Ammonia: an approach for deriving project-specific bug patterns

Finding and fixing buggy code is an important and cost-intensive maintenance task, and static analysis (SA) is one of the methods developers use to perform it. SA tools warn developers about potential bugs by scanning their source code for commonly occurring bug patterns, thus giving those developer...

Full description

Saved in:
Bibliographic Details
Published in:Empirical software engineering : an international journal 2020-05, Vol.25 (3), p.1951-1979
Main Authors: Higo, Yoshiki, Hayashi, Shinpei, Hata, Hideaki, Nagappan, Meiyappan
Format: Article
Language:English
Subjects:
Ammonia
Compilers
Computer Science
Cost analysis
Debugging
Interpreters
Programming Languages
Software
Software Engineering/Programming and Operating Systems
Source code
Static code analysis
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by cdi_FETCH-LOGICAL-c473t-bef6c407941b71864a16ffc90b125777f0d13be10ed82d1041fc99be6690a56f3
cites cdi_FETCH-LOGICAL-c473t-bef6c407941b71864a16ffc90b125777f0d13be10ed82d1041fc99be6690a56f3
container_end_page 1979
container_issue 3
container_start_page 1951
container_title Empirical software engineering : an international journal
container_volume 25
creator Higo, Yoshiki
Hayashi, Shinpei
Hata, Hideaki
Nagappan, Meiyappan
description Finding and fixing buggy code is an important and cost-intensive maintenance task, and static analysis (SA) is one of the methods developers use to perform it. SA tools warn developers about potential bugs by scanning their source code for commonly occurring bug patterns, thus giving those developers opportunities to fix the warnings (potential bugs) before they release the software. Typically, SA tools scan for general bug patterns that are common to any software project (such as null pointer dereference), and not for project specific patterns. However, past research has pointed to this lack of customizability as a severe limiting issue in SA. Accordingly, in this paper, we propose an approach called Ammonia, which is based on statically analyzing changes across the development history of a project, as a means to identify project-specific bug patterns. Furthermore, the bug patterns identified by our tool do not relate to just one developer or one specific commit, they reflect the project as a whole and compliment the warnings from other SA tools that identify general bug patterns. Herein, we report on the application of our implemented tool and approach to four Java projects: Ant, Camel, POI, and Wicket. The results obtained show that our tool could detect 19 project specific bug patterns across those four projects. Next, through manual analysis, we determined that six of those change patterns were actual bugs and submitted pull requests based on those bug patterns. As a result, five of the pull requests were merged.
doi_str_mv 10.1007/s10664-020-09807-w
format article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2400150990</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2400150990</sourcerecordid><originalsourceid>FETCH-LOGICAL-c473t-bef6c407941b71864a16ffc90b125777f0d13be10ed82d1041fc99be6690a56f3</originalsourceid><addsrcrecordid>eNp9kE9LxDAQxYMouK5-AU8Fz9GZJE0aL7Is_oMFL3oOaZqsXdy2Jl0Xv73RCt48zTDz3pvhR8g5wiUCqKuEIKWgwICCrkDR_QGZYak4VRLlYe55xShnpTwmJyltAEArUc7IzWK77bvWXhe2K-wwxN661yL0sWh8bD_abl3k2ca7kabBuza0rqh3eWjH0ccunZKjYN-SP_utc_Jyd_u8fKCrp_vH5WJFnVB8pLUP0glQWmCtsJLCogzBaaiRlUqpAA3y2iP4pmINgsC81LWXUoMtZeBzcjHl5m_edz6NZtPvYpdPGiYAsAStIavYpHKxTyn6YIbYbm38NAjmG5SZQJkMyvyAMvts4pMpZXG39vEv-h_XF4qOay0</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2400150990</pqid></control><display><type>article</type><title>Ammonia: an approach for deriving project-specific bug patterns</title><source>Springer Nature</source><creator>Higo, Yoshiki ; Hayashi, Shinpei ; Hata, Hideaki ; Nagappan, Meiyappan</creator><creatorcontrib>Higo, Yoshiki ; Hayashi, Shinpei ; Hata, Hideaki ; Nagappan, Meiyappan</creatorcontrib><description>Finding and fixing buggy code is an important and cost-intensive maintenance task, and static analysis (SA) is one of the methods developers use to perform it. SA tools warn developers about potential bugs by scanning their source code for commonly occurring bug patterns, thus giving those developers opportunities to fix the warnings (potential bugs) before they release the software. Typically, SA tools scan for general bug patterns that are common to any software project (such as null pointer dereference), and not for project specific patterns. However, past research has pointed to this lack of customizability as a severe limiting issue in SA. Accordingly, in this paper, we propose an approach called Ammonia, which is based on statically analyzing changes across the development history of a project, as a means to identify project-specific bug patterns. Furthermore, the bug patterns identified by our tool do not relate to just one developer or one specific commit, they reflect the project as a whole and compliment the warnings from other SA tools that identify general bug patterns. Herein, we report on the application of our implemented tool and approach to four Java projects: Ant, Camel, POI, and Wicket. The results obtained show that our tool could detect 19 project specific bug patterns across those four projects. Next, through manual analysis, we determined that six of those change patterns were actual bugs and submitted pull requests based on those bug patterns. As a result, five of the pull requests were merged.