clustering static analysis defect reports to reduce
play

CLUSTERING STATIC ANALYSIS DEFECT REPORTS TO REDUCE MAINTENANCE - PowerPoint PPT Presentation

Mar 18, 2023 •293 likes •570 views

CLUSTERING STATIC ANALYSIS DEFECT REPORTS TO REDUCE MAINTENANCE COSTS Zachary P. Fry and Westley Weimer University of Virginia Static Analysis-based Bug Finders Use known-faulty semantic patterns to find suspected bugs statically

  1. CLUSTERING STATIC ANALYSIS DEFECT REPORTS TO REDUCE MAINTENANCE COSTS Zachary P. Fry and Westley Weimer University of Virginia

  2. Static Analysis-based Bug Finders • Use known-faulty semantic patterns to find suspected bugs statically • Generally with minimal human intervention • Valgrind, Fortify, SLAM, ConQAT, CodeSonar, PMD, Findbugs, Coverity SAVE, etc. • Influential in both academia and industry • Many academic tools spanning various languages • Coverity boasts over 300 employees and over 1,100 customers, with extremely high growth

  3. Static Analysis-based Bug Finders • Produce many defect reports in practice Program KLOC Reports Eclipse 3,618 4,345 Linux (sound) 420 869 Blender 996 827 GDB 1,689 827 MPlayer 845 500 • Difficult to adapt to particular styles or idioms • Regardless of true or false positives, groups of defect reports exhibit similarity in practice

  4. Structurally Similar Defects • Some defect reports are obviously similar or different • Some are not: printk(KERN_DEBUG "Receive CCP � if (!lp->master) � sidx = isdn_dc2minor(di, 1); � frame from peer slot(%d)", � qdisc_reset(lp->netdev-> � #ifdef ISDN_DEBUG_NET_ICALL � lp->ppp_slot); � dev.qdisc); � printk(KERN_DEBUG “n_fi:ch=0\n”); � if (lp->ppp_slot < 0 || � lp->dialstate = 0; � #endif � lp->ppp_slot > ISDN_MAX) { � dev->st_netdev[isdn_dc2minor( � � printk(KERN_ERR "%s: � lp->isdn_device � if (USG_NONE(dev->usage[sidx])){ � lp->ppp_slot (%d) out of � lp->isdn_channel) � if (dev->usage[sidx] & � range", _FUNCTION_, � � ] = NULL; ISDN_USAGE_EXCLUSIVE) { � lp->ppp_slot); � isdn_free_channel( � printk(KERN_DEBUG “n_fi: 2nd � return; � lp->isdn_device, � channel is down and bound\n”); � } � lp->isdn_channel, � if ((lp->pre_device == di) && � is = ippp_table[lp->ppp_slot]; � ISDN_USAGE_NET); � (lp->pre_channel == 1)) { � isdn_ppp_frame_log('ccp-rcv', � lp->flags &= � skb->data, skb->len, 32, � ISDN_NET_CONNECTED; �

  5. Determining Defect Report Similarity • Some defect reports are obviously similar or different • Some are not: printk(KERN_DEBUG "Receive CCP � if (!lp->master) � sidx = isdn_dc2minor(di, 1); � frame from peer slot(%d)", � qdisc_reset(lp->netdev-> � #ifdef ISDN_DEBUG_NET_ICALL � lp->ppp_slot); � dev.qdisc); � printk(KERN_DEBUG “n_fi:ch=0\n”); � if (lp->ppp_slot < 0 || � lp->dialstate = 0; � #endif � lp->ppp_slot > ISDN_MAX) { � dev->st_netdev[isdn_dc2minor( � � printk(KERN_ERR "%s: � lp->isdn_device � if (USG_NONE(dev->usage[sidx])){ � lp->ppp_slot (%d) out of � lp->isdn_channel) � if (dev->usage[sidx] & � range", _FUNCTION_, � � ] = NULL; ISDN_USAGE_EXCLUSIVE) { � lp->ppp_slot); � isdn_free_channel( � printk(KERN_DEBUG “n_fi: 2nd � return; � lp->isdn_device, � channel is down and bound\n”); � } � lp->isdn_channel, � if ((lp->pre_device == di) && � is = ippp_table[lp->ppp_slot]; � ISDN_USAGE_NET); � (lp->pre_channel == 1)) { � isdn_ppp_frame_log('ccp-rcv', � lp->flags &= � skb->data, skb->len, 32, � ISDN_NET_CONNECTED; �

