research-article

Detecting anomalies in the order of equally-typed method arguments

Authors:

Michael Pradel,

Thomas R. GrossAuthors Info & Claims

ISSTA '11: Proceedings of the 2011 International Symposium on Software Testing and Analysis

Pages 232 - 242

https://doi.org/10.1145/2001420.2001448

Published: 17 July 2011 Publication History

Abstract

In statically-typed programming languages, the compiler ensures that method arguments are passed in the expected order by checking the type of each argument. However, calls to methods with multiple equally-typed parameters slip through this check. The uncertainty about the correct argument order of equally-typed arguments can cause various problems, for example, if a programmer accidentally reverses two arguments. We present an automated, static program analysis that detects such problems without any input except for the source code of a program. The analysis leverages the observation that programmer-given identifier names convey information about the semantics of arguments, which can be used to assign equally-typed arguments to their expected position. We evaluate the approach with a large corpus of Java programs and show that our analysis finds relevant anomalies with a precision of 76%.

References

[1]

https://issues.apache.org/jira/browse/HADOOP-4732.

[2]

http://issues.liferay.com/browse/LPS-3890.

[3]

JBoss SVN repository. Revisions 58536, 58764, and 60357.

[4]

JikesRVM SVN repository. Revisions 10263 and 13935.

[5]

G. Ammons, R. Bodík, and J. R. Larus. Mining specifications. In Symposium on Principles of Programming Languages (POPL), pages 4--16. ACM, 2002.

Digital Library

[6]

S. M. Blackburn, R. Garner, C. Hoffmann, A. M. Khan, K. S. McKinley, R. Bentzur, A. Diwan, D. Feinberg, D. Frampton, S. Z. Guyer, M. Hirzel, A. L. Hosking, M. Jump, H. B. Lee, J. E. B. Moss, A. Phansalkar, D. Stefanovic, T. VanDrunen, D. von Dincklage, and B. Wiedermann. The DaCapo benchmarks: Java benchmarking development and analysis. In Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pages 169--190. ACM, 2006.

Digital Library

[7]

S. Butler, M. Wermelinger, Y. Yu, and H. Sharp. Relating identifier naming flaws and code quality: An empirical study. In Working Conference on Reverse Engineering (WCRE), pages 31--35. IEEE, 2009.

Digital Library

[8]

R.-Y. Chang, A. Podgurski, and J. Yang. Finding what's not there: a new approach to revealing neglected conditions in software. In International Symposium on Software Testing and Analysis (ISSTA), pages 163--173. ACM, 2007.

Digital Library

[9]

W. W. Cohen, P. D. Ravikumar, and S. E. Fienberg. A comparison of string distance metrics for name-matching tasks. In Workshop on Information Integration on the Web (IIWeb), pages 73--78, 2003.

[10]

D. Engler, D. Y. Chen, S. Hallem, A. Chou, and B. Chelf. Bugs as deviant behavior: A general approach to inferring errors in systems code. In Symposium on Operating Systems Principles (SOSP), pages 57--72. ACM, 2001.

Digital Library

[11]

M. D. Ernst, J. Cockrell, W. G. Griswold, and D. Notkin. Dynamically discovering likely program invariants to support program evolution. IEEE Transactions on Software Engineering, 27(2):213--224, 2001.

Digital Library

[12]

M. Erwig and M. M. Burnett. Adding apples and oranges. In Symposium on Practical Aspects of Declarative Languages (PADL), pages 173--191. Springer, 2002.

Digital Library

[13]

M. Gabel and Z. Su. Javert: Fully automatic mining of general temporal properties from dynamic traces. In Symposium on Foundations of Software Engineering (FSE), pages 339--349. ACM, 2008.

Digital Library

[14]

D. Greenfieldboyce and J. S. Foster. Type qualifier inference for Java. In Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pages 321--336. ACM, 2007.

Digital Library

[15]

P. J. Guo, J. H. Perkins, S. McCamant, and M. D. Ernst. Dynamic inference of abstract types. In International Symposium on Software Testing and Analysis (ISSTA), pages 255--265. ACM, 2006.

Digital Library

[16]

S. Hangal and M. S. Lam. Tracking down software bugs using automatic anomaly detection. In International Conference on Software Engineering (ICSE), pages 291--301. ACM, 2002.

Digital Library

[17]

S. Hangal and M. S. Lam. Automatic dimension inference and checking for object-oriented programs. In International Conference on Software Engineering (ICSE), pages 155--165. IEEE, 2009.

Digital Library

[18]

J. Henkel, C. Reichenbach, and A. Diwan. Discovering documentation for Java container classes. IEEE Transactions on Software Engineering, 33(8):526--543, 2007.

Digital Library

[19]

E. W. Høst and B. M. Østvold. Debugging method names. In European Conference on Object-Oriented Programming (ECOOP), pages 294--317. Springer, 2009.

Digital Library

[20]

D. Hovemeyer and W. Pugh. Finding bugs is easy. In Companion to the Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pages 132--136. ACM, 2004.

