to-date with the fast pace at which software technologies are evolving. Singer et al. found that developers tend to use channels such as Twitter to keep themselves updated and support learning, often in an undirected or serendipitous way, coming across things that they may not apply presently, but which should be helpful in supporting their developer activities in future. However, identifying relevant and useful articles among the millions of pieces of information shared on Twitter is a non-trivial task. In this work to support serendipitous discovery of relevant and informative resources to support developer learning, we propose an unsupervised and a supervised approach to find and rank URLs (which point to web resources) harvested from Twitter based on their informativeness and relevance to a domain of interest. We propose 14 features to characterize each URL by considering contents of webpage pointed by it, contents and popularity of tweets mentioning it, and the popularity of users who shared the URL on Twitter. The results of our experiments on tweets generated by a set of 85,171 users over a one-month period highlight that our proposed unsupervised and supervised approaches can achieve a reasonably high Normalized Discounted Cumulative Gain (NDCG) score of 0.719 and 0.832 respectively.

Why Do We Break APIs? First Answers from Developers
Laerte Xavier, Andre Hora, and Marco Tulio Valente
(Federal University of Minas Gerais, Brazil)
Breaking contracts have a major impact on API clients. Despite this fact, recent studies show that libraries are often backward incompatible and that the rate of breaking changes increase over time. However, the specific reasons that motivate library developers to break contracts with their clients are still unclear. In this paper, we describe a qualitative study with library developers and real instance of API breaking changes. Our goal is to (i) elicit the reasons why developers introduce breaking changes; and (ii) check if they are aware about the risks of such changes. Our survey with the top contributors of popular Java libraries contributes to reveal a list of five reasons why developers break API contracts. Moreover, it also shows that most of developers are aware of these risks and, in some cases, adopt strategies to mitigate them. We conclude by prospecting a future study to strengthen our current findings. With this study, we expect to contribute on delineating tools to better assess the risks and impacts of API breaking changes.

An Arc-Based Approach for Visualization of Code Smells
Marcel Steinbeck
(University of Bremen, Germany)
Code smells are indicators of design flaws that may have negative effects on software comprehensibility and changeability. In recent years several detection tools have been developed that are supposed to help in revealing code smells in large size software systems. However, usually a subset of the detected code smells are suitable for refactorings only. Previous studies on software clones have shown that visualization of findings may assist developers in identifying relevant refactoring opportunities by highlighting peculiarities and, thus, is useful to enhance a software’s maintainability. Nevertheless, techniques to visualize code smells in general are rare, though, being an interesting field of research to bridge the gap between code smell detection and code smell refactoring. This paper presents a visualization approach that is supposed to help in assessing the dispersion and extent of arbitrary code smells by combining different existing techniques. The core of our approach consists of several Treemaps that are arranged on a circle in order to obtain a better integration of additional visualizations. Furthermore, the presented technique provides various interaction mechanisms that allow users to adjust the visualization to target elements of interest.

Towards Continuous Software Release Planning
David Ameller, Carles Farré, Xavier Franch, Danilo Valerio, and Antonino Cassarino
(Universitat Politècnica de Catalunya, Spain; Siemens, Austria)
Continuous software engineering is a new trend that is gaining increasing attention of the research community in the last years. The main idea behind this trend is to tighten the connection between the software engineering lifecycle activities (e.g., development, planning, integration, testing, etc.). While the connection between development and integration (i.e., continuous integration) has been subject of research and is applied in industrial settings, the connection between other activities is still in a very early stage. We are contributing to this research topic by proposing our ideas towards connecting the software development and software release planning activities (i.e., continuous software release planning). In this paper we present our initial findings on this topic, how we envision to address the continuous software release planning, and a research agenda to fulfil our objectives.