  6. Determining Defect Report Similarity • Some defect reports are obviously similar or different • Some are not: printk(KERN_DEBUG "Receive CCP � if (!lp->master) � sidx = isdn_dc2minor(di, 1); � frame from peer slot(%d)", � qdisc_reset(lp->netdev-> � #ifdef ISDN_DEBUG_NET_ICALL � lp->ppp_slot); � dev.qdisc); � printk(KERN_DEBUG “n_fi:ch=0\n”); � if (lp->ppp_slot < 0 || � lp->dialstate = 0; � #endif � lp->ppp_slot > ISDN_MAX) { � dev->st_netdev[isdn_dc2minor( � � printk(KERN_ERR "%s: � lp->isdn_device � if (USG_NONE(dev->usage[sidx])){ � lp->ppp_slot (%d) out of � lp->isdn_channel) � if (dev->usage[sidx] & � range", _FUNCTION_, � � ] = NULL; ISDN_USAGE_EXCLUSIVE) { � lp->ppp_slot); � isdn_free_channel( � printk(KERN_DEBUG “n_fi: 2nd � return; � lp->isdn_device, � channel is down and bound\n”); � } � lp->isdn_channel, � if ((lp->pre_device == di) && � is = ippp_table[lp->ppp_slot]; � ISDN_USAGE_NET); � (lp->pre_channel == 1)) { � isdn_ppp_frame_log('ccp-rcv', � lp->flags &= � skb->data, skb->len, 32, � ISDN_NET_CONNECTED; �

  7. Determining Defect Report Similarity • Some defect reports are obviously similar or different • Some are not: printk(KERN_DEBUG "Receive CCP � if (!lp->master) � sidx = isdn_dc2minor(di, 1); � frame from peer slot(%d)", � qdisc_reset(lp->netdev-> � #ifdef ISDN_DEBUG_NET_ICALL � lp->ppp_slot); � dev.qdisc); � printk(KERN_DEBUG “n_fi:ch=0\n”); � if (lp->ppp_slot < 0 || � lp->dialstate = 0; � #endif � lp->ppp_slot > ISDN_MAX) { � dev->st_netdev[isdn_dc2minor( � � printk(KERN_ERR "%s: � lp->isdn_device � if (USG_NONE(dev->usage[sidx])){ � lp->ppp_slot (%d) out of � lp->isdn_channel) � if (dev->usage[sidx] & � range", _FUNCTION_, � � ] = NULL; ISDN_USAGE_EXCLUSIVE) { � lp->ppp_slot); � isdn_free_channel( � printk(KERN_DEBUG “n_fi: 2nd � return; � lp->isdn_device, � channel is down and bound\n”); � } � lp->isdn_channel, � if ((lp->pre_device == di) && � is = ippp_table[lp->ppp_slot]; � ISDN_USAGE_NET); � (lp->pre_channel == 1)) { � isdn_ppp_frame_log('ccp-rcv', � lp->flags &= � skb->data, skb->len, 32, � ISDN_NET_CONNECTED; �

  8. Goals • To both aid in triage of real defects and facilitate the elimination of false positives, we desire a technique for clustering automatically-generated, static analysis-based defect reports. • The technique should be flexible to meet the needs of different systems and development teams. • The resulting clusters should be more accurate than those produced by existing baselines and also congruent with human notions of related defect reports.

  9. High Level Approach R3 R1 R2 ✗ R1 x R2 ✗ R1 x R3 ✓ R2 x R3

  10. High Level Approach R3 R1 R2 Clustering ✗ R1 x R2 1 3 ✗ R1 x R3 2 ✓ R2 x R3

  11. High Level Approach R3 R1 R2 Clustering ✗ R1 x R2 C1: {R1} 1 3 ✗ R1 x R3 C2: {R2,R3} 2 ✓ R2 x R3

  12. Approach – Types of Information • Gathered or synthesized from structured defect reports • Type of defect • Suspected faulty line • Set of lines on static execution path to suspected fault • The enclosing function of the suspected fault • Three-line window of context around faulty line • Macros • File system path of suspected faulty file • Additional meta-information • These categories conform to many state-of-the- art static analysis tools’ output format • For instance, Coverity’s SAVE tool and Findbugs

