Learning to Detect and Localize Multilingual Bugs
Authors: 
Haoran Yang, Yu Nong, Tao Zhang, Xiapu Luo, 
Haipeng CaiAuthors Info & Claims
Haoran Yang, Yu Nong, Tao Zhang, Xiapu Luo, Haipeng CaiAuthors Info & ClaimsArticle No.: 97, Pages 2190 - 2213
Abstract
Increasing studies have shown bugs in multi-language software as a critical loophole in modern software quality assurance, especially those induced by language interactions (i.e., multilingual bugs). Yet existing tool support for bug detection/localization remains largely limited to single-language software, despite the long-standing prevalence of multi-language systems in various real-world software domains. Extant static/dynamic analysis and deep learning (DL) based approaches all face major challenges in addressing multilingual bugs. In this paper, we present xLoc, a DL-based technique/tool for detecting and localizing multilingual bugs. Motivated by results of our bug-characteristics study on top locations of multilingual bugs, xLoc first learns the general knowledge relevant to differentiating various multilingual control-flow structures. This is achieved by pre-training a Transformer model with customized position encoding against novel objectives. Then, xLoc learns task-specific knowledge for the task of multilingual bug detection/localization, through another new position encoding scheme (based on cross-language API vicinity) that allows for the model to attend particularly to control-flow constructs that bear most multilingual bugs during fine-tuning. We have implemented xLoc for Python-C software and curated a dataset of 3,770 buggy and 15,884 non-buggy Python-C samples, which enabled our extensive evaluation of xLoc against two state-of-the-art baselines: fine-tuned CodeT5 and zero-shot ChatGPT. Our results show that xLoc achieved 94.98% F1 and 87.24%@Top-1 accuracy, which are significantly (up to 162.88% and 511.75%) higher than the baselines. Ablation studies further confirmed significant contributions of each of the novel design elements in xLoc. With respective bug-location characteristics and labeled bug datasets for fine-tuning, our design may be applied to other language combinations beyond Python-C.
References
[1]
Mouna Abidi, Manel Grichi, and Foutse Khomh. 2019. Behind the scenes: developers’ perception of multi-language practices. In Annual International Conference on Computer Science and Software Engineering. 72–81.
[2]
Mouna Abidi, Md Saidur Rahman, Moses Openja, and Foutse Khomh. 2021. Are multi-language design smells fault-prone? an empirical study. ACM Transactions on Software Engineering and Methodology (TOSEM), 30, 3 (2021), 1–56. https://doi.org/10.1145/3432690
[3]
Mayank Agarwal, Yikang Shen, Bailin Wang, Yoon Kim, and Jie Chen. 2024. Structured code representations enable data-efficient adaptation of code language models. arXiv preprint arXiv:2401.10716, 1–18. https://doi.org/10.48550/arXiv.2401.10716
[4]
Sora Bae, Sungho Lee, and Sukyoung Ryu. 2019. Towards understanding and reasoning about Android interoperations. In IEEE/ACM International Conference on Software Engineering (ICSE). 223–233. https://doi.org/10.1109/ICSE.2019.00038
[5]
Junyang Bai, Weiping Wang, Yan Qin, Shigeng Zhang, Jianxin Wang, and Yi Pan. 2018. BridgeTaint: a bi-directional dynamic taint tracking method for JavaScript bridges in Android hybrid applications. IEEE Transactions on Information Forensics and Security, 14, 3 (2018), 677–692. https://doi.org/10.1109/TIFS.2018.2855650
[6]
Emery D Berger, Celeste Hollenbeck, Petr Maj, Olga Vitek, and Jan Vitek. 2019. On the impact of programming languages on code quality: A reproduction study. ACM Transactions on Programming Languages and Systems (TOPLAS), 41, 4 (2019), 1–24. https://doi.org/10.1145/3340571
