Michael Pradel
Severin Heiniger
ABSTRACT
To avoid receiving incorrect arguments, a method specifies the expected type of each formal parameter. However, some parameter types are too general and have subtypes that the method does not expect as actual argument types. For example, this may happen if there is no common supertype that precisely describes all expected types. As a result of such brittle parameter typing, a caller may accidentally pass arguments unexpected by the callee without any warnings from the type system. This paper presents a fully automatic, static analysis to find brittle parameter typing and unexpected arguments given to brittle parameters. First, the analysis infers from callers of a method the types that arguments commonly have. Then, the analysis reports potentially unexpected arguments that stand out by having an unusual type. We apply the approach to 21 real-world Java programs that use the Swing API, an API providing various methods with brittle parameters. The analysis reveals 15 previously unknown bugs and code smells where programmers pass arguments that are compatible with the declared parameter type but nevertheless unexpected by the callee. The warnings reported by the analysis have 47% precision and 83% recall.
- J. Bloch. Effective Java (Second Edition). Addison-Wesley, 2008. Google Scholar
Digital Library
- R.-Y. Chang, A. Podgurski, and J. Yang. Finding what's not there: a new approach to revealing neglected conditions in software. In ISSTA, pages 163-173, 2007. Google ScholarDigital Library
- D. Engler, D. Y. Chen, S. Hallem, A. Chou, and B. Chelf. Bugs as deviant behavior: A general approach to inferring errors in systems code. In SOSP, pages 57-72, 2001. Google ScholarDigital Library
- M. D. Ernst, J. Cockrell, W. G. Griswold, and D. Notkin. Dynamically discovering likely program invariants to support program evolution. IEEE T Software Eng, 27(2):213-224, 2001. Google ScholarDigital Library
- M. Fowler. Refactoring: Improving the Design of Existing Code. Addison-Wesley, 1999. Google ScholarDigital Library
- M. Gabel and Z. Su. Online inference and enforcement of temporal properties. In ICSE, pages 15-24, 2010. Google ScholarDigital Library
- N. Gruska, A. Wasylkowski, and A. Zeller. Learning from 6,000 projects: Lightweight cross-project anomaly detection. In ISSTA, pages 119-130, 2010. Google ScholarDigital Library
- S. Hangal and M. S. Lam. Tracking down software bugs using automatic anomaly detection. In ICSE, pages 291-301, 2002. Google ScholarDigital Library
- O. Lhoták and L. J. Hendren. Evaluating the benefits of context-sensitive points-to analysis using a BDD-based implementation. ACM T Softw Eng Meth, 18(1), 2008. Google ScholarDigital Library
- Z. Li and Y. Zhou. PR-Miner: Automatically extracting implicit programming rules and detecting violations in large software code. In ESEC/FSE, pages 306-315, 2005. Google ScholarDigital Library
- B. Liskov. Data abstraction and hierarchy. In OOPSLA, 1987. Google ScholarDigital Library
- S. Lu, S. Park, C. Hu, X. Ma, W. Jiang, Z. Li, R. A. Popa, and Y. Zhou. MUVI: Automatically inferring multi-variable access correlations and detecting related semantic and concurrency bugs. In SOSP, pages 103-116, 2007. Google ScholarDigital Library
- S. Lu, J. Tucek, F. Qin, and Y. Zhou. AVIO: detecting atomicity violations via access interleaving invariants. In ASPLOS, pages 37-48, 2006. Google ScholarDigital Library
- M. Monperrus, M. Bruch, and M. Mezini. Detecting missing method calls in object-oriented software. In ECOOP, pages 2-25, 2010. Google ScholarDigital Library
- T. T. Nguyen, H. A. Nguyen, N. H. Pham, J. M. Al-Kofahi, and T. N. Nguyen. Graph-based mining of multiple object usage patterns. In ESEC/FSE, pages 383-392, 2009. Google ScholarDigital Library
- M. Pradel and T. R. Gross. Detecting anomalies in the order of equally-typed method arguments. In ISSTA, pages 232-242, 2011. Google ScholarDigital Library
- M. Pradel and T. R. Gross. Leveraging test generation and specification mining for automated bug detection without false positives. In ICSE, 2012. Google ScholarDigital Library
- M. Pradel, C. Jaspan, J. Aldrich, and T. R. Gross. Statically checking API protocol conformance with mined multi-object specifications. In ICSE, 2012. Google ScholarDigital Library
- S. Thummalapenta and T. Xie. Alattin: Mining alternative patterns for detecting neglected conditions. In ASE, pages 283-294, 2009. Google ScholarDigital Library
- S. Thummalapenta and T. Xie. Mining exception-handling rules as sequence association rules. In ICSE, pages 496-506, 2009. Google ScholarDigital Library
- F. Tip, A. Kiezun, and D. Bäumer. Refactoring for generalization using type constraints. In OOPSLA, pages 13-26, 2003. Google ScholarDigital Library
- R. Vallée-Rai, P. Co, E. Gagnon, L. J. Hendren, P. Lam, and V. Sundaresan. Soot - a Java bytecode optimization framework. In CASCON, pages 125-135, 1999. Google ScholarDigital Library
- A. Wasylkowski and A. Zeller. Mining temporal specifications from object usage. In ASE, pages 295-306, 2009. Google ScholarDigital Library
- J. Winther and M. I. Schwartzbach. Related types. In ECOOP, pages 434-458. Springer, 2011. Google ScholarDigital Library
- H. Zhong, T. Xie, L. Zhang, J. Pei, and H. Mei. MAPO: Mining and recommending API usage patterns. In ECOOP, pages 318-343, 2009. Google ScholarDigital Library
Index Terms
- Static detection of brittle parameter typing
Recommendations
Static memory leak detection using full-sparse value-flow analysis
ISSTA 2012: Proceedings of the 2012 International Symposium on Software Testing and AnalysisWe introduce a static detector, Saber, for detecting memory leaks in C programs. Leveraging recent advances on sparse pointer analysis, Saber is the first to use a full-sparse value-flow analysis for leak detection. Saber tracks the flow of values from ...
Quasi-static typing
POPL '90: Proceedings of the 17th ACM SIGPLAN-SIGACT symposium on Principles of programming languagesWe present a new approach to dynamic typing in a static framework. Our main innovation is the use of structural subtyping for dynamic types based on the idea that possible dynamic typing as a property should be inherited by objects of all types. Two ...
Typing dynamic typing
Even when programming in a statically typed language we every now and then encounter statically untypable values; such values result from interpreting values or from communicating with the outside world. To cope with this problem most languages include ...
Comments