Evolution of Open Source Systems
Fri, Feb 24, 09:00 - 10:30

An Exploratory Study on Library Aging by Monitoring Client Usage in a Software Ecosystem
Raula Gaikovina Kula, Daniel M. German, Takashi Ishio, Ali Ouni, and Katsuro Inoue
(Osaka University, Japan; University of Victoria, Canada; United Arab Emirates University, United Arab Emirates)
In recent times, use of third-party libraries has become prevalent practice in contemporary software development. Much like other code components, unmaintained libraries are a cause for concern, especially when it risks code degradation over time. Therefore, awareness of when a library should be updated is important. With the emergence of large libraries hosting repositories such as Maven Central, we can leverage the dynamics of these ecosystems to understand and estimate when a library is due for an update. In this paper, based on the concepts of software aging, we empirically explore library usage as a means to describe its age. The study covers about 1,500 libraries belonging to the Maven software ecosystem. Results show that library usage changes are not random, with 81.7% of the popular libraries fitting typical polynomial models. Further analysis show that ecosystem factors such as emerging rivals has an effect on aging characteristics. Our preliminary findings demonstrate that awareness of library aging and its characteristics is a promising step towards aiding client systems in the maintenance of their libraries.

Trends on Empty Exception Handlers for Java Open Source Libraries
Ana Filipa Nogueira, José C. B. Ribeiro, and Mário A. Zenha-Rela
(University of Coimbra, Portugal; Polytechnic Institute of Leiria, Portugal)
Exception-handling structures provide a means to recover from unexpected or undesired flows that occur during software execution, allowing the developer to put the program in a valid state. Still, the application of proper exception-handling strategies is at the bottom of priorities for a great number of developers. Studies have already discussed this subject pinpointing that, frequently, the implementation of exception-handling mechanisms is enforced by compilers. As a consequence, several anti-patterns about Exception-handling are already identified in literature.
In this study, we have picked several releases from different Java programs and we investigated one of the most well-known anti-patterns: the empty catch handlers. We have analysed how the empty handlers evolved through several releases of a software product. We have observed some common approaches in terms of empty catches' evolution. For instance, often an empty catch is transformed into a empty catch with a comment. Moreover, for the majority of the programs, the percentage of empty handlers has decreased when comparing the first and last releases. Future work includes the automation of the analysis allowing the inclusion of data collected from other software artefacts: test suites and data from issue tracking systems.

Analyzing the Evolution of Testing Library Usage in Open Source Java Projects
Ahmed Zerouali and Tom Mens
(University of Mons, Belgium)
Software development projects frequently rely on testing-related libraries to test the functionality of the software product automatically and efficiently. Many such libraries are available for Java, and developers face a hard time deciding which libraries are most appropriate for their project, or when to migrate to a competing library. We empirically analysed the usage of eight testing-related libraries in 4,532 open source Java projects hosted on GitHub. We studied how frequently specific (pairs of) libraries are used over time. We also identified if and when library usages are replaced by competing ones during a project’s lifetime. We found that some libraries are considerably more popular than their competitors, while some libraries become more popular over time. We observed that many projects tend to use multiple libraries together. We also observed permanent and temporary migrations between competing libraries. These findings may pave the way for recommendation tools that allow project developers to choose the most appropriate library for their needs, and to be informed of better alternatives.

On the Evolution of Exception Usage in Java Projects
Haidar Osman, Andrei Chiş, Jakob Schaerer, Mohammad Ghafari, and Oscar Nierstrasz
(University of Bern, Switzerland; Feenk, Switzerland)
Programming languages use exceptions to handle abnormal situations during the execution of a program. While programming languages often provide a set of standard exceptions, developers can further create custom exceptions to capture relevant data about project- and domain-specific errors. We hypothesize that, given their usefulness, custom exceptions are used increasingly as software systems mature. To assess this claim, we empirically analyze the evolution of exceptions and exception-handling code within four, popular and long-lived Java systems. We observe that indeed the amount of error-handling code, together with the number of custom exceptions and their usage in catch handlers and throw statements increase as projects evolve. However, we find that the usage of standard exceptions increases more than the usage of custom exceptions in both catch handlers and throw statements. A preliminary manual analysis of throw statements reveals that developers encode the domain information into the standard Java exceptions as custom string error messages instead of relying on custom exception classes.