[7]
David Binkley, Nicolas Gold, Mark Harman, Syed Islam, Jens Krinke, and Shin Yoo. 2014. ORBS: Language-independent program slicing. In ACM SIGSOFT International Symposium on Foundations of Software Engineering. 109–120. https://doi.org/10.1145/2635868.2635893
[8]
Tegawendé F Bissyandé, Ferdian Thung, David Lo, Lingxiao Jiang, and Laurent Réveillère. 2013. Popularity, interoperability, and impact of programming languages in 100,000 open source projects. In Annual Computer Software and Applications Conference. 303–312. https://doi.org/10.1109/COMPSAC.2013.55
[9]
Robert Bradshaw, Stefan Behnel, and Dag Sverre Seljebotn. 2023. Cython: The Cython compiler for writing C extensions for the Python language. https://github.com/cython/cython GitHub repository
[10]
Haipeng Cai, Yu Nong, Yuzhe Ou, and Feng Chen. 2023. Generating vulnerable code via learning-based program transformations. In AI Embedded Assurance for Cyber Systems. Springer, 123–138. https://doi.org/10.1007/978-3-031-42637-7_7
[11]
Yaofei Chen, Rose Dios, Ali Mili, Lan Wu, and Kefei Wang. 2005. An empirical study of programming language trends. IEEE Software, 22, 3 (2005), 72–79. https://doi.org/10.1109/MS.2005.55
[12]
KR1442 Chowdhary and KR Chowdhary. 2020. Natural language processing. Fundamentals of Artificial Intelligence, 603–649. https://doi.org/10.1007/978-81-322-3972-7_19
[13]
Daniel P Delorey, Charles D Knutson, and Christophe Giraud-Carrier. 2007. Programming language trends in open source development: An evaluation using data from all production phase sourceforge projects. In Second International Workshop on Public Data about Software Development (WoPDaSD’07). 1–5.
[14]
Sung Ta Dinh, Haehyun Cho, Kyle Martin, Adam Oest, Kyle Zeng, Alexandros Kapravelos, Gail-Joon Ahn, Tiffany Bao, Ruoyu Wang, and Adam Doupé. 2021. Favocado: fuzzing the binding code of JavaScript engines using semantically correct test cases. In NDSS. https://doi.org/10.14722/ndss.2021.24224
[15]
Alessandro Fin, Franco Fummi, and Graziano Pravadelli. 2001. Amleto: A multi-language environment for functional test generation. In Proceedings International Test Conference. 821–829. https://doi.org/10.1109/TEST.2001.966704
[16]
Python Software Foundation and contributors. 2023. cpython: The Python programming language. https://github.com/python/cpython/ GitHub repository
[17]
José Fragoso Santos, Petar Maksimović, Sacha-Élie Ayoun, and Philippa Gardner. 2020. Gillian, Part I: a multi-language platform for symbolic execution. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation. 927–942. https://doi.org/10.1145/3385412.3386014
[18]
Michael Fu and Chakkrit Tantithamthavorn. 2022. LineVul: a transformer-based line-level vulnerability prediction. In International Conference on Mining Software Repositories. 608–620. https://doi.org/10.1145/3524842.3528452
[19]
Kovid Goyal. 2023. kitty: A cross-platform, fast, feature-rich, GPU based terminal emulator. https://github.com/kovidgoyal/kitty GitHub repository
[20]
Manel Grichi, Mouna Abidi, Fehmi Jaafar, Ellis E Eghan, and Bram Adams. 2020. On the impact of interlanguage dependencies in multilanguage systems empirical case study on Java native interface applications (JNI). IEEE Transactions on Reliability, 70, 1 (2020), 428–440. https://doi.org/10.1109/TR.2020.3024873
[21]
Manel Grichi, Ellis E Eghan, and Bram Adams. 2020. On the impact of multi-language development in machine learning frameworks. In IEEE International Conference on Software Maintenance and Evolution (ICSME). 546–556. https://doi.org/10.1109/ICSME46990.2020.00058
[22]