  13. Approach – Types of Similarity Metrics • Structured Similarity Metrics • Exact equality Component comp = myGraph.subcomponent(size, false); � Component comp = g.subcomponent(getSize(), false); �

  14. Approach – Types of Similarity Metrics • Structured Similarity Metrics • Exact equality • Strict pair-wise comparison Component comp = myGraph.subcomponent(size, false); � Component comp = g.subcomponent(getSize(), false); �

  15. Approach – Types of Similarity Metrics • Structured Similarity Metrics • Exact equality • Strict pair-wise comparison • Levenshtein edit distance Component comp = myGraph.subcomponent(size, false); � Component comp = g.subcomponent(getSize(), false); �

  16. Approach – Types of Similarity Metrics • Structured Similarity Metrics • Exact equality • Strict pair-wise comparison • Levenshtein edit distance • TF-IDF Component comp = myGraph.subcomponent(size, false); � Component comp = g.subcomponent(getSize(), false); �

  17. Approach – Types of Similarity Metrics • Structured Similarity Metrics • Exact equality • Strict pair-wise comparison • Levenshtein edit distance • TF-IDF • Largest common pair-wise prefix Component comp = myGraph.subcomponent(size, false); � Component comp = g.subcomponent(getSize(), false); �

  18. Approach – Types of Similarity Metrics • Structured Similarity Metrics • Exact equality • Strict pair-wise comparison • Levenshtein edit distance • TF-IDF • Largest common pair-wise prefix • Punctuation edit distance Component comp = myGraph.subcomponent(size, false); � Component comp = g.subcomponent(getSize(), false); �

  19. Approach – Similarity and Clusters • Learn a linear regression model for all relevant information-metric pairs with similarity cutoff • Traditional clustering (e.g. k-medoid) assumes equal feature weights and real-valued properties measured for individual entities • Recursively find maximum cliques (clusters) and remove them from similarity graph R4 R6 R11 R1 R8 R10 R3 R7 R9 R5 R2 R12

  20. Evaluation • Research Questions 1. How effective is our technique at accurately clustering automatically-generated defect reports? 2. Does our approach outperform existing baseline techniques? 3. Do humans agree with the clusters produced by our technique?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A Comparative Analysis of the Efficiency of Change Metrics and Static Code Attributes for Defect

A Comparative Analysis of the Efficiency of Change Metrics and Static Code Attributes for Defect

A Comparative Analysis of the Efficiency of Change Metrics and Static Code Attributes for Defect Prediction Raimund Moser, Witold Pedrycz, Giancarlo Succi ICSE 08 Andres Bhlmann, April 2009 What is it about? Change Metrics + Change Metrics

453 views • 23 slides
Defect Removal Metrics September 30, 2004 Swami Natarajan RIT Software Engineering Defect

Defect Removal Metrics September 30, 2004 Swami Natarajan RIT Software Engineering Defect

Defect Removal Metrics September 30, 2004 Swami Natarajan RIT Software Engineering Defect removal metrics: concepts All defect removal metrics computed from the measurements identified last time Inspection reports, test reports,

279 views • 26 slides
Circuit Analysis and Defect Characteristics Estimation Method Using Bimodal Defect-Centric Random

Circuit Analysis and Defect Characteristics Estimation Method Using Bimodal Defect-Centric Random

Circuit Analysis and Defect Characteristics Estimation Method Using Bimodal Defect-Centric Random Telegraph Noise Model March 17, 2016 TAU 2017 Michitarou Yabuuchi (Renesas System Design Co., Ltd.), Azusa Oshima, Takuya Komawaki, Ryo Kishida,

429 views • 21 slides
Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting

Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting

Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting insights at compile time Full branch coverage Terminates Doesnt rely on a test suite Types are static analysis. Lets talk about

784 views • 39 slides
Bi-clustering and co-clustering Going further in cluster analysis and classifjcation: publics ou

Bi-clustering and co-clustering Going further in cluster analysis and classifjcation: publics ou

HAL Id: hal-01810380 manant des tablissements denseignement et de Summer School on Clustering, Data Analysis and Visualization of Complex Data, May 2018, Catania, Going further in cluster analysis and classifjcation: Bi-clustering and

1.23k views • 67 slides
Learning a Variable-Clustering Strategy for Octagon from Labeled Data Generated by a Static

Learning a Variable-Clustering Strategy for Octagon from Labeled Data Generated by a Static

1 Learning a Variable-Clustering Strategy for Octagon from Labeled Data Generated by a Static Analysis Kihong Heo 1 , Hakjoo Oh 2 , Hongseok Yang 3 Seoul National University 1 Korea University 2 University of Oxford 3 SAS 2016 @Edinburgh 2

823 views • 32 slides
Static Analysis for Secure Development Introduction Static analysis : What , and why ?