Statically Identifying Class Dependencies in Legacy JavaScript Systems: First Results
Leonardo Humberto Silva, Marco Tulio Valente, and Alexandre Bergel
(Federal Institute of Northern Minas Gerais, Brazil; Federal University of Minas Gerais, Brazil; University of Chile, Chile)
Identifying dependencies between classes is an essential activity when maintaining and evolving software applications. It is also known that JavaScript developers often use classes to structure their projects. This happens even in legacy code, i.e., code implemented in JavaScript versions that do not provide syntactical support to classes. However, identifying associations and other dependencies between classes remain a challenge due to the lack of static type annotations. This paper investigates the use of type inference to identify relations between classes in legacy JavaScript code. To this purpose, we rely on Flow, a state-of-the-art type checker and inferencer tool for JavaScript. We perform a study using code with and without annotating the class import statements in two modular applications. The results show that precision is 100% in both systems, and that the annotated version improves the recall, ranging from 37% to 51% for dependencies in general and from 54% to 85% for associations. Therefore, we hypothesize that these tools should also depend on dynamic analysis to cover all possible dependencies in JavaScript code.

CodeCritics Applied to Database Schema: Challenges and First Results
Julien Delplanque, Anne Etien, Olivier Auverlot, Tom Mens, Nicolas Anquetil, and Stéphane Ducasse
(University of Mons, Belgium; University of Lille, France; Inria, France)
Relational databases (DB) play a critical role in many information systems. For different reasons, their schemas gather not only tables and columns but also views, triggers or stored functions (i.e., fragments of code describing treatments). As for any other code-related artefact, software quality in a DB schema helps avoiding future bugs. However, few tools exist to analyse DB quality and prevent the introduction of technical debt. Moreover, these tools suffer from limitations like the difficulty to deal with some entities (e.g., functions) or dependencies between entities. This paper presents research issues related to assessing the software quality of a DB schema by adapting existing source code analysis research to database schemas. We present preliminary results that have been validated through the implementation of DBCritics, a prototype tool to perform static analysis on the SQL source code of a database schema. DBCritics addresses the limitations of existing DB quality tools based on an internal representation considering all entities of the database and their relationships.

Patterns and Optimization
Fri, Feb 24, 14:00 - 15:30

Cloud-Based Parallel Concolic Execution
Ting Chen, Youzheng Feng, Xiapu Luo, Xiaodong Lin, and Xiaosong Zhang
(University of Electronic Science and Technology of China, China; Hong Kong Polytechnic University, China; University of Ontario Institute of Technology, Canada)
Path explosion is one of the biggest challenges hindering the wide application of concolic execution. Although several parallel approaches have been proposed to accelerate concolic execution, they neither scale well nor properly handle resource fluctuations and node failures, which often happen in practice. In this paper, we propose a novel approach, named PACCI, which parallelizes concolic execution and adapts to the drastic changes of computing resources by leveraging cloud infrastructures. PACCI tailors concolic execution to the MapReduce programming model and takes into account the features of cloud infrastructures. In particular, we tackle several challenging issues, such as making the exploration of different program paths independently and constructing an extensible path exploration module to support the prioritization of test inputs from a global perspective. Preliminary experimental results show that PACCI is scalable (e.g., gaining about 20X speedup using 24 nodes) and its efficiency declines slightly about 5% and 6.1% under resource fluctuations and node failures, respectively.

Under-Optimized Smart Contracts Devour Your Money
Ting Chen, Xiaoqi Li, Xiapu Luo, and Xiaosong Zhang
(University of Electronic Science and Technology of China, China; Hong Kong Polytechnic University, China)
Smart contracts are full-fledged programs that run on blockchains (e.g., Ethereum, one of the most popular blockchains). In Ethereum, gas (in Ether, a cryptographic currency like Bitcoin) is the execution fee compensating the computing resources of miners for running smart contracts. However, we find that under-optimized smart contracts cost more gas than necessary, and therefore the creators or users will be overcharged. In this work, we conduct the first investigation on Solidity, the recommended compiler, and reveal that it fails to optimize gas-costly programming patterns. In particular, we identify 7 gas-costly patterns and group them to 2 categories. Then, we propose and develop GASPER, a new tool for automatically locating gas-costly patterns by analyzing smart contracts' bytecodes. The preliminary results on discovering 3 representative patterns from 4,240 real smart contracts show that 93.5%, 90.1% and 80% contracts suffer from these 3 patterns, respectively.

Pluggable Controllers and Nano-Patterns
Yossi Gil, Ori Marcovitch, and Matteo Orrù
(Technion, Israel)
This paper raises the idea of giving end users the ability to modify and extend the control flow constructs (if, while, etc.) of the underlying programming language, just as they can modify and extend the library standard implementation of function printf and class String. Pluggable Controllers are means for modular design of control constructors, e.g., if, while, do, switch, and operators such as short circuit conjunction (&&) and the “?.” operator of the Swift pro- gramming language. We propose a modular, pluggable controllers based, design of a language. In this design there are control constructors which are core, augmented by a standard library of control constructors, which just like all standard libraries, is extensible and replaceable. The control constructors standard library can then follow a course of evolution that is less coupled with that of the main language, where a library release does not mandate new language release. At the same time, the library could be extended by individuals, corporate and communities to implement more or less idiosyncratic Nano-Patterns. We demonstrate the imposition of pluggable control constructors on Java by employing Lola — a Turing-complete and programming language independent code preprocessor.

Query Construction Patterns in PHP
David Anderson and Mark Hills
(East Carolina University, USA)
Most PHP applications use databases, with developers including both static queries, given directly in the code, and dynamic queries, which are based on a mixture of static text, computed values, and user input. In this paper, we focus specifically on how developers create queries that are then used with the original MySQL API library. Based on a collection of open-source PHP applications, our initial results show that many of these queries are created according to a small collection of query construction patterns. We believe that identifying these patterns provides a solid base for program analysis, comprehension, and transformation tools that need to reason about database queries, including tools to support renovating existing PHP code to support safer, more modern database access APIs.

Info
Supporting Schema Evolution in Schema-Less NoSQL Data Stores
Loup Meurice and Anthony Cleve
(University of Namur, Belgium)
NoSQL data stores are becoming popular due to their schema-less nature. They offer a high level of flexibility, since they do not require to declare a global schema. Thus, the data model is maintained within the application source code. However, due to this flexibility, developers have to struggle with a growing data structure entropy and to manage legacy data. Moreover, support to schema evolution is lacking, which may lead to runtime errors or irretrievable data loss, if not properly handled. This paper presents an approach to support the evolution of a schema-less NoSQL data store by analyzing the application source code and its history. We motivate this approach on a subject system and explain how useful it is to understand the present database structure and facilitate future developments.


Tool Demonstrations

Static Analysis and Refactoring
Wed, Feb 22, 14:00 - 15:30

XCore: Support for Developing Program Analysis Tools
Alexandru Ștefănică and Petru Florin Mihancea
(Politehnica University of Timișoara, Romania)
Building program analysis tools is hard. A recurring development task is the implementation of the meta-model around which a tool is usually constructed. The XCORE prototype supports this task by generating the implementation of the meta-model. For this purpose, developers will add directly into the source code of the tool under construction some meta-information describing the desired meta-model. Our demo presents some internal details of XCORE and emphasizes the advantages of our tool by describing the construction of a basic analysis instrument.

srcQL: A Syntax-Aware Query Language for Source Code
Brian Bartman, Christian D. Newman, Michael L. Collard, and Jonathan I. Maletic
(Kent State University, USA; University of Akron, USA)
A tool and domain specific language for querying source code is introduced and demonstrated. The tool, srcQL, allows for the querying of source code using the syntax of the language to identify patterns within source code documents. srcQL is built upon srcML, a widely used XML representation of source code, to identify the syntactic contexts being queried. srcML inserts XML tags into the source code to mark syntactic constructs. srcQL uses a combination of XPath on srcML, regular expressions, and syntactic patterns within a query. The syntactic patterns are snippets of source code that supports the use of logical variables which are unified during the query process. This allows for very complex patterns to be easily formulated and queried. The tool is implemented (in C++) and a number of queries are presented to demonstrate the approach. srcQL currently supports C++ and scales to large systems.

UAV: Warnings from Multiple Automated Static Analysis Tools at a Glance
Tim Buckers, Clinton Cao, Michiel Doesburg, Boning Gong, Sunwei Wang, Moritz Beller, and Andy Zaidman
(Delft University of Technology, Netherlands)
Automated Static Analysis Tools (ASATs) are an integral part of today’s software quality assurance practices. At present, a plethora of ASATs exist, each with different strengths. However, there is little guidance for developers on which of these ASATs to choose and combine for a project. As a result, many projects still only employ one ASAT with practically no cus- tomization. With UAV, the Unified ASAT Visualizer, we created an intuitive visualization that enables developers, researchers, and tool creators to compare the complementary strengths and overlaps of different Java ASATs. UAV’s enriched treemap and source code views provide its users with a seamless exploration of the warning distribution from a high-level overview down to the source code. We have evaluated our UAV prototype in a user study with ten second-year Computer Science (CS) students, a visualization expert and tested it on large Java repositories with several thousands of PMD, FindBugs, and Checkstyle warnings.
Project Website: https://clintoncao.github.io/uav/

Video Info
The Spartanizer: Massive Automatic Refactoring
Yossi Gil and Matteo Orrù
(Technion, Israel)
The Spartanizer is an eclipse plugin featuring over one hundred and fifty refactoring techniques, all aimed at reducing various size complexity of the code, without changing its design, i.e., inheritance relations, modular structure, etc. Typical use case of the Spartanizer is in an automatic mode: refactoring operations are successively selected and applied by the tool, until the code is reshaped in spartan style (a frugal coding style minimizing the use of characters, variables, tokens, etc.). The Spartanizer demonstrates the potential of automatic refactoring: tens of thousands of transformations are applied in matter of seconds, chains of dependent applications of transformations with tens of operations in them, significant impact on code size, and extent reaching almost every line of code, even of professional libraries.

Video Info
c-JRefRec: Change-Based Identification of Move Method Refactoring Opportunities
Naoya Ujihara, Ali Ouni, Takashi Ishio, and Katsuro Inoue
(Osaka University, Japan; United Arab Emirates University, United Arab Emirates)
We propose, in this paper, a lightweight refactoring recommendation tool, namely c-JRefRec, to identify Move Method refactoring opportunities based on four heuristics using static and semantic program analysis. Our tool aims at identiying refactoring opportunities before a code change is committed to the codebase based on current code changes whenever the developer saves/compiles his code. We evaluate the efficiency of our approach in detecting Feature Envy smells and recommending Move Method refactorings to fix them on three Java open-source systems and 30 code changes. Results show that our approach achieves an average precision of 0.48 and 0.73 of recall and outperforms a state-of-the-art approach namely JDeodorant.

Lightweight Detection of Android-Specific Code Smells: The aDoctor Project
Fabio Palomba, Dario Di Nucci, Annibale Panichella, Andy Zaidman, and Andrea De Lucia
(Delft University of Technology, Netherlands; University of Salerno, Italy; University of Luxembourg, Luxembourg)
Code smells are symptoms of poor design solutions applied by programmers during the development of software systems. While the research community devoted a lot of effort to studying and devising approaches for detecting the traditional code smells defined by Fowler, little knowledge and support is available for an emerging category of Mobile app code smells. Recently, Reimann et al. proposed a new catalogue of Android-specific code smells that may be a threat for the maintainability and the efficiency of Android applications. However, current tools working in the context of Mobile apps provide limited support and, more importantly, are not available for developers interested in monitoring the quality of their apps. To overcome these limitations, we propose a fully automated tool, coined aDoctor, able to identify 15 Android-specific code smells from the catalogue by Reimann et al. An empirical study conducted on the source code of 18 Android applications reveals that the proposed tool reaches, on average, 98% of precision and 98% of recall. We made aDoctor publicly available.

Info

Binaries and Evolution
Thu, Feb 23, 11:00 - 12:30

scat: Learning from a Single Execution of a Binary
Franck de Goër, Christopher Ferreira, and Laurent Mounier
(LIG, France; University of Grenoble, France; VERIMAG, France)
Retrieving information from a binary code is required in several application domains such as system integration or security analysis. Providing tools to help engineers in this task is therefore an important need. We present in this paper scat, an open-source toolbox, relying on lightweight runtime instrumentation to infer source-level and behavioral information from a binary code, like function prototypes or data-flow relations. We explain the functioning principle of this toolbox, and we give some results obtained on real examples to show its effectiveness.