Alex Groce, Josie Holmes, Darko Marinov, August Shi, and Lingming Zhang. 2018. An extensible, regular-expression-based tool for multi-language mutant generation. In IEEE/ACM International Conference on Software Engineering: Companion (ICSE-Companion). 25–28. https://doi.org/10.1145/3183440.3183485
[23]
Charles R. Harris, K. Jarrod Millman, Stéfan J van der Walt, Ralf Gommers, Pauli Virtanen, David Cournapeau, Eric Wieser, Julian Taylor, Sebastian Berg, Nathaniel J. Smith, Robert Kern, Matti Picus, Stephan Hoyer, Marten H. van Kerkwijk, Matthew Brett, Allan Haldane, Jaime Fernández del Río, Mark Wiebe, Pearu Peterson, Pierre Gérard-Marchant, Kevin Sheppard, Tyler Reddy, Warren Weckesser, Hameer Abbasi, Christoph Gohlke, and Travis E. Oliphant. 2020. Array programming with NumPy. Nature, 585 (2020), 357–362. https://doi.org/10.1038/s41586-020-2649-2
[24]
Sungjae Hwang, Sungho Lee, Jihoon Kim, and Sukyoung Ryu. 2021. JustGen: effective test generation for unspecified JNI behaviors on JVMs. In IEEE/ACM International Conference on Software Engineering (ICSE). 1708–1718. https://doi.org/10.1109/ICSE43902.2021.00151
[25]
Capers Jones. 2010. Software engineering best practices: lessons from successful projects in the top companies. McGraw-Hill Education.
[26]
Pavneet Singh Kochhar, Dinusha Wijedasa, and David Lo. 2016. A large scale study of multiple programming languages and code quality. In International Conference on Software Analysis, Evolution, and Reengineering (SANER). 1, 563–573. https://doi.org/10.1109/SANER.2016.112
[27]
Yiğit Küçük, Tim AD Henderson, and Andy Podgurski. 2021. Improving fault localization by integrating value and predicate based causal inference techniques. In IEEE/ACM International Conference on Software Engineering (ICSE). 649–660. https://doi.org/10.1109/ICSE43902.2021.00066
[28]
Hung Le, Yue Wang, Akhilesh Deepak Gotmare, Silvio Savarese, and Steven Chu Hong Hoi. 2022. Coderl: Mastering code generation through pretrained models and deep reinforcement learning. Advances in Neural Information Processing Systems, 35 (2022), 21314–21328. https://doi.org/10.48550/arXiv.2207.01780
[29]
Sungho Lee, Hyogun Lee, and Sukyoung Ryu. 2020. Broadening horizons of multilingual static analysis: Semantic summary extraction from c code for JNI program analysis. In IEEE/ACM International Conference on Automated Software Engineering. 127–137. https://doi.org/10.1145/3324884.3416558
[30]
Wen Li, Ming Jiang, Xiapu Luo, and Haipeng Cai. 2022. PolyCruise: A cross-language dynamic information flow analysis. In 31st USENIX Security Symposium (USENIX Security 22). 2513–2530.
[31]
Wen Li, Li Li, and Haipeng Cai. 2022. On the vulnerability proneness of multilingual code. In ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE). 847–859. https://doi.org/10.1145/3540250.3549173
[32]
Wen Li, Li Li, and Haipeng Cai. 2022. PolyFax: A toolkit for characterizing multi-language software. In ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE). 1662–1666. https://doi.org/10.1145/3540250.3558925
[33]
Wen Li, Austin Marino, Haoran Yang, Na Meng, Li Li, and Haipeng Cai. 2024. How are multilingual systems constructed: Characterizing language use and selection in open-source multilingual software. ACM Transactions on Software Engineering and Methodology, 33, 3 (2024), 1–46. https://doi.org/10.1145/3631967
[34]
Wen Li, Na Meng, Li Li, and Haipeng Cai. 2021. Understanding language selection in multi-language software projects on GitHub. In IEEE/ACM International Conference on Software Engineering: Companion Proceedings (ICSE-Companion). 256–257. https://doi.org/10.1109/ICSE-Companion52605.2021.00119
[35]
Wen Li, Jinyang Ruan, Guangbei Yi, Long Cheng, Xiapu Luo, and Haipeng Cai. 2023. PolyFuzz: Holistic greybox fuzzing of multi-language systems. In 32nd USENIX Security Symposium (USENIX Security 23). 1379–1396.