</description><identifier>ISSN: 1382-3256</identifier><identifier>EISSN: 1573-7616</identifier><identifier>DOI: 10.1007/s10664-020-09807-w</identifier><language>eng</language><publisher>New York: Springer US</publisher><subject>Ammonia ; Compilers ; Computer Science ; Cost analysis ; Debugging ; Interpreters ; Programming Languages ; Software ; Software Engineering/Programming and Operating Systems ; Source code ; Static code analysis</subject><ispartof>Empirical software engineering : an international journal, 2020-05, Vol.25 (3), p.1951-1979</ispartof><rights>The Author(s) 2020</rights><rights>The Author(s) 2020. This work is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c473t-bef6c407941b71864a16ffc90b125777f0d13be10ed82d1041fc99be6690a56f3</citedby><cites>FETCH-LOGICAL-c473t-bef6c407941b71864a16ffc90b125777f0d13be10ed82d1041fc99be6690a56f3</cites><orcidid>0000-0002-8278-8975</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27922,27923</link.rule.ids></links><search><creatorcontrib>Higo, Yoshiki</creatorcontrib><creatorcontrib>Hayashi, Shinpei</creatorcontrib><creatorcontrib>Hata, Hideaki</creatorcontrib><creatorcontrib>Nagappan, Meiyappan</creatorcontrib><title>Ammonia: an approach for deriving project-specific bug patterns</title><title>Empirical software engineering : an international journal</title><addtitle>Empir Software Eng</addtitle><description>Finding and fixing buggy code is an important and cost-intensive maintenance task, and static analysis (SA) is one of the methods developers use to perform it. SA tools warn developers about potential bugs by scanning their source code for commonly occurring bug patterns, thus giving those developers opportunities to fix the warnings (potential bugs) before they release the software. Typically, SA tools scan for general bug patterns that are common to any software project (such as null pointer dereference), and not for project specific patterns. However, past research has pointed to this lack of customizability as a severe limiting issue in SA. Accordingly, in this paper, we propose an approach called Ammonia, which is based on statically analyzing changes across the development history of a project, as a means to identify project-specific bug patterns. Furthermore, the bug patterns identified by our tool do not relate to just one developer or one specific commit, they reflect the project as a whole and compliment the warnings from other SA tools that identify general bug patterns. Herein, we report on the application of our implemented tool and approach to four Java projects: Ant, Camel, POI, and Wicket. The results obtained show that our tool could detect 19 project specific bug patterns across those four projects. Next, through manual analysis, we determined that six of those change patterns were actual bugs and submitted pull requests based on those bug patterns. As a result, five of the pull requests were merged.</description><subject>Ammonia</subject><subject>Compilers</subject><subject>Computer Science</subject><subject>Cost analysis</subject><subject>Debugging</subject><subject>Interpreters</subject><subject>Programming Languages</subject><subject>Software</subject><subject>Software Engineering/Programming and Operating Systems</subject><subject>Source code</subject><subject>Static code analysis</subject><issn>1382-3256</issn><issn>1573-7616</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2020</creationdate><recordtype>article</recordtype><recordid>eNp9kE9LxDAQxYMouK5-AU8Fz9GZJE0aL7Is_oMFL3oOaZqsXdy2Jl0Xv73RCt48zTDz3pvhR8g5wiUCqKuEIKWgwICCrkDR_QGZYak4VRLlYe55xShnpTwmJyltAEArUc7IzWK77bvWXhe2K-wwxN661yL0sWh8bD_abl3k2ca7kabBuza0rqh3eWjH0ccunZKjYN-SP_utc_Jyd_u8fKCrp_vH5WJFnVB8pLUP0glQWmCtsJLCogzBaaiRlUqpAA3y2iP4pmINgsC81LWXUoMtZeBzcjHl5m_edz6NZtPvYpdPGiYAsAStIavYpHKxTyn6YIbYbm38NAjmG5SZQJkMyvyAMvts4pMpZXG39vEv-h_XF4qOay0</recordid><startdate>20200501</startdate><enddate>20200501</enddate><creator>Higo, Yoshiki</creator><creator>Hayashi, Shinpei</creator><creator>Hata, Hideaki</creator><creator>Nagappan, Meiyappan</creator><general>Springer US</general><general>Springer Nature B.V</general><scope>C6C</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>L6V</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>M7S</scope><scope>P5Z</scope><scope>P62</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope><scope>S0W</scope><orcidid>https://orcid.org/0000-0002-8278-8975</orcidid></search><sort><creationdate>20200501</creationdate><title>Ammonia: an approach for deriving project-specific bug patterns</title><author>Higo, Yoshiki ; Hayashi, Shinpei ; Hata, Hideaki ; Nagappan, Meiyappan</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c473t-bef6c407941b71864a16ffc90b125777f0d13be10ed82d1041fc99be6690a56f3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2020</creationdate><topic>Ammonia</topic><topic>Compilers</topic><topic>Computer Science</topic><topic>Cost analysis</topic><topic>Debugging</topic><topic>Interpreters</topic><topic>Programming Languages</topic><topic>Software</topic><topic>Software Engineering/Programming and Operating Systems</topic><topic>Source code</topic><topic>Static code analysis</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Higo, Yoshiki</creatorcontrib><creatorcontrib>Hayashi, Shinpei</creatorcontrib><creatorcontrib>Hata, Hideaki</creatorcontrib><creatorcontrib>Nagappan, Meiyappan</creatorcontrib><collection>SpringerOpen</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science &amp; Engineering Collection</collection><collection>ProQuest Central</collection><collection>Advanced Technologies &amp; Aerospace Collection</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>ProQuest Engineering Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>Engineering Database</collection><collection>Advanced Technologies &amp; Aerospace Database</collection><collection>ProQuest Advanced Technologies &amp; Aerospace Collection</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection><collection>DELNET Engineering &amp; Technology Collection</collection><jtitle>Empirical software engineering : an international journal</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Higo, Yoshiki</au><au>Hayashi, Shinpei</au><au>Hata, Hideaki</au><au>Nagappan, Meiyappan</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Ammonia: an approach for deriving project-specific bug patterns</atitle><jtitle>Empirical software engineering : an international journal</jtitle><stitle>Empir Software Eng</stitle><date>2020-05-01</date><risdate>2020</risdate><volume>25</volume><issue>3</issue><spage>1951</spage><epage>1979</epage><pages>1951-1979</pages><issn>1382-3256</issn><eissn>1573-7616</eissn><abstract>Finding and fixing buggy code is an important and cost-intensive maintenance task, and static analysis (SA) is one of the methods developers use to perform it. SA tools warn developers about potential bugs by scanning their source code for commonly occurring bug patterns, thus giving those developers opportunities to fix the warnings (potential bugs) before they release the software. Typically, SA tools scan for general bug patterns that are common to any software project (such as null pointer dereference), and not for project specific patterns. However, past research has pointed to this lack of customizability as a severe limiting issue in SA. Accordingly, in this paper, we propose an approach called Ammonia, which is based on statically analyzing changes across the development history of a project, as a means to identify project-specific bug patterns. Furthermore, the bug patterns identified by our tool do not relate to just one developer or one specific commit, they reflect the project as a whole and compliment the warnings from other SA tools that identify general bug patterns. Herein, we report on the application of our implemented tool and approach to four Java projects: Ant, Camel, POI, and Wicket. The results obtained show that our tool could detect 19 project specific bug patterns across those four projects. Next, through manual analysis, we determined that six of those change patterns were actual bugs and submitted pull requests based on those bug patterns. As a result, five of the pull requests were merged.</abstract><cop>New York</cop><pub>Springer US</pub><doi>10.1007/s10664-020-09807-w</doi><tpages>29</tpages><orcidid>https://orcid.org/0000-0002-8278-8975</orcidid><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 1382-3256
ispartof Empirical software engineering : an international journal, 2020-05, Vol.25 (3), p.1951-1979
issn 1382-3256
1573-7616
language eng
recordid cdi_proquest_journals_2400150990
source Springer Nature
subjects Ammonia
Compilers
Computer Science
Cost analysis
Debugging
Interpreters
Programming Languages
Software
Software Engineering/Programming and Operating Systems
Source code
Static code analysis
title Ammonia: an approach for deriving project-specific bug patterns
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-13T23%3A47%3A14IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Ammonia:%20an%20approach%20for%20deriving%20project-specific%20bug%20patterns&rft.jtitle=Empirical%20software%20engineering%20:%20an%20international%20journal&rft.au=Higo,%20Yoshiki&rft.date=2020-05-01&rft.volume=25&rft.issue=3&rft.spage=1951&rft.epage=1979&rft.pages=1951-1979&rft.issn=1382-3256&rft.eissn=1573-7616&rft_id=info:doi/10.1007/s10664-020-09807-w&rft_dat=%3Cproquest_cross%3E2400150990%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c473t-bef6c407941b71864a16ffc90b125777f0d13be10ed82d1041fc99be6690a56f3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2400150990&rft_id=info:pmid/&rfr_iscdi=true