Static Analysis for Secure Development Introduction Static analysis : What , and why ?

Static Analysis for Secure Development Introduction Static analysis : What , and why ? Basic analysis ! Example : Flow analysis ! Increasing precision ! Context -, flow -, and path sensitivity Scaling it up !

527 views • 27 slides
1 Analysis Information Where Do Facts Hold? How much information depends on the client

1 Analysis Information Where Do Facts Hold? How much information depends on the client

711? CS711 Advanced Programming Languages Topics in Program Analysis Radu Rugina Fall 2005 CS711 Overview 2 Program Analysis Static vs. Dynamic Static analysis: inspect programs at compile-time Static analysis: Work done at

282 views • 4 slides
A Brief Introduction to Static Analysis Sam Blackshear March 13, 2012 Outline A theoretical

A Brief Introduction to Static Analysis Sam Blackshear March 13, 2012 Outline A theoretical

A Brief Introduction to Static Analysis Sam Blackshear March 13, 2012 Outline A theoretical problem and how to ignore it An example static analysis What is static analysis used for? Commercial successes Free static analysis tools you should

488 views • 37 slides
Static Analysis Static Analysis they are read? Will the current value of a variable ever be

Static Analysis Static Analysis they are read? Will the current value of a variable ever be

Interesting Questions Interesting Questions Is every statement reachable? Does every non- void method return a value? Compilation 2007 Compilation 2007 Will local variables definitely be assigned before Static Analysis Static

169 views • 13 slides
PAC-Bayesian Analysis of Co-clustering, Graph Clustering and Pairwise Clustering Yevgeny Seldin

PAC-Bayesian Analysis of Co-clustering, Graph Clustering and Pairwise Clustering Yevgeny Seldin

PAC-Bayesian Analysis of Co-clustering, Graph Clustering and Pairwise Clustering Yevgeny Seldin Motivation Example Clustering cannot be analyzed without specifying what it will be used for! be used for! Example Cluster then pack

293 views • 28 slides
Static and dynamic verification Software inspections Concerned with analysis of the static

Static and dynamic verification Software inspections Concerned with analysis of the static

1 Static and dynamic verification Software inspections Concerned with analysis of the static system representation to discover problems (static verification) May be supplement by tool-based document and code analysis Software

430 views • 12 slides
1 K-means clustering The K-means clustering algorithm can be seen as applying the EM algorithm to

1 K-means clustering The K-means clustering algorithm can be seen as applying the EM algorithm to

Statistical Modeling and Analysis of Neural Data (NEU 560) Princeton University, Spring 2018 Jonathan Pillow Lecture 18 notes: K-means and Factor Analysis Tues, 4.17 1 K-means clustering The K-means clustering algorithm can be seen as

547 views • 3 slides
Clustering and Dimensionality Reduction Preview Clustering K -means clustering

Clustering and Dimensionality Reduction Preview Clustering K -means clustering

Clustering and Dimensionality Reduction Preview Clustering K -means clustering Mixture models Hierarchical clustering Dimensionality reduction Principal component analysis Multidimensional scaling Isomap

1.61k views • 17 slides
Static vs. Dynamic Analysis Static analysis: analyze source code or byte code Imprecise

Static vs. Dynamic Analysis Static analysis: analyze source code or byte code Imprecise

I NTELLI D ROID A Targeted Input Generator for the Dynamic Analysis of Android Malware Michelle Y. Wong and David Lie University of Toronto Department of Electrical and Computer Engineering NDSS Symposium 2016 ! ! ! B ACKGROUND Static vs.