[36]
Xia Li, Wei Li, Yuqun Zhang, and Lingming Zhang. 2019. DeepFL: Integrating multiple fault diagnosis dimensions for deep fault localization. In ACM SIGSOFT international symposium on software testing and analysis. 169–180. https://doi.org/10.1145/3339068
[37]
Yi Li, Shaohua Wang, and Tien Nguyen. 2021. Fault localization with code coverage representation learning. In International Conference on Software Engineering (ICSE). 661–673. https://doi.org/10.1109/ICSE43902.2021.00067
[38]
Yi Li, Shaohua Wang, and Tien N Nguyen. 2022. Fault localization to detect co-change fixing locations. In ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 659–671. https://doi.org/10.1145/3540250.3549137
[39]
Yi Li, Shaohua Wang, Tien N Nguyen, and Son Van Nguyen. 2019. Improving bug detection via context-based code representation learning and attention-based neural networks. Proceedings of the ACM on Programming Languages, 3, OOPSLA (2019), 1–30. https://doi.org/10.1145/3360588
[40]
Zewen Li, Fan Liu, Wenjie Yang, Shouheng Peng, and Jun Zhou. 2021. A survey of convolutional neural networks: analysis, applications, and prospects. IEEE Transactions on Neural Networks and Learning Systems, 6999–7019. https://doi.org/10.1109/TNNLS.2021.3084827
[41]
Linus Eriksson. 2022. Tree-Sitter. https://github.com/tree-sitter/tree-sitter
[42]
Baozheng Liu, Chao Zhang, Guang Gong, Yishun Zeng, Haifeng Ruan, and Jianwei Zhuge. 2020. FANS: Fuzzing Android native system services via automated interface analysis. In USENIX Security Symposium. 307–323.
[43]
Chao Liu, Cuiyun Gao, Xin Xia, David Lo, John Grundy, and Xiaohu Yang. 2021. On the reproducibility and replicability of deep learning in software engineering. ACM Transactions on Software Engineering and Methodology (TOSEM), 31, 1 (2021), 1–46. https://doi.org/10.1145/3477535
[44]
Yiling Lou, Qihao Zhu, Jinhao Dong, Xia Li, Zeyu Sun, Dan Hao, Lu Zhang, and Lingming Zhang. 2021. Boosting coverage-based fault localization via graph-based representation learning. In ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 664–676. https://doi.org/10.1145/3468264.3468580
[45]
Philip Mayer and Alexander Bauer. 2015. An empirical analysis of the utilization of multiple programming languages in open source projects. In International Conference on Evaluation and Assessment in Software Engineering. 1–10. https://doi.org/10.1145/2745802.2745805
[46]
Philip Mayer, Michael Kirsch, and Minh Anh Le. 2017. On multi-language software development, cross-language links and accompanying tools: a survey of professional software developers. Journal of Software Engineering Research and Development, 5, 1 (2017), 1. https://doi.org/10.1186/s40411-017-0035-z
[47]
Larry Medsker and Lakhmi C Jain. 1999. Recurrent neural networks: design and applications. CRC press.