Info
dynStruct: An Automatic Reverse Engineering Tool for Structure Recovery and Memory Use Analysis
Daniel Mercier, Aziem Chawdhary, and Richard Jones
(University of Kent, UK)
dynStruct is an open source structure recovery tool for x86 binaries. It uses dynamic binary instrumentation to record information about memory accesses, which is then processed off-line to recover structures created and used by the binary. It provides a powerful web interface which not only displays the raw data and the recovered structures but also allows this information to be explored and manually edited. dynStruct is an effective tool for analyzing programs as complex as emacs. A demonstration video is available at: http://bit.ly/2gQu26e

InsDal: A Safe and Extensible Instrumentation Tool on Dalvik Byte-Code for Android Applications
Jierui Liu, Tianyong Wu, Xi Deng, Jun Yan, and Jian Zhang
(Institute of Software at Chinese Academy of Sciences, China; University at Chinese Academy of Sciences, China)
Program instrumentation is a widely used technique in dynamic analysis and testing, which makes use of probe code inserted to the target program to monitor its behaviors, or log runtime information for off-line analysis. There are a number of automatic tools for instrumentation on the source or byte code of Java programs. However, few works address this issue on the register-based Dalvik byte-code of ever-increasing Android apps. This paper presents a lightweight tool, InsDal, for inserting instructions to specific points of the Dalvik byte-code according to the requirements of users. It carefully manages the registers to protect the behavior of original code from illegal manipulation, and optimizes the inserted code to avoid memory waste and unnecessary overhead. This tool is easy to use and has been applied to several scenarios (e.g. energy analysis, code coverage analysis). A demo video of our tool can be found at the website: https://www.youtube.com/watch?v=Fpw-aygZ3kE.

Video
Columbo: High Perfomance Unpacking
Jason Raber
(MalwareBytes, USA)
Columbo is a tool for unpacking malware. A key feature is the ability to uncompress and/or decrypt areas of memory quickly using algorithms focused on basic block compression and loop optimizations.

Video
Hindsight: Revealing the Evolution of Dependencies to Developers
George Ganea
(Politehnica University of Timișoara, Romania)
Software systems are inherently complex and this is because of the interactions between their constituent entities. These affect refactoring efforts and therefore numerous tools that reveal dependencies between software artefacts have been proposed. However, existing tools only take into account the current version of a system, while the evolution of dependencies can hold clues that can help developers with their refactoring decisions. This paper proposes Hindsight, a tool that shows how fine grained relations of a software entity change over time. It argues how the approach can be used to facilitate refactoring decisions and presents the tool, an Eclipse open source plugin that illustrates the approach through software visualizations. The code and a quick start guide can be found at the following URL: https://github.com/georgeganea/hindsight

Info
Replan: A Release Planning Tool
David Ameller, Carles Farré, Xavier Franch, Antonino Cassarino, Danilo Valerio, and Valentin Elvassore
(Universitat Politècnica de Catalunya, Spain; Siemens, Austria)
Software release planning is the activity of deciding what is to be implemented, when and by who. It can be divided into two tasks: strategic planning (i.e., the what) and operational (i.e., the when and the who). Replan, the tool that we present in this demo, handles both tasks in an integrated and flexible way, allowing its users (typically software product managers and developer team leaders) to (re)plan the releases dynamically by assigning new features and/or modifying the available resources allocated at each release. A recorded video demo of Replan is available at https://youtu.be/PNK5EUTdqEg.

Video

Industrial Research
Fri, Feb 24, 11:00 - 12:30

Bringing Back-in-Time Debugging Down to the Database
Arian Treffer, Michael Perscheid, and Matthias Uflacker
(HPI, Germany; SAP, Germany)
With back-in-time debuggers, developers can explore what happened before observable failures by following infection chains back to their root causes. While there are several such debuggers for object- oriented programming languages, we do not know of any back-in-time capabilities at the database-level. Thus, if failures are caused by SQL scripts or stored procedures, developers have difficulties in understand- ing their unexpected behavior. In this paper, we present an approach for bringing back-in-time debugging down to the SAP HANA in- memory database. Our TARDISP debugger allows de- velopers to step queries backwards and inspecting the database at previous and arbitrary points in time. With the help of a SQL extension, we can express queries covering a period of execution time within a debugging session and handle large amounts of data with low over- head on performance and memory. The entire approach has been evaluated within a development project at SAP and shows promising results with respect to the gathered developer feedback.