1.02k views • 32 slides
Static analysis and all that Martin Steffen IfI UiO Spring 2014 Static analysis and all that

Static analysis and all that Martin Steffen IfI UiO Spring 2014 Static analysis and all that

Static analysis and all that Martin Steffen IfI UiO Spring 2014 Static analysis and all that Martin Steffen IfI UiO Spring 2014 Plan approx. 15 lectures, details see web-page flexible time-schedule, depending on progress/interest

2.15k views • 194 slides
PA PACE Programming Languages, Architecture and Compilers Education Laboratory Heap analysis

PA PACE Programming Languages, Architecture and Compilers Education Laboratory Heap analysis

Compare Less, Defer More Scaling Value-Contexts Based Whole-Program Heap Analyses Manas Thakur and V Krishna Nandivada CC 2019 PA PACE Programming Languages, Architecture and Compilers Education Laboratory Heap analysis Any analysis that

1.12k views • 78 slides
Analyzing the Scalability of Managed Language Applications with Speedup Stacks Jennifer B.

Analyzing the Scalability of Managed Language Applications with Speedup Stacks Jennifer B.

Analyzing the Scalability of Managed Language Applications with Speedup Stacks Jennifer B. Sartor Kristof Du Bois Stijn Eyerman Lieven Eeckhout Understanding Scalability Problems n Multicore n Managed languages l Service threads Speedup

709 views • 24 slides
Performance Measurement &amp; Data Committee August 13, 2018 Meeting Agenda 10:30 10:40

Performance Measurement &amp; Data Committee August 13, 2018 Meeting Agenda 10:30 10:40

The Accountable Community of Health for King County Performance Measurement &amp; Data Committee August 13, 2018 Meeting Agenda 10:30 10:40 Welcome and Introductions Mattie Osborn, Amerigroup 10:40 10:55 HealthierHere Update Thuy

443 views • 25 slides
Webinar: Attachment 7 Refresh Workgroup Update September 24, 2019 AGENDA Time Topic Presenter

Webinar: Attachment 7 Refresh Workgroup Update September 24, 2019 AGENDA Time Topic Presenter

Webinar: Attachment 7 Refresh Workgroup Update September 24, 2019 AGENDA Time Topic Presenter 10:00-10:05 Welcome and Introductions Thai Review Timeline Workgroup Participants Role and Responsibilities Thai 10:05-10:20 Overview of

401 views • 10 slides
On the Phenomenon of Drifting Subpulses Dipanjan Mitra Visiting at Univ. Of Vermont From: NCRA,

On the Phenomenon of Drifting Subpulses Dipanjan Mitra Visiting at Univ. Of Vermont From: NCRA,

On the Phenomenon of Drifting Subpulses Dipanjan Mitra Visiting at Univ. Of Vermont From: NCRA, TIFR 7 th June 2016, The Physics of Pulsar Magnetosphere Workshop, NASA Goddard The Phenomenon MODING NULLING DRIFTING The Phenomenon f 3 = 1/ p

750 views • 25 slides
JRA1 T2, Photonic Services What has been done SKALAT MAR RNAR RSTA NEMA RA VEL KUNNI.

JRA1 T2, Photonic Services What has been done SKALAT MAR RNAR RSTA NEMA RA VEL KUNNI.

JRA1 T2, Photonic Services What has been done SKALAT MAR RNAR RSTA NEMA RA VEL KUNNI. Joint JRA1 T1 &amp; T2 workshop Kbenhavn, Denmark 2012, November 20-21 Jan Radil, Josef Vojtch, Pavel koda , Stanislav ma

484 views • 31 slides
Lu Fang, University of California, Irvine Liang Dou, East China Normal University Harry Xu,

Lu Fang, University of California, Irvine Liang Dou, East China Normal University Harry Xu,

Lu Fang, University of California, Irvine Liang Dou, East China Normal University Harry Xu, University of California, Irvine 2015-07-09 Inefficient code regions [G. Jin et al. PLDI 2012] Inefficient code regions [G. Jin et al. PLDI

845 views • 47 slides
Financial Crypto and Data Security Mar. 3, 2011 Mercury: Recovering Forgotten Passwords Using

Financial Crypto and Data Security Mar. 3, 2011 Mercury: Recovering Forgotten Passwords Using

Financial Crypto and Data Security Mar. 3, 2011 Mercury: Recovering Forgotten Passwords Using Personal Devices M. Mannan NSERC PDF, University of Toronto m.mannan@utoronto.ca Collaborators: D. Barrera, C.D. Brown, D. Lie, P.C. van Oorschot

483 views • 24 slides

More recommend