[48]
Xiangxin Meng, Xu Wang, Hongyu Zhang, Hailong Sun, and Xudong Liu. 2022. Improving fault localization and program repair with deep semantic features and transferred knowledge. In International Conference on Software Engineering. 1169–1180. https://doi.org/10.1145/3510003.3510147
[49]
Leo A Meyerovich and Ariel S Rabkin. 2013. Empirical analysis of programming language adoption. In ACM SIGPLAN International Conference on Object Oriented Programming Systems Languages & Applications (OOPSLA). 1–18. https://doi.org/10.1145/2509136.2509515
[50]
Changan Niu, Chuanyi Li, Vincent Ng, Jidong Ge, Liguo Huang, and Bin Luo. 2022. SPT-code: sequence-to-sequence pre-training for learning source code representations. In International Conference on Software Engineering. 2006–2018. https://doi.org/10.1145/3510003.3510096
[51]
Yu Nong, Richard Fang, Guangbei Yi, Kunsong Zhao, Xiapu Luo, Feng Chen, and Haipeng Cai. 2024. VGX: Large-scale sample generation for boosting learning-based software vulnerability analyses. In IEEE/ACM International Conference on Software Engineering (ICSE). Article 149, 13 pages. https://doi.org/10.1145/3597503.3639116
[52]
Yu Nong, Yuzhe Ou, Michael Pradel, Feng Chen, and Haipeng Cai. 2022. Generating realistic vulnerabilities via neural code editing: an empirical study. In ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 1097–1109. https://doi.org/10.1145/3540250.3549128
[53]
Yu Nong, Yuzhe Ou, Michael Pradel, Feng Chen, and Haipeng Cai. 2023. VulGen: Realistic vulnerability generation via pattern mining and deep learning. In IEEE/ACM International Conference on Software Engineering (ICSE). 2527–2539. https://doi.org/10.1109/ICSE48619.2023.00211
[54]
OpenAI. 2019. ChatGPT: A Large-Scale Generative Model. https://openai.com/research/chatgpt Accessed: 9/12/2023
[55]
Jihee Park, Sungho Lee, Jaemin Hong, and Sukyoung Ryu. 2023. Static analysis of JNI programs via binary decompilation. IEEE Transactions on Software Engineering, 49, 5 (2023), 3089–3105. https://doi.org/10.1109/TSE.2023.3241639
[56]
Hammond Pearce, Benjamin Tan, Baleegh Ahmad, Ramesh Karri, and Brendan Dolan-Gavitt. 2023. Examining zero-shot vulnerability repair with large language models. In IEEE Symposium on Security and Privacy (SP). 2339–2356. https://doi.org/10.1109/SP46215.2023.10179420
[57]
Han Peng, Ge Li, Wenhan Wang, Yunfei Zhao, and Zhi Jin. 2021. Integrating tree path in transformer for code representation. Advances in Neural Information Processing Systems, 34 (2021), 9343–9354.
[58]
Ruchir Puri, David S Kung, Geert Janssen, Wei Zhang, Giacomo Domeniconi, Vladimir Zolotov, Julian Dolby, Jie Chen, Mihir Choudhury, and Lindsey Decker. 2021. CodeNet: A large-scale AI for code dataset for learning a diversity of coding tasks. arXiv preprint arXiv:2105.12655, 1–22. https://doi.org/10.48550/arXiv.2105.12655
[59]
Baishakhi Ray, Daryl Posnett, Vladimir Filkov, and Premkumar Devanbu. 2014. A large scale study of programming languages and code quality in GitHub. In ACM SIGSOFT International Symposium on Foundations of Software Engineering. 155–165. https://doi.org/10.1145/3126905
[60]
Peter Shaw, Jakob Uszkoreit, and Ashish Vaswani. 2018. Self-attention with relative position representations. arXiv preprint arXiv:1803.02155, https://doi.org/10.48550/arXiv.1803.02155
[61]
Zeyu Sun, Qihao Zhu, Yingfei Xiong, Yican Sun, Lili Mou, and Lu Zhang. 2020. Treegen: A tree-based transformer architecture for code generation. In AAAI Conference on Artificial Intelligence. 34, 8984–8991. https://doi.org/10.1609/aaai.v34i05.6430
[62]