Performance Tuning for Automotive Software Fault Prediction
Harald Altinger, Steffen Herbold, Friederike Schneemann, Jens Grabowski, and Franz Wotawa
(Audi Electronics Venture, Germany; University of Göttingen, Germany; Graz University of Technology, Austria)
Fault prediction on high quality industry grade software often suffers from strong imbalanced class distribution due to a low bug rate. Previous work reports on low predictive performance, thus tuning parameters is required. As the State of the Art recommends sampling methods for imbalanced learning, we analyse effects when under- and oversampling the training data evaluated on seven different classification algorithms. Our results demonstrate settings to achieve higher performance values but the various classifiers are influenced in different ways. Furthermore, not all performance reports can be tuned at the same time.

Business Process Recovery Based on System Log and Information of Organizational Structure
Ryota Mibe, Tadashi Tanaka, Takashi Kobayashi, and Shingo Kobayashi
(Hitachi, Japan; Tokyo Institute of Technology, Japan; Japan EXpert Clone, Japan)
In most current cases of enterprise system development, the requirement specifications should follow those of an existing legacy system. However, it is difficult to identify high-level specifications, such as business process steps, from legacy and undocumented systems. In this paper, we propose a method to recover an abstract business process by using system logs and the organizational information of the operators using an existing legacy system. Our method provides a hierarchical view based on a clustering technique to find abstract activities that consist of a series of operations. We also propose a method to extract the main operation in a cluster. We evaluated the effectiveness of our method through experiments on a real system.

Multi-language Re-documentation to Support a COBOL to Java Migration Project
Bernhard Dorninger, Michael Moser, and Josef Pichler
(Software Competence Center Hagenberg, Austria)
Software migration projects need precise and up-to-date documentation of the software system to be migrated. Missing or outdated documentation hampers the migration process and compromises the overall quality of the resulting new software system. Moreover, if documentation is missing in the first place and no additional effort is undertaken to document the new software system, future maintenance and evolution tasks are burdened right from the beginning. Therefore, we apply an automatic re-documentation approach that uses a single tool chain to generate documentation for the software to be migrated and the transformed software system. By this, we not only support an ongoing COBOL to Java migration project at one of our industry partners but as well create the foundations to continuously generate up-to-date documentation for the new software system.

Proactive Reviews of Textual Requirements
Vard Antinyan and Miroslaw Staron
(University of Gothenburg, Sweden)
In large software development products the number of textual requirements can reach tens of thousands. When such a large number of requirements is delivered to software developers, there is a risk that vague or complex requirements remain undetected until late in the design process. In order to detect such requirements, companies conduct manual reviews of requirements. Manual reviews, however, take substantial amount of effort, and the efficiency is low. The goal of this paper is to present the application of a method for proactive requirements reviews. The method, that was developed and evaluated in a previous study, is now used in three companies. We show how the method evolved from an isolated scripted use to a fully integrated use in the three companies. The results showed that software engineers in the three companies use the method as a help in their job for continuous improvements of requirements.

Data Access Visualization for Legacy Application Maintenance
Keisuke Yano and Akihiko Matsuo
(Fujitsu Labs, Japan)
Software clustering techniques have been studied and applied to analyze and visualize the actual structure of legacy applications, which have used program information, e.g., dependencies, as input. However, business data also play an important role in a business system. Revealing which programs actually use data in the current system can give us a key insight when analyzing a long-lived complicated system. In this paper, we calculate indexes indicating how a data entity is used, making use of software clustering, which can be used to detect problematic or characteristic parts of the system. The developed technique can reveal the characteristics of a data entity; i.e., it is used like master data. We applied this technique to two business systems used for many years and found that our technique can help us understand the systems in terms of business data usage. Through case studies, we evaluated the validity of the indexes and showed that software visualization with the indexes can be used to investigate a system in an exploratory way.


Posters