Digital Library

[21]

J. L. Lawall and D. Lo. An automated approach for finding variable-constant pairing bugs. In International Conference on Automated Software Engineering (ASE), pages 103--112. ACM, 2010.

Digital Library

[22]

D. Lawrie, C. Morrell, H. Feild, and D. Binkley. What's in a name? A study of identifiers. In International Conference on Program Comprehension (ICPC), pages 3--12. IEEE, 2006.

Digital Library

[23]

Z. Li and Y. Zhou. PR-Miner: Automatically extracting implicit programming rules and detecting violations in large software code. In European Software Engineering Conference and Symposium on Foundations of Software Engineering (ESEC/FSE), pages 306--315. ACM, 2005.

Digital Library

[24]

D. Lo and S.-C. Khoo. SMArTIC: Towards building an accurate, robust and scalable specification miner. In Symposium on Foundations of Software Engineering (FSE), pages 265--275. ACM, 2006.

Digital Library

[25]

S. Lu, S. Park, C. Hu, X. Ma, W. Jiang, Z. Li, R. A. Popa, and Y. Zhou. MUVI: Automatically inferring multi-variable access correlations and detecting related semantic and concurrency bugs. In Symposium on Operating Systems Principles (SOSP), pages 103--116. ACM, 2007.

Digital Library

[26]

M. Monperrus, M. Bruch, and M. Mezini. Detecting missing method calls in object-oriented software. In European Conference on Object-Oriented Programming (ECOOP), pages 2--25. Springer, 2010.

Digital Library

[27]

T. T. Nguyen, H. A. Nguyen, N. H. Pham, J. M. Al-Kofahi, and T. N. Nguyen. Graph-based mining of multiple object usage patterns. In European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE), pages 383--392. ACM, 2009.

Digital Library

[28]

M. Pradel, P. Bichsel, and T. R. Gross. A framework for the evaluation of specification miners based on finite state machines. In International Conference on Software Maintenance (ICSM), pages 1--10. IEEE, 2010.

Digital Library

[29]

M. Pradel and T. R. Gross. Automatic generation of object usage specifications from large method traces. In International Conference on Automated Software Engineering (ASE), pages 371--382. IEEE, 2009.

Digital Library

[30]

S. Shoham, E. Yahav, S. Fink, and M. Pistoia. Static specification mining using automata-based abstractions. In International Symposium on Software Testing and Analysis (ISSTA), pages 174--184. ACM, 2007.

Digital Library

[31]

S. Thummalapenta and T. Xie. Alattin: Mining alternative patterns for detecting neglected conditions. In International Conference on Automated Software Engineering (ASE), pages 283--294. IEEE, 2009.

Digital Library

[32]

S. Thummalapenta and T. Xie. Mining exception-handling rules as sequence association rules. In International Conference on Software Engineering (ICSE), pages 496--506. IEEE, 2009.

Digital Library

[33]

A. Wasylkowski and A. Zeller. Mining temporal specifications from object usage. In International Conference on Automated Software Engineering (ASE), pages 295--306. IEEE, 2009.

Digital Library

[34]

A. Wasylkowski, A. Zeller, and C. Lindig. Detecting object usage anomalies. In European Software Engineering Conference and Symposium on Foundations of Software Engineering (ESEC/FSE), pages 35--44. ACM, 2007.

Digital Library

[35]

J. Whaley, M. C. Martin, and M. S. Lam. Automatic extraction of object-oriented component interfaces. In Symposium on Software Testing and Analysis (ISSTA), pages 218--228. ACM, 2002.

Digital Library

Cited By

Harzevili NShin JWang JWang SNagappan N(2023)Automatic Static Vulnerability Detection for Machine Learning Libraries: Are We There Yet?2023 IEEE 34th International Symposium on Software Reliability Engineering (ISSRE)10.1109/ISSRE59848.2023.00042(795-806)Online publication date: 9-Oct-2023
https://doi.org/10.1109/ISSRE59848.2023.00042
Parasaram NBarr EMechtaev S(2023)Rete: Learning Namespace Representation for Program Repair2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE)10.1109/ICSE48619.2023.00112(1264-1276)Online publication date: May-2023
https://doi.org/10.1109/ICSE48619.2023.00112
Chen QLacomis JSchwartz ENeubig GVasilescu BLe Goues CDwyer MDamian DZeller A(2022)VarCLRProceedings of the 44th International Conference on Software Engineering10.1145/3510003.3510162(2327-2339)Online publication date: 21-May-2022
https://dl.acm.org/doi/10.1145/3510003.3510162
Show More Cited By

Index Terms

Detecting anomalies in the order of equally-typed method arguments
1. Social and professional topics
  1. Professional topics
    1. Management of computing and information systems
      1. Software management
        Software maintenance
2. Software and its engineering
  1. Software creation and management
    1. Software post-development issues
    2. Software verification and validation
      1. Software defect analysis
        Software testing and debugging