Federico Tomassetti and Marco Torchiano. 2014. An empirical assessment of polyglot-ism in GitHub. In International Conference on Evaluation and Assessment in Software Engineering. 1–4. https://doi.org/10.1145/2601248.2601269
[63]
Sergi Valverde and Ricard V Solé. 2015. Punctuated equilibrium in the large-scale evolution of programming languages. Journal of The Royal Society Interface, 12, 107 (2015), 20150249. https://doi.org/10.1098/rsif.2015.0249
[64]
Bogdan Vasilescu, Alexander Serebrenik, and Mark GJ van den Brand. 2013. The Babel of software development: Linguistic diversity in Open Source. In International Conference on Social Informatics. 391–404. https://doi.org/10.1007/978-3-319-03260-3_34
[65]
Ashish Vaswani, Noam Shazeer, Niki Parmar, Jakob Uszkoreit, Llion Jones, Aidan N Gomez, Ł ukasz Kaiser, and Illia Polosukhin. 2017. Attention is all you need. Advances in Neural Information Processing Systems, 30 (2017), 1–15. https://doi.org/10.48550/arXiv.1706.03762
[66]
Pauli Virtanen, Ralf Gommers, Travis E. Oliphant, Matt Haberland, Tyler Reddy, David Cournapeau, Evgeni Burovski, Pearu Peterson, Warren Weckesser, Jonathan Bright, Stéfan J. van der Walt, Matthew Brett, Joshua Wilson, K. Jarrod Millman, Nikolay Mayorov, Andrew R. J. Nelson, Eric Jones, Robert Kern, Eric Larson, C J Carey, İlhan Polat, Yu Feng, Eric W. Moore, Jake VanderPlas, Denis Laxalde, Josef Perktold, Robert Cimrman, Ian Henriksen, E. A. Quintero, Charles R. Harris, Anne M. Archibald, Antônio H. Ribeiro, Fabian Pedregosa, Paul van Mulbregt, and SciPy 1.0 Contributors. 2020. SciPy 1.0: Fundamental Algorithms for Scientific Computing in Python. Nature Methods, 17 (2020), 261–272. https://doi.org/10.1038/s41592-019-0686-2
[67]
Weishi Wang, Yue Wang, Shafiq Joty, and Steven CH Hoi. 2023. RAP-Gen: retrieval-augmented patch generation with CodeT5 for automatic program repair. In ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 146–158. https://doi.org/10.1145/3611643.3616256
[68]
Yue Wang, Weishi Wang, Shafiq Joty, and Steven C.H. Hoi. 2021. CodeT5: Identifier-aware unified pre-trained encoder-decoder models for code understanding and generation. In Conference on Empirical Methods in Natural Language Processing. 8696–8708. https://doi.org/10.18653/v1/2021.emnlp-main.685
[69]
Cody Watson, Nathan Cooper, David Nader Palacio, Kevin Moran, and Denys Poshyvanyk. 2022. A systematic literature review on the use of deep learning in software engineering research. ACM Transactions on Software Engineering and Methodology (TOSEM), 31, 2 (2022), 1–58. https://doi.org/10.1145/3485275
[70]
Fengguo Wei, Xingwei Lin, Xinming Ou, Ting Chen, and Xiaosong Zhang. 2018. JN-SAF: Precise and efficient ndk/jni-aware inter-language static analysis framework for security vetting of Android applications with native code. In ACM SIGSAC Conference on Computer and Communications Security. 1137–1150. https://doi.org/10.1145/3243734.3243835
[71]
Thomas Wolf, Lysandre Debut, Victor Sanh, Julien Chaumond, Clement Delangue, Anthony Moi, Pierric Cistac, Tim Rault, Remi Louf, Morgan Funtowicz, Joe Davison, Sam Shleifer, Patrick von Platen, Clara Ma, Yacine Jernite, Julien Plu, Canwen Xu, Teven Le Scao, Sylvain Gugger, Mariama Drame, Quentin Lhoest, and Alexander Rush. 2020. Transformers: state-of-the-art natural language processing. In Conference on Empirical Methods in Natural Language Processing: System Demonstrations. 38–45. https://doi.org/10.18653/v1/2020.emnlp-demos.6
[72]
Lei Xue, Chenxiong Qian, Hao Zhou, Xiapu Luo, Yajin Zhou, Yuru Shao, and Alvin TS Chan. 2018. NDroid: Toward tracking information flows across multiple Android contexts. IEEE Transactions on Information Forensics and Security, 14, 3 (2018), 814–828. https://doi.org/10.1109/TIFS.2018.2866347
[73]
Fabian Yamaguchi, Nico Golde, Daniel Arp, and Konrad Rieck. 2014. Modeling and discovering vulnerabilities with code property graphs. In 2014 IEEE Symposium on Security and Privacy. 590–604. https://doi.org/10.1109/SP.2014.44
[74]
Haoran Yang, Wen Li, and Haipeng Cai. 2022. Language-agnostic dynamic analysis of multilingual code: promises, pitfalls, and prospects. In ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE). 1621–1626. https://doi.org/10.1145/3540250.3560880
[75]
Haoran Yang, Weile Lian, Shaowei Wang, and Haipeng Cai. 2023. Demystifying issues, challenges, and solutions for multilingual software development. In IEEE/ACM International Conference on Software Engineering (ICSE). 1840–1852. https://doi.org/10.1109/ICSE48619.2023.00157
[76]
Haoran Yang, Yu Nong, Shaowei Wang, and Haipeng Cai. 2024. Multi-language software development: issues, challenges, and solutions. IEEE Transactions on Software Engineering, 50, 3 (2024), 512–533. https://doi.org/10.1109/TSE.2024.3358258
[77]
Dongjun Youn, Sungho Lee, and Sukyoung Ryu. 2023. Declarative static analysis for multilingual programs using CodeQL. Software: Practice and Experience, 53, 7 (2023), 1472–1495. https://doi.org/10.1002/spe.3199
[78]
Zhuo Zhang, Yan Lei, Xiaoguang Mao, Meng Yan, Ling Xu, and Xiaohong Zhang. 2021. A study of effectiveness of deep learning in locating real faults. Information and Software Technology, 131 (2021), 106486. https://doi.org/10.1016/j.infsof.2020.106486
[79]
Jie Zhou, Ganqu Cui, Shengding Hu, Zhengyan Zhang, Cheng Yang, Zhiyuan Liu, Lifeng Wang, Changcheng Li, and Maosong Sun. 2020. Graph neural networks: A review of methods and applications. AI open, 1 (2020), 57–81. https://doi.org/10.1016/j.aiopen.2021.01.001
Index Terms
- Learning to Detect and Localize Multilingual Bugs
Recommendations
Detect Related Bugs from Source Code Using Bug Information
COMPSAC '10: Proceedings of the 2010 IEEE 34th Annual Computer Software and Applications ConferenceOpen source projects often maintain open bug repositories during development and maintenance, and the reporters often point out straightly or implicitly the reasons why bugs occur when they submit them. The comments about a bug are very valuable for ...
Are Neural Bug Detectors Comparable to Software Developers on Variable Misuse Bugs?
ASE '22: Proceedings of the 37th IEEE/ACM International Conference on Automated Software EngineeringDebugging, that is, identifying and fixing bugs in software, is a central part of software development. Developers are therefore often confronted with the task of deciding whether a given code snippet contains a bug, and if yes, where. Recently, data-...
Poster: Protecting Source Code Privacy When Hunting Bugs
CCS '24: Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications SecurityWhen proving to a third party that a software system is of high quality or bug-free, a software vendor may have to reveal the source code such that the third party can use a public or their own static code analyzer to check the code. However, revealing ...
Comments
Information & Contributors
Information
Published In
July 2024
2770 pages
Copyright © 2024 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 12 July 2024
Published in PACMSE Volume 1, Issue FSE
Author Tags
Qualifiers
- Research-article
Funding Sources
- NSF (National Science Foundation)
- Office of Naval Research
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 368Total Downloads
- Downloads (Last 12 months)368
- Downloads (Last 6 weeks)91
Reflects downloads up to 31 Dec 2024
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in