Recommendations

Detecting argument selection defects

Identifier names are often used by developers to convey additional information about the meaning of a program over and above the semantics of the programming language itself. We present an algorithm that uses this information to detect argument ...
Nomen est omen: exploring and exploiting similarities between argument and parameter names
ICSE '16: Proceedings of the 38th International Conference on Software Engineering

Programmer-provided identifier names convey information about the semantics of a program. This information can complement traditional program analyses in various software engineering tasks, such as bug finding, code completion, and documentation. Even ...
Name-Based Analysis of Equally Typed Method Arguments

When calling a method that requires multiple arguments, programmers must pass the arguments in the expected order. For statically typed languages, the compiler helps programmers by checking that the type of each argument matches the type of the formal ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ISSTA '11: Proceedings of the 2011 International Symposium on Software Testing and Analysis

July 2011

394 pages

ISBN:9781450305624

DOI:10.1145/2001420

General Chair:
Matthew Dwyer
University of Nebraska
,
Program Chair:
Frank Tip
IBM T.J. Watson Research Center

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSOFT: ACM Special Interest Group on Software Engineering

In-Cooperation

SIGPLAN: ACM Special Interest Group on Programming Languages

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 July 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Swiss National Science Foundation

Conference

ISSTA '11

Sponsor:

SIGSOFT

ISSTA '11: International Symposium on Software Testing and Analysis

July 17 - 21, 2011

Ontario, Toronto, Canada

Acceptance Rates

Overall Acceptance Rate 58 of 213 submissions, 27%

Upcoming Conference

ISSTA '25

Sponsor:
sigsoft

34th ACM SIGSOFT International Symposium on Software Testing and Analysis

June 25 - 28, 2025

Trondheim , Norway

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

28
Total Citations
View Citations
178
Total Downloads

Downloads (Last 12 months)4
Downloads (Last 6 weeks)0

Reflects downloads up to 18 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Harzevili NShin JWang JWang SNagappan N(2023)Automatic Static Vulnerability Detection for Machine Learning Libraries: Are We There Yet?2023 IEEE 34th International Symposium on Software Reliability Engineering (ISSRE)10.1109/ISSRE59848.2023.00042(795-806)Online publication date: 9-Oct-2023
https://doi.org/10.1109/ISSRE59848.2023.00042
Parasaram NBarr EMechtaev S(2023)Rete: Learning Namespace Representation for Program Repair2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE)10.1109/ICSE48619.2023.00112(1264-1276)Online publication date: May-2023
https://doi.org/10.1109/ICSE48619.2023.00112
Chen QLacomis JSchwartz ENeubig GVasilescu BLe Goues CDwyer MDamian DZeller A(2022)VarCLRProceedings of the 44th International Conference on Software Engineering10.1145/3510003.3510162(2327-2339)Online publication date: 21-May-2022
https://dl.acm.org/doi/10.1145/3510003.3510162
Jiang LLiu HJiang HZhang LMei H(2022)Heuristic and Neural Network Based Prediction of Project-Specific API Member AccessIEEE Transactions on Software Engineering10.1109/TSE.2020.301779448:4(1249-1267)Online publication date: 1-Apr-2022
https://doi.org/10.1109/TSE.2020.3017794
Namavar MNashid NMesbah A(2022)A controlled experiment of different code representations for learning-based program repairEmpirical Software Engineering10.1007/s10664-022-10223-527:7Online publication date: 1-Dec-2022
https://dl.acm.org/doi/10.1007/s10664-022-10223-5
He JLee CRaychev VVechev MFreund SYahav E(2021)Learning to find naming issues with big code and small supervisionProceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3453483.3454045(296-311)Online publication date: 19-Jun-2021
https://dl.acm.org/doi/10.1145/3453483.3454045
Wainakh YRauf MPradel M(2021)IdBenchProceedings of the 43rd International Conference on Software Engineering10.1109/ICSE43902.2021.00059(562-573)Online publication date: 22-May-2021
https://dl.acm.org/doi/10.1109/ICSE43902.2021.00059
Szalay RSinkovics ÁPorkoláb Z(2021)Practical heuristics to improve precision for erroneous function argument swapping detection in C and C++Journal of Systems and Software10.1016/j.jss.2021.111048181:COnline publication date: 1-Nov-2021
https://dl.acm.org/doi/10.1016/j.jss.2021.111048
Liu WChen BPeng XSun QZhao W(2021)Identifying change patterns of API misuses from code changesScience China Information Sciences10.1007/s11432-019-2745-564:3Online publication date: 7-Feb-2021
https://doi.org/10.1007/s11432-019-2745-5
Szalay RSinkovics APorkolab Z(2020)The Role of Implicit Conversions in Erroneous Function Argument Swapping in C++2020 IEEE 20th International Working Conference on Source Code Analysis and Manipulation (SCAM)10.1109/SCAM51674.2020.00028(203-214)Online publication date: Sep-2020
https://doi.org/10.1109/SCAM51674.2020.00028
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents